Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/DWv9z2pfci4jBfBPAcbDpWhRItM.roa
File: DWv9z2pfci4jBfBPAcbDpWhRItM.roa (raw, json)
Hash identifier: xN3PvBD3mWZahdPW5oyT7wqke/dbujsQQtn59fg97JA=
Subject key identifier: 0D:6B:FD:CF:6A:5F:72:2E:23:05:F0:4F:01:C6:C3:A5:68:51:22:D3
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 0C78EFCC
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/DWv9z2pfci4jBfBPAcbDpWhRItM.roa
Signing time: Sat 01 Jan 2022 15:55:37 +0000
ROA not before: Sat 01 Jan 2022 15:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57621
IP address blocks: 2a05:100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209252300 (0xc78efcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Jan 1 15:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d6bfdcf6a5f722e2305f04f01c6c3a5685122d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d8:12:9b:b1:49:2a:66:82:26:c6:00:15:40:
06:97:95:c4:b5:0e:7a:a9:b6:37:09:ba:a4:d8:75:
ee:9c:14:1c:0f:6d:6e:48:7b:65:64:24:f4:11:27:
90:01:78:72:31:7a:6f:cb:bc:51:f5:92:36:fe:46:
2f:73:2d:d5:76:59:af:ed:83:09:30:10:93:0b:8e:
3d:03:e5:9e:c7:94:0b:61:4f:13:a1:05:03:58:ec:
2c:c5:30:62:61:a3:aa:f2:30:ef:3a:95:05:bf:6e:
d0:5e:0b:fa:cf:a6:eb:8a:a6:d7:cd:d7:dc:38:ba:
db:e2:ee:c0:aa:db:20:3c:56:d3:e2:41:ea:03:4e:
e7:ce:51:71:55:b2:04:10:52:1c:44:3a:03:f9:27:
a9:13:d2:10:7a:5b:18:4c:e4:25:3e:89:12:2a:73:
78:f2:01:c9:2f:ff:8a:e4:f5:cb:40:c6:f1:4c:44:
65:66:2b:7d:6f:a4:ea:45:94:bf:18:f6:0c:8a:d5:
b1:cc:eb:66:fd:7c:3b:3b:33:37:91:0c:11:43:e4:
92:96:92:05:fe:a8:ff:7f:bd:98:bb:2a:8e:9d:64:
32:29:e6:67:54:92:40:ad:dd:69:15:c6:35:f0:03:
80:7e:af:20:c2:b4:fd:76:b0:05:68:3d:6c:9d:d3:
94:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6B:FD:CF:6A:5F:72:2E:23:05:F0:4F:01:C6:C3:A5:68:51:22:D3
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/DWv9z2pfci4jBfBPAcbDpWhRItM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:100::/29
Signature Algorithm: sha256WithRSAEncryption
0b:ba:26:b4:1b:ac:f5:34:7e:92:da:70:72:e5:08:ec:f4:5f:
3e:99:18:96:12:8d:d7:2a:e8:03:15:d4:e5:9c:f5:d5:f4:ee:
bf:83:ae:0e:24:79:78:7a:74:ec:86:6a:20:36:5a:fa:d6:ba:
67:44:be:27:3e:7f:c5:0e:b2:5d:a9:6a:40:03:de:be:a3:6e:
3c:ac:7d:2e:7f:16:7f:5d:63:2d:a7:1a:12:5b:04:7c:69:98:
e0:de:84:84:a5:f7:e4:19:e3:73:34:d5:10:fd:d3:5f:b1:32:
8f:85:bc:d8:06:09:b9:bd:55:1e:ea:f3:12:b1:ce:85:6d:8b:
b0:83:39:44:c2:66:73:99:7d:ad:07:f4:d3:65:85:04:20:20:
96:71:2c:75:81:76:a4:ab:ca:aa:54:f5:44:b2:13:81:9e:8b:
1d:17:d9:80:ff:4a:83:22:45:d9:c6:7b:bd:08:17:90:b8:f5:
73:a2:dd:67:74:21:7d:38:5f:66:65:7a:ea:52:1f:c3:73:77:
d3:5b:f8:cd:a9:87:c8:9d:42:80:c3:12:ab:a8:26:a0:c4:76:
0a:a4:80:36:ea:09:5c:11:f4:9e:8f:e8:0f:e6:3c:39:d4:15:
44:d4:cb:9a:27:fa:16:ab:e8:e4:1f:23:d7:12:ff:03:c9:e4:
c2:6e:9e:99
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDHjvzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODIwM2EwYzA0YjgxZmUxNzY2ZmE0MWJkMzFiNzNiNTg4MTg4YWM3MB4XDTIyMDEw
MTE1NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ2YmZkY2Y2YTVm
NzIyZTIzMDVmMDRmMDFjNmMzYTU2ODUxMjJkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHYEpuxSSpmgibGABVABpeVxLUOeqm2Nwm6pNh17pwUHA9t
bkh7ZWQk9BEnkAF4cjF6b8u8UfWSNv5GL3Mt1XZZr+2DCTAQkwuOPQPlnseUC2FP
E6EFA1jsLMUwYmGjqvIw7zqVBb9u0F4L+s+m64qm183X3Di62+LuwKrbIDxW0+JB
6gNO585RcVWyBBBSHEQ6A/knqRPSEHpbGEzkJT6JEipzePIByS//iuT1y0DG8UxE
ZWYrfW+k6kWUvxj2DIrVsczrZv18OzszN5EMEUPkkpaSBf6o/3+9mLsqjp1kMinm
Z1SSQK3daRXGNfADgH6vIMK0/XawBWg9bJ3TlFMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQNa/3Pal9yLiMF8E8BxsOlaFEi0zAfBgNVHSMEGDAWgBT4IDoMBLgf4XZv
pBvTG3O1iBiKxzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzViL2UxNGNhMy1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcv
MS9EV3Y5ejJwZmNpNGpCZkJQQWNiRHBXaFJJdE0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVi
L2UxNGNhMy1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcvMS8xLUNBNkRBUzRI
LUYyYjZRYjB4dHp0WWdZaXNjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUBADANBgkqhkiG9w0BAQsF
AAOCAQEAC7omtBus9TR+ktpwcuUI7PRfPpkYlhKN1yroAxXU5Zz11fTuv4OuDiR5
eHp07IZqIDZa+ta6Z0S+Jz5/xQ6yXalqQAPevqNuPKx9Ln8Wf11jLacaElsEfGmY
4N6EhKX35BnjczTVEP3TX7Eyj4W82AYJub1VHurzErHOhW2LsIM5RMJmc5l9rQf0
02WFBCAglnEsdYF2pKvKqlT1RLITgZ6LHRfZgP9KgyJF2cZ7vQgXkLj1c6LdZ3Qh
fThfZmV66lIfw3N301v4zamHyJ1CgMMSq6gmoMR2CqSANuoJXBH0no/oD+Y8OdQV
RNTLmif6Fqvo5B8j1xL/A8nkwm6emQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:19 2025 by rpki-client