Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/0locWfTzu9E2-nqtIvoKnyV8cm4.roa
File: 0locWfTzu9E2-nqtIvoKnyV8cm4.roa (raw, json)
Hash identifier: ePOa3lwFnSF2wx2lHfVaKbEbkuW1t2QUSHojys7O23o=
Subject key identifier: D2:5A:1C:59:F4:F3:BB:D1:36:FA:7A:AD:22:FA:0A:9F:25:7C:72:6E
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 0F22DAC1
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/0locWfTzu9E2-nqtIvoKnyV8cm4.roa
Signing time: Sat 01 Jan 2022 12:57:31 +0000
ROA not before: Sat 01 Jan 2022 12:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 2a07:291b::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253942465 (0xf22dac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d25a1c59f4f3bbd136fa7aad22fa0a9f257c726e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:27:19:e9:a0:7e:10:39:2a:71:49:cd:b0:40:
46:a6:f3:80:b7:c1:49:5f:0e:15:7c:85:43:e8:50:
44:b1:c3:9e:97:2a:aa:80:ea:4a:dc:62:54:ed:76:
b8:13:91:cd:22:c5:2e:a2:08:d7:bc:1f:12:5d:01:
cd:98:69:0e:17:40:6e:59:53:54:ed:cd:28:96:c4:
20:a8:68:d9:42:83:93:fd:0c:85:1d:19:8f:e9:ef:
41:7b:bd:75:e5:c4:26:30:23:96:d3:7c:49:ad:bf:
a4:d5:f0:14:bc:b3:ed:9b:1e:67:18:e5:49:50:d2:
ad:36:a9:5e:2c:78:1c:3f:da:50:47:de:d3:a7:ce:
cc:63:9b:02:6e:5f:9e:98:bc:9f:ce:40:a2:31:02:
f1:a8:5b:28:19:fe:0e:0b:29:9e:f3:d6:dc:18:9a:
a6:dd:f6:41:09:db:f4:40:ab:4e:c3:14:dc:27:94:
64:50:24:3b:65:ea:e7:1c:9b:dd:56:f8:18:ec:a8:
62:e3:f6:6a:71:67:4f:01:b5:10:bb:b6:02:13:5e:
69:2d:be:39:aa:67:9d:8e:e8:6d:f6:05:6b:6d:5d:
a8:27:85:7e:8c:a2:73:52:41:cb:52:42:74:b5:0a:
37:a8:ca:25:e8:f3:12:4b:b8:3e:9c:6f:66:4b:55:
5e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5A:1C:59:F4:F3:BB:D1:36:FA:7A:AD:22:FA:0A:9F:25:7C:72:6E
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/0locWfTzu9E2-nqtIvoKnyV8cm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:291b::/32
Signature Algorithm: sha256WithRSAEncryption
60:5e:c3:43:da:20:a1:e1:48:85:e2:52:1c:19:51:7f:a5:44:
d2:f2:82:08:b2:73:7c:d5:8d:b4:23:9f:e1:28:89:15:c7:d0:
8d:93:7b:57:20:59:d8:62:70:2f:71:da:2e:11:26:5f:60:54:
fb:01:16:c4:65:79:0c:6f:49:e8:a4:f6:54:47:38:6d:10:04:
6f:ae:86:65:2a:df:91:17:1e:6c:b1:cb:99:b5:85:7e:da:ae:
78:24:03:c8:e1:fd:31:73:63:66:11:e3:3f:05:6a:d0:0f:c1:
01:ad:78:80:ce:50:24:e6:49:30:a8:50:23:a9:c4:3a:05:a6:
7e:72:e0:fc:b0:09:c0:a7:f1:20:ad:31:73:3d:9a:0e:ac:84:
90:d4:63:b6:95:87:d3:93:21:7d:0b:1f:d0:26:2e:80:e4:22:
09:1d:5e:11:a1:50:24:aa:6f:d6:12:56:44:b9:5d:97:92:ad:
fd:0d:e8:1d:c5:27:38:cf:db:c2:5a:2e:3f:34:eb:48:bd:1b:
e5:d2:ff:b3:02:53:d1:a2:fb:12:d9:c8:28:f3:d5:46:a1:1e:
6a:86:00:65:cb:11:3c:8f:0b:13:b4:ae:f2:d4:4c:11:3b:31:
07:8e:4f:62:de:63:85:26:fd:b7:9e:ff:ff:74:7c:10:bb:46:
6a:b5:07:bb
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDyLawTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDVjNjgzY2IxZWI5YzBmNDliOTY3ZTNiZDliOGI4NGNmMDk5YmI4MB4XDTIyMDEw
MTEyNTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI1YTFjNTlmNGYz
YmJkMTM2ZmE3YWFkMjJmYTBhOWYyNTdjNzI2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwnGemgfhA5KnFJzbBARqbzgLfBSV8OFXyFQ+hQRLHDnpcq
qoDqStxiVO12uBORzSLFLqII17wfEl0BzZhpDhdAbllTVO3NKJbEIKho2UKDk/0M
hR0Zj+nvQXu9deXEJjAjltN8Sa2/pNXwFLyz7ZseZxjlSVDSrTapXix4HD/aUEfe
06fOzGObAm5fnpi8n85AojEC8ahbKBn+DgspnvPW3Biapt32QQnb9ECrTsMU3CeU
ZFAkO2Xq5xyb3Vb4GOyoYuP2anFnTwG1ELu2AhNeaS2+OapnnY7obfYFa21dqCeF
foyic1JBy1JCdLUKN6jKJejzEku4PpxvZktVXoMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTSWhxZ9PO70Tb6eq0i+gqfJXxybjAfBgNVHSMEGDAWgBTEXGg8seucD0m5
Z+O9m4uEzwmbuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGeG9QTEhybkE5SnVXZmp2WnVMaE04Sm03Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8x
LzBsb2NXZlR6dTlFMi1ucXRJdm9LbnlWOGNtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8xL3hGeG9QTEhybkE5
SnVXZmp2WnVMaE04Sm03Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHKRswDQYJKoZIhvcNAQELBQAD
ggEBAGBew0PaIKHhSIXiUhwZUX+lRNLyggiyc3zVjbQjn+EoiRXH0I2Te1cgWdhi
cC9x2i4RJl9gVPsBFsRleQxvSeik9lRHOG0QBG+uhmUq35EXHmyxy5m1hX7arngk
A8jh/TFzY2YR4z8FatAPwQGteIDOUCTmSTCoUCOpxDoFpn5y4PywCcCn8SCtMXM9
mg6shJDUY7aVh9OTIX0LH9AmLoDkIgkdXhGhUCSqb9YSVkS5XZeSrf0N6B3FJzjP
28JaLj8060i9G+XS/7MCU9Gi+xLZyCjz1UahHmqGAGXLETyPCxO0rvLUTBE7MQeO
T2LeY4Um/bee//90fBC7Rmq1B7s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:05 2025 by rpki-client