Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IQNFDsZfs4gWYr8XG6ZUtgqMwhk.roa
File: IQNFDsZfs4gWYr8XG6ZUtgqMwhk.roa (raw, json)
Hash identifier: aEwS1OEDf15VHapQVw0vYcFjj+sX97fJ0R5eFji3sZU=
Subject key identifier: 21:03:45:0E:C6:5F:B3:88:16:62:BF:17:1B:A6:54:B6:0A:8C:C2:19
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD72955C9B1850C6CD68B54A876769
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IQNFDsZfs4gWYr8XG6ZUtgqMwhk.roa
Signing time: Sun 01 Jan 2023 15:05:07 +0000
ROA not before: Sun 01 Jan 2023 15:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199586
IP address blocks: 2a03:5840::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:72:95:5c:9b:18:50:c6:cd:68:b5:4a:87:67:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2103450ec65fb3881662bf171ba654b60a8cc219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:18:fc:49:03:d2:bd:16:96:9b:86:e1:5f:
3b:94:37:fd:ac:e7:3b:0f:35:37:3b:6e:04:9b:68:
21:90:3d:75:63:0f:df:ed:c1:89:8b:23:e5:ba:ba:
17:d0:5a:32:23:03:30:dd:60:d7:55:43:29:95:06:
f4:13:f6:16:d1:f3:69:21:3f:fa:d2:3a:80:42:aa:
bc:2e:8e:08:6b:8d:5e:13:b1:8d:98:b8:7a:eb:79:
d9:07:7c:d6:db:9d:fa:ec:6e:04:c9:8f:d0:f1:39:
1f:e7:af:98:e9:97:2a:ec:e0:b6:62:db:59:b4:0a:
5a:d0:84:cb:c7:af:54:ee:e2:11:93:74:67:32:27:
12:a1:8d:e4:77:2d:04:01:6f:d2:79:64:7c:c1:b1:
de:41:c6:d0:cc:a1:7a:c1:67:96:f5:30:3f:2b:35:
94:ec:e3:04:70:22:93:d8:e1:51:44:f9:aa:9d:3c:
ed:74:3c:96:20:c6:54:d8:48:2a:91:22:29:f5:7e:
88:b2:6b:6e:95:5f:b5:44:ce:cd:45:f8:af:37:90:
85:96:be:91:fc:d5:d3:e0:ca:04:0d:ca:31:05:25:
a0:60:39:bd:96:d2:a8:4b:f7:87:53:9c:86:61:2f:
36:47:69:00:0d:4c:ee:4c:ba:0a:5c:e1:22:17:c7:
57:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:03:45:0E:C6:5F:B3:88:16:62:BF:17:1B:A6:54:B6:0A:8C:C2:19
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IQNFDsZfs4gWYr8XG6ZUtgqMwhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840::/48
Signature Algorithm: sha256WithRSAEncryption
86:e7:f6:18:dc:59:4e:a8:49:44:26:1c:f3:91:e7:8a:5e:1d:
7e:4c:ae:66:2b:1d:7c:56:14:49:3d:83:da:2c:b5:f5:bf:a1:
53:e4:b9:b0:e9:4e:06:0d:9c:46:2d:be:49:a7:d0:5a:a2:62:
70:85:60:eb:69:53:97:8a:f8:ef:53:e0:c4:fc:6a:09:8a:c1:
bc:17:95:3b:9c:ec:b0:a3:ba:7b:5f:42:5e:31:d9:8f:11:6d:
b7:6d:ac:80:6a:98:be:af:10:dc:e6:90:ac:af:e1:34:47:bc:
e7:bf:c7:68:37:8d:ff:19:42:54:cb:ee:3f:c0:54:d9:87:f3:
b3:4f:ae:f5:8a:d0:81:86:1c:ea:91:db:f2:9c:f2:c7:1b:31:
b4:e9:87:80:7c:fe:70:00:a4:89:6e:3e:8a:42:bb:ea:16:00:
52:16:25:78:f0:70:82:39:c0:4d:a5:2d:e4:94:78:7c:d9:00:
0b:2f:6c:32:85:21:11:4b:1a:4c:75:a2:9b:33:45:fb:8e:16:
f9:29:52:62:68:e8:d0:cd:4a:30:5f:d7:46:6f:0d:ce:ca:a7:
40:78:c1:99:47:58:c9:a1:7c:1c:30:ce:31:79:64:9a:4a:a7:
a1:50:2e:7d:28:ff:6f:61:02:95:92:55:d2:42:8a:7f:49:c2:
0b:49:f3:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt3XKVXJsYUMbNaLVKh2dpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAzNDUwZWM2NWZiMzg4MTY2MmJmMTcxYmE2NTRiNjBhOGNjMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoQY/EkD0r0WlpuG4V87lDf9rOc7
DzU3O24Em2ghkD11Yw/f7cGJiyPluroX0FoyIwMw3WDXVUMplQb0E/YW0fNpIT/6
0jqAQqq8Lo4Ia41eE7GNmLh663nZB3zW25367G4EyY/Q8Tkf56+Y6Zcq7OC2YttZ
tApa0ITLx69U7uIRk3RnMicSoY3kdy0EAW/SeWR8wbHeQcbQzKF6wWeW9TA/KzWU
7OMEcCKT2OFRRPmqnTztdDyWIMZU2EgqkSIp9X6IsmtulV+1RM7NRfivN5CFlr6R
/NXT4MoEDcoxBSWgYDm9ltKoS/eHU5yGYS82R2kADUzuTLoKXOEiF8dXsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCEDRQ7GX7OIFmK/FxumVLYKjMIZMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvSVFORkRzWmZzNGdXWXI4WEc2WlV0Z3FNd2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCG5/YY3FlOqElEJhzzkeeKXh1+TK5mKx18VhRJ
PYPaLLX1v6FT5Lmw6U4GDZxGLb5Jp9BaomJwhWDraVOXivjvU+DE/GoJisG8F5U7
nOywo7p7X0JeMdmPEW23bayAapi+rxDc5pCsr+E0R7znv8doN43/GUJUy+4/wFTZ
h/OzT671itCBhhzqkdvynPLHGzG06YeAfP5wAKSJbj6KQrvqFgBSFiV48HCCOcBN
pS3klHh82QALL2wyhSERSxpMdaKbM0X7jhb5KVJiaOjQzUowX9dGbw3OyqdAeMGZ
R1jJoXwcMM4xeWSaSqehUC59KP9vYQKVklXSQop/ScILSfOT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:04 2025 by rpki-client