Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/CuWPotjis3wTjLq5me2wbJLF_rs.roa
File: CuWPotjis3wTjLq5me2wbJLF_rs.roa (raw, json)
Hash identifier: RzcQfiZvrOaZKwkU5ij6VxG57paYHwqlhOGBY1m+mNk=
Subject key identifier: 0A:E5:8F:A2:D8:E2:B3:7C:13:8C:BA:B9:99:ED:B0:6C:92:C5:FE:BB
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 0187A2D1A701BCD058D71745188DEF0C8421
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/CuWPotjis3wTjLq5me2wbJLF_rs.roa
Signing time: Fri 21 Apr 2023 07:57:41 +0000
ROA not before: Fri 21 Apr 2023 07:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22634
IP address blocks: 2a04:7141::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:d1:a7:01:bc:d0:58:d7:17:45:18:8d:ef:0c:84:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Apr 21 07:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ae58fa2d8e2b37c138cbab999edb06c92c5febb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:44:91:ad:95:b6:79:00:63:61:44:1e:fe:
18:b9:c4:c2:87:8e:df:52:d7:79:b6:16:35:ac:88:
c5:c1:48:df:33:a2:c5:8f:ec:48:db:56:f7:36:21:
5d:50:d0:0a:41:10:c3:53:5d:19:36:e3:7d:52:17:
fd:a5:f2:a0:b8:00:7a:e1:1d:f6:9c:d7:ca:c4:48:
12:b2:c7:e6:df:3c:09:d9:a9:76:43:1d:35:55:52:
51:35:2c:29:95:65:90:c8:2d:b3:d9:55:65:a5:01:
6c:9b:24:d6:8f:4a:cd:8a:8c:f3:23:b5:6f:09:9c:
16:a6:65:42:05:79:a6:ff:b1:5f:d3:e6:ba:57:86:
d1:9b:c9:51:89:db:b3:0d:c9:90:21:56:fe:74:d8:
83:94:2c:70:9c:94:f3:10:bf:19:79:47:ca:b2:bd:
31:d4:e9:84:a3:39:1b:48:79:b2:4a:bc:82:99:07:
ed:39:d0:be:d8:15:62:46:a1:7a:fc:b3:5f:d9:72:
e1:00:4c:c5:98:7a:02:b4:dd:6d:8c:e3:5f:36:4f:
76:33:e3:68:ef:1a:93:f4:fc:3e:55:a0:dd:b9:03:
b1:87:9e:f0:8b:d3:0d:39:73:b7:f4:d1:16:af:d9:
5a:ab:17:a6:1d:ca:96:bf:d1:fa:f6:52:28:ff:1d:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E5:8F:A2:D8:E2:B3:7C:13:8C:BA:B9:99:ED:B0:6C:92:C5:FE:BB
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/CuWPotjis3wTjLq5me2wbJLF_rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:7141::/36
Signature Algorithm: sha256WithRSAEncryption
33:df:3e:92:55:43:c0:4a:7b:01:b1:1d:ba:34:9a:7a:d0:7c:
8f:51:8d:36:08:6d:bc:64:0b:40:ee:c7:c2:da:80:b4:47:de:
7a:6e:3f:31:bb:76:69:30:6b:a1:45:8e:2c:86:4c:41:43:7b:
d4:5f:60:11:8b:ad:75:81:16:c2:48:6e:9a:e9:3a:e9:f9:47:
70:e1:e4:54:5f:f5:86:bf:0a:1d:95:e3:05:04:e9:25:90:f4:
a9:0f:b3:55:36:05:c0:ec:52:df:6a:a6:4b:e1:40:1e:27:12:
e5:39:f0:b2:1d:7b:a5:2d:20:8d:67:4d:5b:b2:72:e3:f7:09:
6a:41:1b:1f:1a:2f:59:a1:c9:fc:e6:1c:4d:63:e5:cc:27:bd:
6a:5e:c8:b0:6d:09:8b:6a:06:8d:b6:29:5b:9b:a2:bf:b2:82:
27:f7:df:4f:47:e0:84:17:42:32:7f:c4:4f:db:05:04:80:ab:
d1:00:a4:8d:b1:10:9a:f4:88:4b:52:1b:67:64:7e:80:4e:5b:
4b:42:f6:b1:f6:88:3d:45:64:f1:24:f1:37:36:de:90:cc:a8:
b0:87:1b:b8:96:8e:b2:01:66:1f:7c:89:2f:64:0c:fe:6e:04:
e7:b4:fb:3f:b9:48:8a:48:fc:fa:07:ee:50:62:75:bd:50:97:
6d:b7:fe:bb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYei0acBvNBY1xdFGI3vDIQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjMwNDIxMDc1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1OGZhMmQ4ZTJiMzdjMTM4Y2JhYjk5OWVkYjA2YzkyYzVmZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlZEka2VtnkAY2FEHv4YucTCh47f
Utd5thY1rIjFwUjfM6LFj+xI21b3NiFdUNAKQRDDU10ZNuN9Uhf9pfKguAB64R32
nNfKxEgSssfm3zwJ2al2Qx01VVJRNSwplWWQyC2z2VVlpQFsmyTWj0rNiozzI7Vv
CZwWpmVCBXmm/7Ff0+a6V4bRm8lRiduzDcmQIVb+dNiDlCxwnJTzEL8ZeUfKsr0x
1OmEozkbSHmySryCmQftOdC+2BViRqF6/LNf2XLhAEzFmHoCtN1tjONfNk92M+No
7xqT9Pw+VaDduQOxh57wi9MNOXO39NEWr9laqxemHcqWv9H69lIo/x15ewIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFArlj6LY4rN8E4y6uZntsGySxf67MB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvQ3VXUG90amlzM3dUakxxNW1lMndiSkxGX3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgRxQQAw
DQYJKoZIhvcNAQELBQADggEBADPfPpJVQ8BKewGxHbo0mnrQfI9RjTYIbbxkC0Du
x8LagLRH3npuPzG7dmkwa6FFjiyGTEFDe9RfYBGLrXWBFsJIbprpOun5R3Dh5FRf
9Ya/Ch2V4wUE6SWQ9KkPs1U2BcDsUt9qpkvhQB4nEuU58LIde6UtII1nTVuycuP3
CWpBGx8aL1mhyfzmHE1j5cwnvWpeyLBtCYtqBo22KVubor+ygif3309H4IQXQjJ/
xE/bBQSAq9EApI2xEJr0iEtSG2dkfoBOW0tC9rH2iD1FZPEk8Tc23pDMqLCHG7iW
jrIBZh98iS9kDP5uBOe0+z+5SIpI/PoH7lBidb1Ql223/rs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:52 2025 by rpki-client