Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/6sk8J9DFW55FizR4dX_4d6kTPZQ.roa
File: 6sk8J9DFW55FizR4dX_4d6kTPZQ.roa (raw, json)
Hash identifier: /D4eWn7X8vuBZJmBmT6nmLoHRSdnfx1uX3qyGYAvsPw=
Subject key identifier: EA:C9:3C:27:D0:C5:5B:9E:45:8B:34:78:75:7F:F8:77:A9:13:3D:94
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 0A550584
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/6sk8J9DFW55FizR4dX_4d6kTPZQ.roa
Signing time: Sat 01 Jan 2022 09:59:35 +0000
ROA not before: Sat 01 Jan 2022 09:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25156
IP address blocks: 2a00:65c0::/32 maxlen: 32
2a00:65c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173344132 (0xa550584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Jan 1 09:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eac93c27d0c55b9e458b3478757ff877a9133d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6e:91:34:d4:d7:b5:ef:4f:1a:f5:8f:f0:01:
c3:ca:fa:dc:dd:f8:a6:08:d6:02:b7:dc:67:dc:8a:
77:50:50:59:19:f2:16:d4:e3:53:36:2f:5c:b1:01:
9e:1b:57:cf:fa:5d:ae:40:d0:ff:a0:06:d7:68:3f:
e7:34:d4:aa:d0:bd:56:14:e8:8b:3d:9f:d0:18:42:
3f:75:6b:79:48:7e:f4:5f:49:c8:54:da:84:cc:38:
af:15:fa:40:11:6f:91:81:9e:5b:d4:ec:76:41:ad:
23:dd:b5:5d:d2:7b:68:d7:dc:48:a8:72:fa:d0:d2:
e7:e9:f3:53:b9:7d:62:14:a5:fc:67:b0:81:97:6f:
47:06:49:07:fd:b5:7c:bd:66:e3:3a:af:d8:d0:00:
f6:23:9a:12:49:00:f4:16:39:18:04:8d:d5:f4:f9:
5f:cc:e4:99:00:af:4a:27:53:e2:a9:af:af:c5:85:
ce:ff:1f:1e:52:82:17:c3:8b:4f:cc:6c:99:f1:05:
f2:43:5a:04:09:cd:a4:c6:10:9b:d4:f2:40:b9:7d:
dd:e4:68:3a:be:e7:ad:68:23:cd:f7:a2:80:1d:77:
5e:14:26:ec:44:4b:49:72:01:f8:92:b2:ca:2a:20:
9a:ae:1b:2e:f0:a4:31:77:03:35:73:ab:07:1e:21:
22:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C9:3C:27:D0:C5:5B:9E:45:8B:34:78:75:7F:F8:77:A9:13:3D:94
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/6sk8J9DFW55FizR4dX_4d6kTPZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
47:9b:a6:f2:4e:d9:49:e2:bb:e8:9d:52:12:dd:ad:fb:23:32:
40:dc:55:0a:ae:21:83:1b:31:2a:bc:9c:af:ba:de:7b:a6:79:
94:dc:b2:3d:c4:09:46:6e:63:71:ff:5f:71:2f:73:0c:5f:4e:
db:7b:7f:31:94:1e:70:b7:c2:0d:a2:73:f2:4b:c6:26:34:98:
c4:30:d2:ef:b4:f8:1f:7a:e0:2c:a1:0a:44:ff:97:b3:74:51:
e8:4a:12:ac:3c:ca:e6:66:e8:1b:49:d3:c6:58:ad:b1:c7:fb:
08:50:66:61:19:e8:20:41:ef:bb:fa:3b:5b:46:22:e7:96:a8:
9d:d1:56:ed:81:de:9b:57:9e:01:f6:3e:09:57:1b:19:25:13:
20:bd:4b:6b:33:5f:d4:0c:99:df:5a:3b:a7:08:60:b4:71:d5:
4e:71:8d:50:0a:8b:47:9c:45:4d:1c:9e:c1:3a:dc:ef:29:89:
4f:78:a9:0d:94:35:31:80:51:1a:16:cb:ca:c2:94:5c:4a:35:
a6:e1:30:8d:44:f1:d2:2f:79:ec:5e:96:39:0d:2c:a9:17:92:
38:bd:37:da:f1:bc:68:61:7f:d1:a8:a6:e8:1b:bf:8f:30:ad:
3c:31:3c:32:45:97:d0:11:2a:ca:23:a0:ac:85:9d:04:9b:e2:
86:c5:58:70
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEClUFhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2RiZDVhY2YxZjljNzVkMThhMWY3NTAzMTExNGM0OGYwYjIzMzYzMB4XDTIyMDEw
MTA5NTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjOTNjMjdkMGM1
NWI5ZTQ1OGIzNDc4NzU3ZmY4NzdhOTEzM2Q5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxukTTU17XvTxr1j/ABw8r63N34pgjWArfcZ9yKd1BQWRny
FtTjUzYvXLEBnhtXz/pdrkDQ/6AG12g/5zTUqtC9VhToiz2f0BhCP3VreUh+9F9J
yFTahMw4rxX6QBFvkYGeW9TsdkGtI921XdJ7aNfcSKhy+tDS5+nzU7l9YhSl/Gew
gZdvRwZJB/21fL1m4zqv2NAA9iOaEkkA9BY5GASN1fT5X8zkmQCvSidT4qmvr8WF
zv8fHlKCF8OLT8xsmfEF8kNaBAnNpMYQm9TyQLl93eRoOr7nrWgjzfeigB13XhQm
7ERLSXIB+JKyyiogmq4bLvCkMXcDNXOrBx4hIu8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTqyTwn0MVbnkWLNHh1f/h3qRM9lDAfBgNVHSMEGDAWgBQX29Ws8fnHXRih
91AxEUxI8LIzYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5dlZyUEg1eDEwWW9mZFFNUkZNU1BDeU0yTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvMjkxOTlmLWY2Y2MtNDQ4YS1iZmQ0LTU4MWRiODdjODIxZS8x
LzZzazhKOURGVzU1Rml6UjRkWF80ZDZrVFBaUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
MjkxOTlmLWY2Y2MtNDQ4YS1iZmQ0LTU4MWRiODdjODIxZS8xL0Y5dlZyUEg1eDEw
WW9mZFFNUkZNU1BDeU0yTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAZcAwDQYJKoZIhvcNAQELBQAD
ggEBAEebpvJO2Uniu+idUhLdrfsjMkDcVQquIYMbMSq8nK+63numeZTcsj3ECUZu
Y3H/X3EvcwxfTtt7fzGUHnC3wg2ic/JLxiY0mMQw0u+0+B964CyhCkT/l7N0UehK
Eqw8yuZm6BtJ08ZYrbHH+whQZmEZ6CBB77v6O1tGIueWqJ3RVu2B3ptXngH2PglX
GxklEyC9S2szX9QMmd9aO6cIYLRx1U5xjVAKi0ecRU0cnsE63O8piU94qQ2UNTGA
URoWy8rClFxKNabhMI1E8dIveexeljkNLKkXkji9N9rxvGhhf9Gopugbv48wrTwx
PDJFl9ARKsojoKyFnQSb4obFWHA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:46 2025 by rpki-client