Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/I_NFya4UbXKUNEuAuT3rr6lShYw.roa
File: I_NFya4UbXKUNEuAuT3rr6lShYw.roa (raw, json)
Hash identifier: bHD8Eih9kutKw/aFeTNuH6E6GHZRWKa4NqEkmEdsqlc=
Subject key identifier: 23:F3:45:C9:AE:14:6D:72:94:34:4B:80:B9:3D:EB:AF:A9:52:85:8C
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 01857042828C8643C0F52BFA4037B3386F33
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/I_NFya4UbXKUNEuAuT3rr6lShYw.roa
Signing time: Mon 02 Jan 2023 02:14:44 +0000
ROA not before: Mon 02 Jan 2023 02:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42925
IP address blocks: 2a02:ed5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:82:8c:86:43:c0:f5:2b:fa:40:37:b3:38:6f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Jan 2 02:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f345c9ae146d7294344b80b93debafa952858c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:af:a7:89:a8:3d:83:83:34:60:d6:f2:a5:61:
7a:64:81:ad:60:f0:ec:9f:3c:96:d1:e2:e5:7a:f8:
dd:e3:8e:e5:41:82:2c:90:2c:27:31:52:1b:f9:19:
f8:aa:af:e2:21:19:91:a8:21:40:e6:c6:00:61:35:
b1:1a:a8:9c:59:d1:93:c3:7f:41:0d:4e:74:81:5f:
d8:32:cf:01:e1:05:6c:24:fc:aa:cb:9b:8a:2d:a3:
d4:24:ac:e9:98:3f:62:37:48:77:9e:8c:b8:29:14:
a3:57:a6:6b:21:e0:3b:34:55:8c:42:86:26:47:bc:
84:9e:7b:a5:85:5e:87:78:b0:c1:da:3c:5c:4f:11:
e7:13:0b:b8:46:5c:82:46:93:f4:d0:13:b1:7f:ae:
9c:f9:70:0c:6f:a8:2b:7d:cf:e7:ed:b4:8d:a7:0d:
15:f3:6c:98:8b:a9:41:5e:92:27:02:66:78:dc:06:
68:b6:92:16:74:bb:a6:5e:cb:6f:25:7c:f4:6d:33:
2f:86:15:60:2c:7b:a3:fb:9a:43:25:3a:7f:87:ea:
34:df:e4:57:ff:e5:c9:a3:1d:aa:f3:85:1b:2a:76:
9f:6a:ab:9f:62:98:96:12:db:bf:fa:71:64:59:06:
a9:6a:c2:a6:f3:07:48:50:5d:f0:aa:94:76:c1:2d:
c8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F3:45:C9:AE:14:6D:72:94:34:4B:80:B9:3D:EB:AF:A9:52:85:8C
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/I_NFya4UbXKUNEuAuT3rr6lShYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ed5::/32
Signature Algorithm: sha256WithRSAEncryption
bb:5b:99:23:50:9f:39:78:3a:d8:a7:ca:f2:0b:9a:0f:b5:43:
d6:6e:eb:5d:5f:93:a5:cb:c8:e0:d9:0f:a8:e6:59:8b:96:44:
da:76:99:b0:22:09:75:71:df:cd:12:34:9b:f7:0c:43:40:58:
4b:86:2b:d0:be:e7:11:3c:f9:54:69:10:3a:b4:d5:ca:b7:55:
e0:a0:81:fc:65:64:c6:f7:8d:e9:da:50:80:0d:97:6d:09:6d:
7f:5c:a1:17:fa:a6:c2:ca:0a:82:4d:25:65:75:d0:31:57:9e:
99:0d:d7:07:80:33:9a:3d:ed:ea:30:2b:7d:20:9c:62:fc:c3:
07:88:2d:33:ff:d3:96:14:66:a0:8c:72:37:a0:f2:c2:c4:fb:
53:66:33:82:74:79:4f:27:05:34:b6:d4:e0:8f:a1:40:bf:7f:
d5:a7:ac:4e:02:b8:91:77:7f:e2:36:e8:27:79:db:da:f9:c6:
0b:4a:65:2a:b1:10:e3:eb:82:d7:16:dc:69:01:65:bc:db:e3:
d0:d0:04:cb:1a:3a:c6:9e:d4:c5:1a:cf:6d:d6:d7:78:31:6b:
30:7b:b2:70:7f:03:38:16:18:74:90:15:6c:46:2d:90:93:04:
c1:29:37:bb:75:93:4f:f5:e8:c9:ce:44:0f:94:ee:71:99:c6:
91:08:bc:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwQoKMhkPA9Sv6QDezOG8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2YzNDVjOWFlMTQ2ZDcyOTQzNDRiODBiOTNkZWJhZmE5NTI4NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa+niag9g4M0YNbypWF6ZIGtYPDs
nzyW0eLlevjd447lQYIskCwnMVIb+Rn4qq/iIRmRqCFA5sYAYTWxGqicWdGTw39B
DU50gV/YMs8B4QVsJPyqy5uKLaPUJKzpmD9iN0h3noy4KRSjV6ZrIeA7NFWMQoYm
R7yEnnulhV6HeLDB2jxcTxHnEwu4RlyCRpP00BOxf66c+XAMb6grfc/n7bSNpw0V
82yYi6lBXpInAmZ43AZotpIWdLumXstvJXz0bTMvhhVgLHuj+5pDJTp/h+o03+RX
/+XJox2q84UbKnafaqufYpiWEtu/+nFkWQapasKm8wdIUF3wqpR2wS3IHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCPzRcmuFG1ylDRLgLk966+pUoWMMB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvSV9ORnlhNFViWEtVTkV1QXVUM3JyNmxTaFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIO1TAN
BgkqhkiG9w0BAQsFAAOCAQEAu1uZI1CfOXg62KfK8guaD7VD1m7rXV+TpcvI4NkP
qOZZi5ZE2naZsCIJdXHfzRI0m/cMQ0BYS4Yr0L7nETz5VGkQOrTVyrdV4KCB/GVk
xveN6dpQgA2XbQltf1yhF/qmwsoKgk0lZXXQMVeemQ3XB4Azmj3t6jArfSCcYvzD
B4gtM//TlhRmoIxyN6DywsT7U2YzgnR5TycFNLbU4I+hQL9/1aesTgK4kXd/4jbo
J3nb2vnGC0plKrEQ4+uC1xbcaQFlvNvj0NAEyxo6xp7UxRrPbdbXeDFrMHuycH8D
OBYYdJAVbEYtkJMEwSk3u3WTT/Xoyc5ED5TucZnGkQi89A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:50:31 2025 by rpki-client