Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/cRpgCVcPVfKzBTHpEormiTx3F4E.roa
File: cRpgCVcPVfKzBTHpEormiTx3F4E.roa (raw, json)
Hash identifier: 9O9pjvPgCXth++84nxwPWiCCuSOLhBbzSzDndI8eQsE=
Subject key identifier: 71:1A:60:09:57:0F:55:F2:B3:05:31:E9:12:8A:E6:89:3C:77:17:81
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 37AD159C
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/cRpgCVcPVfKzBTHpEormiTx3F4E.roa
Signing time: Sat 01 Jan 2022 12:05:32 +0000
ROA not before: Sat 01 Jan 2022 12:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30893
IP address blocks: 2a01:298:f001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934090140 (0x37ad159c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 12:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=711a6009570f55f2b30531e9128ae6893c771781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:73:06:63:23:67:66:39:53:0f:f1:0d:5e:
2f:72:3e:85:d6:f5:8a:b3:30:0a:bd:45:39:a0:82:
ca:4d:ce:e8:b3:09:78:d1:d9:85:45:73:c1:c0:68:
f4:fa:5e:7f:df:5f:4f:48:e6:be:6a:8f:99:bd:7a:
49:09:3c:ab:42:02:d5:10:9d:cb:96:94:ca:56:6b:
e4:bd:09:76:9c:a3:dc:5d:ea:e8:4b:5e:b4:93:52:
cc:8e:50:a0:fb:4e:ce:56:78:87:4d:b7:9d:60:54:
a1:23:a5:04:48:f2:8b:57:6c:f5:b7:17:9c:9c:6f:
88:f4:62:cb:91:b9:47:08:75:a4:a0:69:89:8e:b4:
bc:b4:fe:e9:ab:2c:73:68:d8:3e:12:63:1c:c0:a0:
de:79:73:5c:61:25:f4:2c:f5:57:06:6a:ed:41:86:
55:a2:80:a6:7b:d2:3c:f5:1a:d5:3b:1b:23:a2:ea:
29:93:b7:13:7d:e3:9b:47:bb:54:6d:3f:ec:83:93:
ba:e6:c2:4b:1f:b2:b2:ed:e0:46:ad:10:fc:f0:40:
bf:72:ea:b0:6b:70:6b:f3:f9:ad:3f:e0:07:21:03:
59:66:dc:7d:27:5b:5b:f4:7d:c4:ba:32:58:ba:09:
f1:88:16:4c:f9:7b:bd:54:58:86:60:4f:13:cb:ea:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1A:60:09:57:0F:55:F2:B3:05:31:E9:12:8A:E6:89:3C:77:17:81
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/cRpgCVcPVfKzBTHpEormiTx3F4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:298:f001::/48
Signature Algorithm: sha256WithRSAEncryption
28:08:23:23:bc:72:c4:a7:14:85:77:2f:b0:53:bc:7f:41:74:
01:b9:8d:c9:4d:2b:70:4a:3d:0e:74:4e:2c:6e:d8:06:50:7e:
27:52:fb:49:9f:f4:3f:81:83:4e:c1:f5:4d:cc:9d:e4:d8:39:
94:25:46:44:73:1c:02:63:c8:e3:9c:c1:f5:95:1f:2f:cb:27:
84:0f:18:a2:77:aa:2e:07:96:0e:4b:f0:86:a4:5c:0d:73:7e:
fa:6b:cb:90:bf:9b:36:72:ef:5e:bc:72:42:85:91:68:dd:31:
4d:cc:4b:01:93:eb:42:02:82:86:26:42:ba:ef:65:d4:f4:8b:
4d:a0:44:bb:12:ba:ef:48:3a:17:06:a7:66:02:0d:83:d7:09:
40:02:2b:01:08:69:dc:83:03:2f:6b:1b:1f:e9:a2:55:2c:bd:
b4:3d:1c:73:60:0a:1a:27:f5:64:43:28:35:cb:da:e3:7d:e0:
cc:92:91:b8:d2:7f:52:76:f2:55:f5:f4:51:08:d0:5e:c3:a8:
9e:bd:01:21:88:a4:b6:29:83:ce:df:32:72:1a:33:44:c8:12:
9a:c0:c0:f9:0e:0b:c6:87:ee:a6:04:cc:59:91:87:8e:04:b2:
ba:9e:7f:24:d1:35:e3:5e:51:d6:76:70:c7:a6:3b:44:2e:ef:
e6:7d:1e:23
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEN60VnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDc2N2JjNWZiY2JjZWZiMWMxYzc0N2JiMGViNTMzN2RhYjY5MWMwMB4XDTIyMDEw
MTEyMDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzExYTYwMDk1NzBm
NTVmMmIzMDUzMWU5MTI4YWU2ODkzYzc3MTc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoYcwZjI2dmOVMP8Q1eL3I+hdb1irMwCr1FOaCCyk3O6LMJ
eNHZhUVzwcBo9Ppef99fT0jmvmqPmb16SQk8q0IC1RCdy5aUylZr5L0Jdpyj3F3q
6EtetJNSzI5QoPtOzlZ4h023nWBUoSOlBEjyi1ds9bcXnJxviPRiy5G5Rwh1pKBp
iY60vLT+6assc2jYPhJjHMCg3nlzXGEl9Cz1VwZq7UGGVaKApnvSPPUa1TsbI6Lq
KZO3E33jm0e7VG0/7IOTuubCSx+ysu3gRq0Q/PBAv3LqsGtwa/P5rT/gByEDWWbc
fSdbW/R9xLoyWLoJ8YgWTPl7vVRYhmBPE8vqKisCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRxGmAJVw9V8rMFMekSiuaJPHcXgTAfBgNVHSMEGDAWgBSkdnvF+8vO+xwc
dHuw61M32raRwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BIWjd4ZnZMenZzY0hIUjdzT3RUTjlxMmtjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvODA2NWQ1LTA0ZDAtNDNlNS1hMmY0LTA0MWE0OGQyMTIzZi8x
L2NScGdDVmNQVmZLekJUSHBFb3JtaVR4M0Y0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ODA2NWQ1LTA0ZDAtNDNlNS1hMmY0LTA0MWE0OGQyMTIzZi8xL3BIWjd4ZnZMenZz
Y0hIUjdzT3RUTjlxMmtjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBApjwATANBgkqhkiG9w0BAQsF
AAOCAQEAKAgjI7xyxKcUhXcvsFO8f0F0AbmNyU0rcEo9DnROLG7YBlB+J1L7SZ/0
P4GDTsH1Tcyd5Ng5lCVGRHMcAmPI45zB9ZUfL8snhA8YoneqLgeWDkvwhqRcDXN+
+mvLkL+bNnLvXrxyQoWRaN0xTcxLAZPrQgKChiZCuu9l1PSLTaBEuxK670g6Fwan
ZgINg9cJQAIrAQhp3IMDL2sbH+miVSy9tD0cc2AKGif1ZEMoNcva433gzJKRuNJ/
UnbyVfX0UQjQXsOonr0BIYiktimDzt8ychozRMgSmsDA+Q4LxofupgTMWZGHjgSy
up5/JNE1415R1nZwx6Y7RC7v5n0eIw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:13 2025 by rpki-client