Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/tWuHcAiGyEsTkgw5auLWbHTPcjM.roa
File: tWuHcAiGyEsTkgw5auLWbHTPcjM.roa (raw, json)
Hash identifier: gdsv8Ytq6ttCSGcKclx917SaGjCw1N4tPDfJqMB+xhA=
Subject key identifier: B5:6B:87:70:08:86:C8:4B:13:92:0C:39:6A:E2:D6:6C:74:CF:72:33
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018410C49EEABBAE14B307AA0355E7E87D2D
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/tWuHcAiGyEsTkgw5auLWbHTPcjM.roa
Signing time: Tue 25 Oct 2022 20:10:31 +0000
ROA not before: Tue 25 Oct 2022 20:10:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60998
IP address blocks: 2a0f:4440:aaaa::/48 maxlen: 48
2a0f:4440:abcd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:c4:9e:ea:bb:ae:14:b3:07:aa:03:55:e7:e8:7d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Oct 25 20:10:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b56b87700886c84b13920c396ae2d66c74cf7233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:f2:cc:79:d3:51:d6:fe:e8:43:2f:6c:60:
0c:fa:0b:02:33:3a:88:25:e6:39:ec:b7:5a:55:2d:
fd:75:55:8e:35:5f:ac:9d:07:34:42:63:04:e1:1c:
7a:c8:1e:35:94:9f:e1:36:07:f0:07:84:5f:69:23:
75:a2:da:f4:e8:4e:94:a5:a8:7f:b7:b8:6d:7b:ba:
8e:1c:13:2b:35:34:7c:ce:0f:39:de:8e:9b:d5:c3:
25:4d:0e:4e:f5:ad:b0:14:77:cb:7d:d9:eb:51:0e:
69:0e:99:29:14:49:52:09:a6:8c:cb:96:d9:bc:4c:
8d:0d:66:ea:87:75:2f:4c:27:d5:3b:16:ec:92:f4:
9c:01:71:dd:f2:2d:58:12:40:e9:51:56:63:19:b6:
f9:ab:5c:37:f9:53:b6:8a:7b:78:78:ec:98:8c:13:
a4:3f:d4:56:e0:f6:5b:74:ad:0a:82:5e:d2:e1:2e:
7a:e4:4c:20:19:3f:41:2a:32:cb:3d:44:94:cd:64:
fa:96:25:5a:da:08:d5:0f:59:a1:4c:dd:21:2f:65:
30:9e:23:89:c3:d7:2f:d2:7a:9f:c7:0c:75:be:08:
66:d7:58:cd:0b:3f:b1:d0:d9:fa:00:18:a7:4d:ee:
1c:45:93:e7:03:ec:b9:52:37:b6:b0:b9:37:c6:41:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6B:87:70:08:86:C8:4B:13:92:0C:39:6A:E2:D6:6C:74:CF:72:33
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/tWuHcAiGyEsTkgw5auLWbHTPcjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4440:aaaa::/48
2a0f:4440:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
5c:33:48:30:d1:8f:5d:9e:90:c1:a2:5d:80:cf:0d:52:ae:26:
5e:e3:ae:33:14:92:3b:55:7a:02:31:4e:db:57:0e:4b:2d:7a:
99:f0:cf:e0:80:3a:a1:de:74:89:c2:c8:54:88:ed:89:4d:58:
8e:73:f7:b4:14:14:c8:3a:81:6e:69:aa:93:20:a2:e1:9d:11:
d3:f3:f1:c7:e4:87:71:66:99:e7:99:fe:3d:fb:6f:84:3b:c8:
e2:b3:3d:94:60:b7:64:f3:af:4b:0a:89:ce:39:df:1f:ec:fc:
ef:fb:8c:92:5b:41:6e:3c:d0:4b:c8:fb:54:82:3e:c7:9e:64:
99:18:68:2f:e1:2c:b8:bf:ba:b4:7b:a0:fa:9a:7e:e3:ce:14:
9f:2c:81:18:4a:ee:aa:18:7c:13:65:11:2a:64:3f:54:0f:8b:
17:77:90:bf:fe:3e:aa:1e:d1:53:7f:3c:3b:24:02:9c:d9:a5:
c0:b8:f2:80:69:0f:62:f1:19:09:71:bc:d8:29:2f:f4:d2:ba:
b7:21:6f:75:92:42:0b:89:32:51:2b:ee:ff:53:8f:90:53:f0:
cc:db:4d:ff:3e:fd:c2:1e:98:93:f1:6f:f8:fa:ca:b3:67:ad:
04:ef:22:97:f6:4e:3a:86:c5:2f:b9:41:82:43:72:dc:83:d5:
03:f3:77:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQQxJ7qu64UsweqA1Xn6H0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjIxMDI1MjAxMDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZiODc3MDA4ODZjODRiMTM5MjBjMzk2YWUyZDY2Yzc0Y2Y3MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQPyzHnTUdb+6EMvbGAM+gsCMzqI
JeY57LdaVS39dVWONV+snQc0QmME4Rx6yB41lJ/hNgfwB4RfaSN1otr06E6Upah/
t7hte7qOHBMrNTR8zg853o6b1cMlTQ5O9a2wFHfLfdnrUQ5pDpkpFElSCaaMy5bZ
vEyNDWbqh3UvTCfVOxbskvScAXHd8i1YEkDpUVZjGbb5q1w3+VO2int4eOyYjBOk
P9RW4PZbdK0Kgl7S4S565EwgGT9BKjLLPUSUzWT6liVa2gjVD1mhTN0hL2UwniOJ
w9cv0nqfxwx1vghm11jNCz+x0Nn6ABinTe4cRZPnA+y5Uje2sLk3xkGAbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVrh3AIhshLE5IMOWri1mx0z3IzMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvdFd1SGNBaUd5RXNUa2d3NWF1TFdiSFRQY2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9EQKqq
AwcAKg9EQKvNMA0GCSqGSIb3DQEBCwUAA4IBAQBcM0gw0Y9dnpDBol2Azw1SriZe
464zFJI7VXoCMU7bVw5LLXqZ8M/ggDqh3nSJwshUiO2JTViOc/e0FBTIOoFuaaqT
IKLhnRHT8/HH5IdxZpnnmf49+2+EO8jisz2UYLdk869LConOOd8f7Pzv+4ySW0Fu
PNBLyPtUgj7HnmSZGGgv4Sy4v7q0e6D6mn7jzhSfLIEYSu6qGHwTZREqZD9UD4sX
d5C//j6qHtFTfzw7JAKc2aXAuPKAaQ9i8RkJcbzYKS/00rq3IW91kkILiTJRK+7/
U4+QU/DM203/Pv3CHpiT8W/4+sqzZ60E7yKX9k46hsUvuUGCQ3Lcg9UD83eN
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:39 2025 by rpki-client