Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/UgP_gLn9-yP17h4kQi18kLDUZL0.roa
File: UgP_gLn9-yP17h4kQi18kLDUZL0.roa (raw, json)
Hash identifier: TIwQD5MR8hCckhPl5zwdIJ8ObQCgKBxgxHavv7G5mO4=
Subject key identifier: 52:03:FF:80:B9:FD:FB:23:F5:EE:1E:24:42:2D:7C:90:B0:D4:64:BD
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 01894950606CA2D9E562DCFC216F628C3F33
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/UgP_gLn9-yP17h4kQi18kLDUZL0.roa
Signing time: Wed 12 Jul 2023 08:55:51 +0000
ROA not before: Wed 12 Jul 2023 08:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210619
IP address blocks: 2a0a:a501::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:50:60:6c:a2:d9:e5:62:dc:fc:21:6f:62:8c:3f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Jul 12 08:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5203ff80b9fdfb23f5ee1e24422d7c90b0d464bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f5:0e:a4:59:a5:9e:81:84:a2:ce:ca:ab:cf:
7c:d8:76:75:22:57:ec:3b:93:8b:d4:30:dc:71:c2:
7d:f4:3a:83:ed:ea:0b:28:77:b5:f2:85:3e:d6:a4:
e0:29:7c:21:5e:52:54:07:c7:6c:07:cd:e3:3e:d5:
83:78:9c:4d:55:e6:95:1d:a0:62:ef:99:d2:ff:38:
0c:df:79:81:98:d0:13:b2:9f:46:c1:32:ca:a9:1b:
13:7b:c6:d6:7d:3f:54:e7:58:09:22:6e:0f:f0:7c:
6c:02:2e:df:da:00:d5:04:71:15:f7:ee:04:a8:51:
d6:34:f9:9d:77:7f:9c:55:45:c0:60:f0:65:91:f5:
2e:75:42:3d:a1:3f:2e:71:d6:16:4c:48:c8:d2:7f:
b6:d3:10:81:5c:97:d6:42:c0:66:de:be:d7:8b:b6:
b6:77:70:e7:ae:0f:ea:bd:f5:f8:4f:e5:70:df:68:
14:69:23:c5:56:66:c1:e0:46:21:73:d1:a7:57:6d:
fc:b2:17:1f:69:f9:a4:5e:50:ad:51:fb:61:e6:0e:
84:25:70:b6:65:46:07:ce:7c:6e:af:37:99:fb:99:
35:3f:30:17:bf:19:70:20:9b:25:1c:66:51:e0:15:
cb:06:fe:22:23:59:79:82:f4:d4:3e:19:9e:78:2e:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:03:FF:80:B9:FD:FB:23:F5:EE:1E:24:42:2D:7C:90:B0:D4:64:BD
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/UgP_gLn9-yP17h4kQi18kLDUZL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:a501::/48
Signature Algorithm: sha256WithRSAEncryption
ae:9e:0e:90:1c:14:61:df:59:be:08:b7:33:63:de:99:97:52:
a1:a6:4b:60:0c:17:93:3b:c2:69:03:d9:1d:05:4f:a7:30:d1:
fb:e1:4a:5c:3b:16:da:6f:17:ca:c6:8a:bf:be:6a:5b:a3:e5:
7f:9d:6d:68:47:08:41:9d:1f:7b:2b:69:0d:1f:11:4c:a9:b5:
fb:2a:0a:1a:5a:2e:e1:31:83:a0:45:e3:5f:07:58:9a:b3:8b:
4a:e7:50:c6:42:6e:41:84:94:7b:1f:c5:38:78:22:e6:20:16:
8d:04:3e:3c:4c:69:02:db:b8:92:44:86:77:55:90:95:60:f6:
03:d6:48:42:5d:cd:6a:ae:15:d9:78:45:32:0f:07:02:a3:27:
5a:a0:e6:58:a8:a9:52:9e:18:c3:ed:23:34:8b:cf:3b:e6:96:
f6:ca:0f:70:46:3b:5f:a6:b1:e5:1e:8b:f1:f2:89:17:10:8e:
22:6d:40:9c:51:aa:e9:b2:dc:d0:6a:cc:09:e0:1a:a2:e3:7d:
17:e5:ca:e3:94:23:4e:ff:9e:9c:93:10:df:54:42:23:fc:72:
49:de:ad:88:f8:5b:bc:c3:48:a9:68:74:4b:51:56:c6:88:67:
35:17:21:3a:28:8f:61:b9:ce:ef:f7:a1:b3:cb:27:ab:a3:c5:
68:72:e2:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYlJUGBsotnlYtz8IW9ijD8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjMwNzEyMDg1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAzZmY4MGI5ZmRmYjIzZjVlZTFlMjQ0MjJkN2M5MGIwZDQ2NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/UOpFmlnoGEos7Kq8982HZ1Ilfs
O5OL1DDcccJ99DqD7eoLKHe18oU+1qTgKXwhXlJUB8dsB83jPtWDeJxNVeaVHaBi
75nS/zgM33mBmNATsp9GwTLKqRsTe8bWfT9U51gJIm4P8HxsAi7f2gDVBHEV9+4E
qFHWNPmdd3+cVUXAYPBlkfUudUI9oT8ucdYWTEjI0n+20xCBXJfWQsBm3r7Xi7a2
d3Dnrg/qvfX4T+Vw32gUaSPFVmbB4EYhc9GnV238shcfafmkXlCtUfth5g6EJXC2
ZUYHznxurzeZ+5k1PzAXvxlwIJslHGZR4BXLBv4iI1l5gvTUPhmeeC7eOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFID/4C5/fsj9e4eJEItfJCw1GS9MB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvVWdQX2dMbjkteVAxN2g0a1FpMThrTERVWkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgqlAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCung6QHBRh31m+CLczY96Zl1KhpktgDBeTO8Jp
A9kdBU+nMNH74UpcOxbabxfKxoq/vmpbo+V/nW1oRwhBnR97K2kNHxFMqbX7Kgoa
Wi7hMYOgReNfB1ias4tK51DGQm5BhJR7H8U4eCLmIBaNBD48TGkC27iSRIZ3VZCV
YPYD1khCXc1qrhXZeEUyDwcCoydaoOZYqKlSnhjD7SM0i8875pb2yg9wRjtfprHl
Hovx8okXEI4ibUCcUarpstzQaswJ4Bqi430X5crjlCNO/56ckxDfVEIj/HJJ3q2I
+Fu8w0ipaHRLUVbGiGc1FyE6KI9huc7v96Gzyyero8VocuI0
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:43 2025 by rpki-client