Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/uaFOoGRCYewvXW_wZzh6NakbtyY.roa
File: uaFOoGRCYewvXW_wZzh6NakbtyY.roa (raw, json)
Hash identifier: d2clpjkAGr6DEB3w909PaHnH4as2Lk+PKacS8jwPyBo=
Subject key identifier: B9:A1:4E:A0:64:42:61:EC:2F:5D:6F:F0:67:38:7A:35:A9:1B:B7:26
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 2D9A841A
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/uaFOoGRCYewvXW_wZzh6NakbtyY.roa
Signing time: Sat 01 Jan 2022 04:59:20 +0000
ROA not before: Sat 01 Jan 2022 04:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29063
IP address blocks: 2a01:8180:3000::/36 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 765101082 (0x2d9a841a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 04:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9a14ea0644261ec2f5d6ff067387a35a91bb726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6e:79:12:cf:25:00:2a:fc:da:a3:91:36:44:
ea:d7:9f:b2:68:7d:3e:ca:56:50:e7:4d:cb:4f:c7:
58:18:72:52:84:e3:9f:f3:de:47:7b:82:2d:73:8c:
7c:95:7a:28:16:50:2d:c0:8a:1f:2e:57:71:7f:2b:
ac:30:0e:f9:ab:9d:39:5f:b8:3d:bb:1e:f0:f6:6a:
d1:59:67:af:d1:41:a0:4d:6d:37:38:f2:0b:4c:ad:
9a:2b:2b:67:8d:c7:91:f9:c7:75:44:a1:62:87:90:
13:e3:bb:8a:73:40:67:28:b3:12:7d:22:e3:14:11:
a4:65:b4:58:53:9a:11:11:fc:8c:77:23:a6:92:c1:
5a:ad:d4:51:2b:8e:c5:eb:d9:70:9f:68:81:82:3d:
25:f4:38:71:cf:b9:4c:48:5e:df:7d:21:e6:6b:56:
9a:c1:89:2b:0b:ce:5a:12:50:9a:b9:fc:61:bb:aa:
04:7a:26:99:27:5d:c5:27:b6:ea:ce:41:46:78:88:
22:1f:dd:73:06:9a:fa:c0:68:61:88:de:a3:ea:ed:
29:ee:15:cb:16:bd:28:f6:8c:94:e7:f2:9d:1b:c3:
d3:cf:1c:f9:fc:d2:8f:5a:87:0e:d7:e9:8b:eb:8b:
c3:e4:35:b0:08:b1:71:86:9b:7c:7e:35:f1:fa:fe:
87:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A1:4E:A0:64:42:61:EC:2F:5D:6F:F0:67:38:7A:35:A9:1B:B7:26
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/uaFOoGRCYewvXW_wZzh6NakbtyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8180:3000::/36
Signature Algorithm: sha256WithRSAEncryption
63:fe:05:0c:3d:b5:23:3a:75:95:81:f5:34:ca:8a:90:32:ec:
37:41:bd:72:0c:b1:54:66:a0:99:8c:4e:38:21:bb:87:6a:dd:
b6:b1:1a:a5:16:02:95:07:52:b5:22:0b:3b:05:c8:6f:c7:e1:
e1:2e:b4:59:3f:82:c6:26:2e:bb:3c:4a:6e:fe:8a:b9:cd:58:
72:28:6b:20:7c:2d:11:fa:2d:1e:54:41:9b:e2:e7:82:dd:3b:
7c:a4:33:b5:50:ea:d0:3e:d1:81:29:95:8e:5a:99:24:29:54:
60:9f:28:28:dc:5d:39:9e:ee:f4:e6:69:f8:d0:3f:ea:f3:52:
4e:96:5d:d7:28:af:fe:5a:3b:d6:15:9c:2b:32:0c:6d:fd:02:
85:01:d8:ad:ac:c7:c7:d8:fd:4a:7d:db:4c:57:46:b4:e5:a5:
60:5b:4d:b9:db:6d:f6:36:72:b1:50:e2:ad:70:12:8b:16:14:
64:9c:24:db:15:f8:bd:06:94:f9:60:19:0d:04:ab:13:d3:0f:
04:fb:af:63:3a:23:37:2f:d1:ae:9b:77:67:e2:a3:0a:5d:35:
cd:3e:d0:35:88:54:8e:c3:a4:c3:b3:08:fa:b7:35:9b:f7:ec:
a7:98:af:62:45:7d:34:25:36:f3:81:ee:dd:0b:c3:7a:56:d1:
8b:6b:b5:5a
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIELZqEGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDVkZTQ5MGZmODc0ZTk2ODljZWNmNzI2Y2JiNGUyZjUxZjZjNzMxMB4XDTIyMDEw
MTA0NTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjlhMTRlYTA2NDQy
NjFlYzJmNWQ2ZmYwNjczODdhMzVhOTFiYjcyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFueRLPJQAq/NqjkTZE6tefsmh9PspWUOdNy0/HWBhyUoTj
n/PeR3uCLXOMfJV6KBZQLcCKHy5XcX8rrDAO+audOV+4Pbse8PZq0Vlnr9FBoE1t
NzjyC0ytmisrZ43HkfnHdUShYoeQE+O7inNAZyizEn0i4xQRpGW0WFOaERH8jHcj
ppLBWq3UUSuOxevZcJ9ogYI9JfQ4cc+5TEhe330h5mtWmsGJKwvOWhJQmrn8Ybuq
BHommSddxSe26s5BRniIIh/dcwaa+sBoYYjeo+rtKe4Vyxa9KPaMlOfynRvD088c
+fzSj1qHDtfpi+uLw+Q1sAixcYabfH418fr+h10CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBS5oU6gZEJh7C9db/BnOHo1qRu3JjAfBgNVHSMEGDAWgBSdXeSQ/4dOlonO
z3Jsu04vUfbHMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25WM2trUC1IVHBhSnpzOXliTHRPTDFIMnh6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8x
L3VhRk9vR1JDWWV3dlhXX3daemg2TmFrYnR5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8xL25WM2trUC1IVHBh
SnpzOXliTHRPTDFIMnh6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBgYAwMA0GCSqGSIb3DQEBCwUA
A4IBAQBj/gUMPbUjOnWVgfU0yoqQMuw3Qb1yDLFUZqCZjE44IbuHat22sRqlFgKV
B1K1Igs7Bchvx+HhLrRZP4LGJi67PEpu/oq5zVhyKGsgfC0R+i0eVEGb4ueC3Tt8
pDO1UOrQPtGBKZWOWpkkKVRgnygo3F05nu705mn40D/q81JOll3XKK/+WjvWFZwr
Mgxt/QKFAditrMfH2P1KfdtMV0a05aVgW0252232NnKxUOKtcBKLFhRknCTbFfi9
BpT5YBkNBKsT0w8E+69jOiM3L9Gum3dn4qMKXTXNPtA1iFSOw6TDswj6tzWb9+yn
mK9iRX00JTbzge7dC8N6VtGLa7Va
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:43 2025 by rpki-client