Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/V6J94wq0ro1bMP9wuEJNB-npmKk.roa
File: V6J94wq0ro1bMP9wuEJNB-npmKk.roa (raw, json)
Hash identifier: HbCXdlWwcu8oClGRkwndN3kKtOx3Y4xR5RRq4jmA0Z8=
Subject key identifier: 57:A2:7D:E3:0A:B4:AE:8D:5B:30:FF:70:B8:42:4D:07:E9:E9:98:A9
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0182F7EA4848835A534EF924EB41BF378817
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/V6J94wq0ro1bMP9wuEJNB-npmKk.roa
Signing time: Thu 01 Sep 2022 07:18:22 +0000
ROA not before: Thu 01 Sep 2022 07:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203083
IP address blocks: 2a03:5840:290::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:ea:48:48:83:5a:53:4e:f9:24:eb:41:bf:37:88:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Sep 1 07:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57a27de30ab4ae8d5b30ff70b8424d07e9e998a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:e0:a7:c0:29:3b:2e:54:8e:19:fa:fb:41:
f2:85:88:dc:38:3f:e3:3c:8a:f2:58:cd:c6:18:cb:
72:ed:9d:d4:aa:2d:ff:8f:57:1f:d8:c3:eb:6b:c4:
b8:b5:55:a9:cb:63:fa:47:91:94:93:33:18:54:88:
ac:17:d7:18:7e:98:c3:4f:dc:a6:68:18:92:c1:77:
b5:ae:6b:1b:f0:58:32:7c:55:b7:cf:e5:de:00:60:
b5:59:2b:66:e1:9a:03:47:45:cb:86:4d:b2:19:19:
ae:08:fd:36:69:fd:ef:8c:b9:a1:ba:37:b2:db:cc:
17:64:0f:10:b2:65:94:69:ac:f0:d9:81:96:08:2e:
9d:95:2e:93:f0:b4:3a:59:33:fd:38:2b:a4:b6:75:
3d:f8:42:5b:ea:fa:3a:0e:ec:6d:3a:89:3d:c2:64:
81:5d:dd:9d:eb:51:34:27:1f:03:1b:50:73:7b:fe:
fc:d3:ea:55:a5:d9:25:6c:a4:df:78:4e:bd:3d:24:
ce:ed:a5:f4:32:4d:7b:70:f0:60:3c:cd:3c:51:f5:
4f:22:cb:69:14:99:96:89:c4:01:b2:32:22:49:46:
37:8d:d0:aa:da:07:f3:14:de:a0:b9:9c:ec:8c:a0:
05:fb:44:48:da:ec:1b:12:38:62:c4:c0:54:8a:30:
5d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:A2:7D:E3:0A:B4:AE:8D:5B:30:FF:70:B8:42:4D:07:E9:E9:98:A9
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/V6J94wq0ro1bMP9wuEJNB-npmKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:290::/44
Signature Algorithm: sha256WithRSAEncryption
09:af:fe:4c:77:94:b7:28:c8:97:10:f0:5e:71:00:35:54:a0:
8a:db:4d:b3:42:2d:17:df:d2:0a:b9:5d:62:67:24:18:93:48:
c0:63:a5:d6:04:2e:af:12:b4:3c:bb:6e:57:31:9b:f2:53:c2:
2b:1e:10:14:c2:ca:43:62:2b:15:be:82:e1:6a:00:06:80:95:
30:3c:1f:30:fa:e5:9b:b1:e4:1b:a3:aa:21:df:02:6d:07:13:
69:03:34:a5:cc:ce:d3:d9:c6:3d:1a:fa:7a:ef:83:83:de:ba:
27:0d:9e:7c:a7:fe:33:b6:7d:a4:10:15:c4:ab:82:46:a5:d1:
11:13:39:44:09:d9:ab:a9:85:5b:c9:e9:95:2e:92:12:49:0f:
d9:62:9e:17:16:fe:5e:95:e8:d7:4e:16:63:65:f6:5b:01:41:
b9:a7:be:77:3e:37:d8:10:ca:7f:0a:81:64:2d:2f:4e:c0:83:
a4:d6:11:c0:80:25:3d:af:83:99:e6:9e:11:86:49:5e:12:65:
ed:c3:cf:bd:05:87:45:e4:76:c4:a5:7d:ee:3a:02:eb:a3:3d:
b4:66:9e:d6:1d:2b:d0:73:04:00:50:71:7b:4c:c6:a3:08:60:
c2:09:f5:79:2a:97:53:61:2b:d8:23:63:9b:5e:e9:1a:93:4b:
10:6a:1e:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYL36khIg1pTTvkk60G/N4gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjIwOTAxMDcxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2EyN2RlMzBhYjRhZThkNWIzMGZmNzBiODQyNGQwN2U5ZTk5OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjvgp8ApOy5Ujhn6+0HyhYjcOD/j
PIryWM3GGMty7Z3Uqi3/j1cf2MPra8S4tVWpy2P6R5GUkzMYVIisF9cYfpjDT9ym
aBiSwXe1rmsb8FgyfFW3z+XeAGC1WStm4ZoDR0XLhk2yGRmuCP02af3vjLmhujey
28wXZA8QsmWUaazw2YGWCC6dlS6T8LQ6WTP9OCuktnU9+EJb6vo6DuxtOok9wmSB
Xd2d61E0Jx8DG1Bze/780+pVpdklbKTfeE69PSTO7aX0Mk17cPBgPM08UfVPIstp
FJmWicQBsjIiSUY3jdCq2gfzFN6guZzsjKAF+0RI2uwbEjhixMBUijBdQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFeifeMKtK6NWzD/cLhCTQfp6ZipMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvVjZKOTR3cTBybzFiTVA5d3VFSk5CLW5wbUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgNYQAKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAJr/5Md5S3KMiXEPBecQA1VKCK202zQi0X39IK
uV1iZyQYk0jAY6XWBC6vErQ8u25XMZvyU8IrHhAUwspDYisVvoLhagAGgJUwPB8w
+uWbseQbo6oh3wJtBxNpAzSlzM7T2cY9Gvp674OD3ronDZ58p/4ztn2kEBXEq4JG
pdEREzlECdmrqYVbyemVLpISSQ/ZYp4XFv5elejXThZjZfZbAUG5p753PjfYEMp/
CoFkLS9OwIOk1hHAgCU9r4OZ5p4RhkleEmXtw8+9BYdF5HbEpX3uOgLroz20Zp7W
HSvQcwQAUHF7TMajCGDCCfV5KpdTYSvYI2ObXukak0sQah7S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:09 2025 by rpki-client