Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/z0iQrruiqxMXgtancaQ3qnGoYLE.roa
File: z0iQrruiqxMXgtancaQ3qnGoYLE.roa (raw, json)
Hash identifier: 6cZGu7FGQQRYHVSiZzSodJ3imT3ZcKWJhLXjf3r4Hxo=
Subject key identifier: CF:48:90:AE:BB:A2:AB:13:17:82:D6:A7:71:A4:37:AA:71:A8:60:B1
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA1AA50A153BF92FA165E61F33BF3
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/z0iQrruiqxMXgtancaQ3qnGoYLE.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39753
IP address blocks: 2a12:3fc7:8000::/33 maxlen: 48
2a12:3fc7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a1:aa:50:a1:53:bf:92:fa:16:5e:61:f3:3b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf4890aebba2ab131782d6a771a437aa71a860b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:18:fe:52:d5:c1:65:f3:09:8a:df:47:98:ed:
76:ad:24:21:04:36:e5:9d:1f:f4:02:84:5c:36:6e:
6f:15:b2:22:7f:36:0b:3b:0a:d6:25:bf:07:de:3f:
9d:f0:9e:da:60:f8:58:8f:8e:4a:a7:14:f4:4a:4b:
23:f1:7f:2b:ed:a0:45:d4:cf:5d:5e:ae:73:fc:6f:
18:29:54:6a:b3:ce:ce:2e:8b:6c:d7:ab:3d:f8:f0:
c3:ab:dc:3e:bc:97:b6:b8:07:69:7b:c1:9d:da:1c:
f9:fe:38:9e:fc:32:07:b5:ab:d4:a2:79:5a:a8:d9:
af:c6:47:07:92:6a:c5:13:72:17:64:6e:ff:f9:ed:
a8:25:47:c4:81:ce:eb:8d:fd:5f:f5:69:d5:37:3b:
e4:91:8b:51:e7:6e:79:c4:12:dc:0e:a0:f9:85:63:
67:bb:83:d2:e8:ef:a3:69:2a:71:be:08:8f:0c:59:
7e:46:f5:4b:31:16:42:35:eb:88:0b:c2:c1:a8:8d:
50:ed:a1:86:1c:50:e5:36:93:62:b5:d7:a8:c0:45:
8c:f0:18:aa:d8:a9:53:5c:21:40:4f:0e:5e:bd:5d:
69:fd:e3:43:02:be:88:20:d8:99:e8:00:08:ac:02:
16:85:82:22:3d:e9:8d:c7:4c:fb:ed:bd:65:ad:15:
3f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:48:90:AE:BB:A2:AB:13:17:82:D6:A7:71:A4:37:AA:71:A8:60:B1
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/z0iQrruiqxMXgtancaQ3qnGoYLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc7::/48
2a12:3fc7:8000::/33
Signature Algorithm: sha256WithRSAEncryption
9d:84:e1:32:b3:e3:a0:de:ba:16:02:a2:df:71:24:01:36:33:
09:a1:2b:e7:17:19:8a:69:36:22:6a:37:3a:47:13:bf:e9:a1:
52:dc:7a:5c:7f:28:9d:3d:5e:98:11:d6:47:0d:ec:be:3c:a2:
a5:3e:84:12:d2:8b:1b:08:bd:7a:66:ac:2f:7c:57:d3:1e:0a:
0d:7b:b8:7e:bd:6b:73:e2:43:eb:e6:06:66:fa:6f:49:c2:26:
2c:c6:ed:6b:27:1f:0a:ed:49:6e:c9:8b:e1:a4:d9:b2:f1:ce:
22:3d:25:f9:80:2c:3d:56:f7:9e:cd:5a:ca:5c:91:90:d4:bd:
85:8f:78:12:8c:fa:5a:fe:82:f1:86:d4:2a:71:fd:a4:2e:30:
84:fe:8a:aa:83:9a:6d:fe:b2:7d:cf:a8:b1:5f:3a:75:64:f6:
89:25:3e:b7:7c:df:7a:10:65:6a:c0:f8:fb:29:0a:0c:39:9b:
5b:f0:bc:3a:a6:87:95:03:2f:a0:49:21:3c:a8:eb:7c:4c:ba:
85:ab:d3:f2:3f:ed:47:48:4f:9b:d2:6d:36:3a:24:fa:70:05:
00:b3:33:52:61:c4:de:84:f9:9b:9d:4c:88:a2:5d:f7:3b:45:
90:9d:70:61:8e:b6:0e:88:65:f2:3d:9e:e8:7c:1e:09:e2:3d:
0d:40:f9:05
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVsHKGqUKFTv5L6Fl5h8zvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQ4OTBhZWJiYTJhYjEzMTc4MmQ2YTc3MWE0MzdhYTcxYTg2MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxj+UtXBZfMJit9HmO12rSQhBDbl
nR/0AoRcNm5vFbIifzYLOwrWJb8H3j+d8J7aYPhYj45KpxT0Sksj8X8r7aBF1M9d
Xq5z/G8YKVRqs87OLots16s9+PDDq9w+vJe2uAdpe8Gd2hz5/jie/DIHtavUonla
qNmvxkcHkmrFE3IXZG7/+e2oJUfEgc7rjf1f9WnVNzvkkYtR5255xBLcDqD5hWNn
u4PS6O+jaSpxvgiPDFl+RvVLMRZCNeuIC8LBqI1Q7aGGHFDlNpNitdeowEWM8Biq
2KlTXCFATw5evV1p/eNDAr6IINiZ6AAIrAIWhYIiPemNx0z77b1lrRU/VQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFM9IkK67oqsTF4LWp3GkN6pxqGCxMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvejBpUXJydWlxeE1YZ3RhbmNhUTNxbkdvWUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhI/xwAA
AwYHKhI/x4AwDQYJKoZIhvcNAQELBQADggEBAJ2E4TKz46DeuhYCot9xJAE2Mwmh
K+cXGYppNiJqNzpHE7/poVLcelx/KJ09XpgR1kcN7L48oqU+hBLSixsIvXpmrC98
V9MeCg17uH69a3PiQ+vmBmb6b0nCJizG7WsnHwrtSW7Ji+Gk2bLxziI9JfmALD1W
957NWspckZDUvYWPeBKM+lr+gvGG1Cpx/aQuMIT+iqqDmm3+sn3PqLFfOnVk9okl
Prd833oQZWrA+PspCgw5m1vwvDqmh5UDL6BJITyo63xMuoWr0/I/7UdIT5vSbTY6
JPpwBQCzM1JhxN6E+ZudTIiiXfc7RZCdcGGOtg6IZfI9nuh8HgniPQ1A+QU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:16 2025 by rpki-client