Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/sNsN3Q8YsQxGcS835P47P48wXZU.roa
File: sNsN3Q8YsQxGcS835P47P48wXZU.roa (raw, json)
Hash identifier: BJjVVvYHE7XRk0bbixbCY46GIBVVnSEwY2CANo1L/W4=
Subject key identifier: B0:DB:0D:DD:0F:18:B1:0C:46:71:2F:37:E4:FE:3B:3F:8F:30:5D:95
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 0810643D
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/sNsN3Q8YsQxGcS835P47P48wXZU.roa
Signing time: Sat 01 Jan 2022 13:01:20 +0000
ROA not before: Sat 01 Jan 2022 13:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57712
IP address blocks: 2a00:f440:c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135291965 (0x810643d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 13:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0db0ddd0f18b10c46712f37e4fe3b3f8f305d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:45:b4:dd:27:36:b8:ae:f2:91:ee:2f:41:8b:
27:11:ed:70:5a:78:e3:47:f8:76:1c:03:84:64:98:
86:04:32:e2:14:bf:26:98:46:70:e3:90:c5:33:96:
22:43:2e:c0:8c:66:af:e9:70:1e:03:35:35:00:ce:
e3:05:6c:20:9f:c8:08:db:54:1d:ba:2a:af:61:17:
3d:a1:62:05:e7:c3:9d:ff:6f:c4:03:13:f3:c7:6f:
9e:9a:f3:5d:56:0a:77:b2:2e:55:87:4d:1e:97:21:
35:d0:a9:59:80:19:5e:3a:bf:f0:20:b8:4f:52:fe:
7f:14:22:f5:ff:b6:4c:70:e5:6d:79:b5:07:06:a9:
e3:b5:ad:1f:f6:f8:7e:c4:68:0d:25:a9:75:75:3e:
ab:d1:62:48:8b:7e:5e:20:d3:49:eb:cb:02:39:de:
14:fa:36:f3:ea:33:3f:90:b8:15:f1:1a:5c:96:a2:
af:64:45:75:c2:15:95:14:5f:16:70:54:a5:31:8a:
12:0f:43:aa:5e:c8:1a:cf:08:34:d3:b5:5a:f1:11:
ec:a8:fc:ff:76:67:d0:36:05:37:84:9a:ed:b1:af:
fe:42:c9:56:66:ea:36:92:6b:60:52:8a:6f:62:11:
bb:9a:6c:a6:a8:67:cc:71:42:7e:4a:19:ec:dc:e3:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DB:0D:DD:0F:18:B1:0C:46:71:2F:37:E4:FE:3B:3F:8F:30:5D:95
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/sNsN3Q8YsQxGcS835P47P48wXZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f440:c::/48
Signature Algorithm: sha256WithRSAEncryption
90:76:8d:96:73:3e:82:ee:29:79:62:44:6f:9a:23:cc:cf:89:
5b:6f:21:e7:a9:d1:45:2f:de:06:6b:36:3a:c5:98:f1:9c:39:
81:ac:6e:92:73:ae:9b:40:36:f0:9d:57:2d:33:52:79:91:33:
d0:88:b1:0a:3d:6e:90:6c:43:bb:c3:90:a5:47:73:07:c6:da:
8f:3d:66:6d:f7:9d:e3:b8:8c:08:1e:fb:28:5c:c8:8e:de:15:
a1:7f:3d:f6:53:05:13:34:91:fd:19:6b:94:5d:f3:d8:28:63:
98:24:01:fa:7d:35:e2:06:27:ba:08:1d:62:9d:b5:1d:f8:4d:
dc:fc:49:84:a3:d2:46:8e:48:ca:5e:78:15:ce:7f:3c:87:53:
e4:d8:39:dc:09:2a:a9:3f:bf:eb:89:b8:b5:a2:0c:7f:ee:c3:
87:6d:3f:a1:20:26:16:d1:95:6d:f1:0a:19:7d:47:f7:70:c8:
ac:12:db:b5:ed:b8:4f:1b:76:b0:d0:2a:dd:c7:ce:ab:92:49:
b1:86:c4:32:2b:4b:8d:1a:2a:d4:a2:79:5d:87:5e:e3:aa:9f:
51:26:67:a9:ff:c2:ec:f5:79:74:f0:47:97:3e:fc:02:64:00:
44:7a:dc:2a:db:10:9d:7a:5d:a3:be:99:aa:2f:94:69:52:71:
69:35:43:43
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECBBkPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODkxYzQ0ODg2OTllNmQwMjRlMzljYzRkNjFlZWVhYmQzODAxMGZhMB4XDTIyMDEw
MTEzMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBkYjBkZGQwZjE4
YjEwYzQ2NzEyZjM3ZTRmZTNiM2Y4ZjMwNWQ5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9FtN0nNriu8pHuL0GLJxHtcFp440f4dhwDhGSYhgQy4hS/
JphGcOOQxTOWIkMuwIxmr+lwHgM1NQDO4wVsIJ/ICNtUHboqr2EXPaFiBefDnf9v
xAMT88dvnprzXVYKd7IuVYdNHpchNdCpWYAZXjq/8CC4T1L+fxQi9f+2THDlbXm1
Bwap47WtH/b4fsRoDSWpdXU+q9FiSIt+XiDTSevLAjneFPo28+ozP5C4FfEaXJai
r2RFdcIVlRRfFnBUpTGKEg9Dql7IGs8INNO1WvER7Kj8/3Zn0DYFN4Sa7bGv/kLJ
VmbqNpJrYFKKb2IRu5pspqhnzHFCfkoZ7NzjpHUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSw2w3dDxixDEZxLzfk/js/jzBdlTAfBgNVHSMEGDAWgBSYkcRIhpnm0CTj
nMTWHu6r04AQ+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21KSEVTSWFaNXRBazQ1ekUxaDd1cTlPQUVQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8x
L3NOc04zUThZc1F4R2NTODM1UDQ3UDQ4d1haVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8xL21KSEVTSWFaNXRB
azQ1ekUxaDd1cTlPQUVQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA9EAADDANBgkqhkiG9w0BAQsF
AAOCAQEAkHaNlnM+gu4peWJEb5ojzM+JW28h56nRRS/eBms2OsWY8Zw5gaxuknOu
m0A28J1XLTNSeZEz0IixCj1ukGxDu8OQpUdzB8bajz1mbfed47iMCB77KFzIjt4V
oX899lMFEzSR/RlrlF3z2ChjmCQB+n014gYnuggdYp21HfhN3PxJhKPSRo5Iyl54
Fc5/PIdT5Ng53AkqqT+/64m4taIMf+7Dh20/oSAmFtGVbfEKGX1H93DIrBLbte24
Txt2sNAq3cfOq5JJsYbEMitLjRoq1KJ5XYde46qfUSZnqf/C7PV5dPBHlz78AmQA
RHrcKtsQnXpdo76Zqi+UaVJxaTVDQw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:21:38 2025 by rpki-client