Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/khzjkT5Dh7_mwCrxxBg_mc5GBTg.roa
File: khzjkT5Dh7_mwCrxxBg_mc5GBTg.roa (raw, json)
Hash identifier: 6N0/0lFJ49VFrj+iryuw5IEfZI2gIlRfbTNkYQNIuLg=
Subject key identifier: 92:1C:E3:91:3E:43:87:BF:E6:C0:2A:F1:C4:18:3F:99:CE:46:05:38
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0187B31CCB15EA34471EBFCF25CB66C4BF9A
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/khzjkT5Dh7_mwCrxxBg_mc5GBTg.roa
Signing time: Mon 24 Apr 2023 11:53:41 +0000
ROA not before: Mon 24 Apr 2023 11:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198767
IP address blocks: 2a03:5840:f6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:1c:cb:15:ea:34:47:1e:bf:cf:25:cb:66:c4:bf:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Apr 24 11:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=921ce3913e4387bfe6c02af1c4183f99ce460538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:13:ec:c6:9e:2f:5b:62:f6:06:65:47:3f:
38:a9:a1:96:83:20:1b:83:5b:25:9b:b8:38:ab:ce:
36:5e:c2:30:31:3a:d2:1a:76:e8:87:fd:56:ac:c6:
8c:72:56:90:3a:b0:50:69:3c:6a:92:77:2d:f2:cd:
ca:37:48:e8:af:96:4b:a5:d4:38:1c:04:1f:4d:eb:
7f:c5:da:72:64:de:a7:4b:69:d0:fe:75:7f:55:e2:
17:70:89:f0:59:4d:4a:f0:04:60:5f:54:8d:07:c2:
a8:9d:b5:b2:52:17:7d:22:a6:fe:b3:fe:60:89:70:
e0:aa:7f:82:b4:5d:49:d3:6e:6e:9a:16:bf:3b:53:
9c:e7:e4:6d:c6:b7:0d:bd:1d:4e:b6:db:2d:c7:3b:
7e:12:68:77:ea:00:69:01:bd:8c:de:e5:0d:3b:ee:
5b:f4:e5:6a:a6:1e:7d:ec:60:5c:7b:1f:d5:83:e5:
0e:22:e4:62:d6:b5:b9:4c:23:59:12:9f:d3:05:f6:
7f:ed:96:97:57:c8:32:9a:0b:1f:4e:b6:10:ca:9a:
e2:72:03:bf:16:9a:ca:52:e4:1e:48:5a:a7:10:2d:
5a:4f:fd:df:06:8f:4e:6b:2e:80:7f:71:a8:0d:f0:
aa:b7:b6:95:c5:51:e3:88:9e:9f:91:fd:93:f1:98:
9a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1C:E3:91:3E:43:87:BF:E6:C0:2A:F1:C4:18:3F:99:CE:46:05:38
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/khzjkT5Dh7_mwCrxxBg_mc5GBTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:f6::/48
Signature Algorithm: sha256WithRSAEncryption
1d:7b:fa:7f:96:bb:ab:a0:fc:96:93:de:c5:6f:7b:3e:5d:07:
e3:83:d5:1d:49:a0:c3:23:96:21:6f:a7:52:5b:e1:25:41:81:
66:f3:32:84:34:ce:4e:a0:57:c7:e0:8d:ef:85:8f:0c:98:9d:
c2:f0:20:a1:c8:24:77:41:65:ab:1d:1a:60:ee:37:8c:76:30:
fd:49:fa:d1:91:0c:97:f6:ef:e5:51:0a:8f:24:71:a6:16:0e:
2b:51:4c:c1:39:79:e9:1a:8d:d5:56:0f:3a:ad:f0:15:f3:ab:
95:95:21:4d:33:e2:5f:51:4c:4d:08:05:48:fb:5f:25:11:6f:
37:25:c4:89:de:23:9c:74:4b:db:cb:50:aa:47:d2:c4:7c:33:
bb:7b:f6:29:d0:8d:0a:03:59:40:07:6b:d3:a0:54:b8:52:61:
fc:f0:28:5a:09:1b:2c:95:a6:ff:68:a3:0f:53:d5:30:21:2c:
be:21:12:97:bb:bb:8c:32:2d:46:e4:bd:9c:2f:e2:64:1f:7d:
fd:d4:f0:b9:f7:7a:8a:1e:7b:6a:2e:c2:a7:26:be:2f:f7:e4:
28:f0:1d:4e:48:06:3b:1c:2a:11:c3:c8:ad:a5:16:09:3c:04:
ae:2c:6d:b4:ab:5e:28:94:65:a0:15:30:90:c3:39:ab:fa:cd:
18:5b:20:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYezHMsV6jRHHr/PJctmxL+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwNDI0MTE1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFjZTM5MTNlNDM4N2JmZTZjMDJhZjFjNDE4M2Y5OWNlNDYwNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvQT7MaeL1ti9gZlRz84qaGWgyAb
g1slm7g4q842XsIwMTrSGnboh/1WrMaMclaQOrBQaTxqknct8s3KN0jor5ZLpdQ4
HAQfTet/xdpyZN6nS2nQ/nV/VeIXcInwWU1K8ARgX1SNB8KonbWyUhd9Iqb+s/5g
iXDgqn+CtF1J025umha/O1Oc5+RtxrcNvR1Ottstxzt+Emh36gBpAb2M3uUNO+5b
9OVqph597GBcex/Vg+UOIuRi1rW5TCNZEp/TBfZ/7ZaXV8gymgsfTrYQypricgO/
FprKUuQeSFqnEC1aT/3fBo9Oay6Af3GoDfCqt7aVxVHjiJ6fkf2T8ZiaKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJIc45E+Q4e/5sAq8cQYP5nORgU4MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEva2h6amtUNURoN19td0NyeHhCZ19tYzVHQlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAD2
MA0GCSqGSIb3DQEBCwUAA4IBAQAde/p/lruroPyWk97Fb3s+XQfjg9UdSaDDI5Yh
b6dSW+ElQYFm8zKENM5OoFfH4I3vhY8MmJ3C8CChyCR3QWWrHRpg7jeMdjD9SfrR
kQyX9u/lUQqPJHGmFg4rUUzBOXnpGo3VVg86rfAV86uVlSFNM+JfUUxNCAVI+18l
EW83JcSJ3iOcdEvby1CqR9LEfDO7e/Yp0I0KA1lAB2vToFS4UmH88ChaCRsslab/
aKMPU9UwISy+IRKXu7uMMi1G5L2cL+JkH3391PC593qKHntqLsKnJr4v9+Qo8B1O
SAY7HCoRw8itpRYJPASuLG20q14olGWgFTCQwzmr+s0YWyAX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:21 2025 by rpki-client