Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/9ZThsoZvOEFefrrgy4Q6a0XzXuA.roa
File: 9ZThsoZvOEFefrrgy4Q6a0XzXuA.roa (raw, json)
Hash identifier: ZcIGRCmGK2z1Fu6Pq0S/k3R7iFhhuhJ/UXV927C1NNY=
Subject key identifier: F5:94:E1:B2:86:6F:38:41:5E:7E:BA:E0:CB:84:3A:6B:45:F3:5E:E0
Certificate issuer: /CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Certificate serial: 01856E8B0C79F4460489D2EBCF6197486E7E
Authority key identifier: EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/9ZThsoZvOEFefrrgy4Q6a0XzXuA.roa
Signing time: Sun 01 Jan 2023 18:14:44 +0000
ROA not before: Sun 01 Jan 2023 18:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201057
IP address blocks: 2a03:e581:4::/48 maxlen: 48
2a03:e581::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:0c:79:f4:46:04:89:d2:eb:cf:61:97:48:6e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Validity
Not Before: Jan 1 18:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f594e1b2866f38415e7ebae0cb843a6b45f35ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d5:04:8f:7e:73:66:c8:e0:3c:07:79:6f:f9:
52:80:a8:ef:52:95:7f:42:7e:63:37:16:09:cf:a9:
fa:15:d3:92:4e:a1:d2:b0:c7:f0:10:bf:6c:f6:9b:
55:63:41:34:90:a3:4a:37:fc:f3:10:b6:69:82:63:
41:cd:01:0f:0d:91:23:fc:36:1c:97:f2:e6:c4:64:
3f:43:2f:81:bc:c8:34:a1:35:9d:6e:7a:10:2a:9d:
c9:8a:a0:7b:a1:ec:34:02:d4:d1:4e:14:92:8d:e3:
5a:2b:82:f8:e3:90:ba:ea:5c:df:1a:f0:4e:ce:93:
de:5c:38:a9:2a:29:a7:f4:a6:9a:40:03:2c:17:25:
fe:cc:26:f8:06:10:00:66:9d:6c:6a:b0:b7:46:7f:
bb:ef:70:1a:3e:3a:55:5c:7b:d8:1e:13:64:42:27:
36:5f:c4:0d:84:0a:69:79:af:0a:4c:33:41:5d:54:
62:35:6d:58:af:01:6a:83:67:45:14:da:71:42:3f:
4c:c2:0a:c4:29:02:dc:5a:4b:4e:8f:1d:2e:a2:dc:
7a:8e:10:85:d6:79:fa:c6:fb:9a:e5:70:db:d1:02:
d3:21:7f:a7:76:a2:a9:81:61:cf:48:b3:58:12:62:
42:d1:ae:b1:19:07:93:d5:a8:09:82:6b:fe:a8:31:
19:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:94:E1:B2:86:6F:38:41:5E:7E:BA:E0:CB:84:3A:6B:45:F3:5E:E0
X509v3 Authority Key Identifier:
keyid:EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/9ZThsoZvOEFefrrgy4Q6a0XzXuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/7LYS4fa02D-KXVUs87YO3SO_6fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e581::/48
2a03:e581:4::/48
Signature Algorithm: sha256WithRSAEncryption
51:23:ea:8d:bd:0b:36:d8:a5:cd:ee:59:1e:6b:7a:e3:74:8a:
61:ee:7b:21:4f:b9:ef:0d:fe:a6:cd:ef:78:e1:63:4a:60:b2:
c6:4b:77:a3:5c:e0:b8:59:d0:08:df:8f:38:49:c2:b6:ed:75:
a1:3c:ed:f9:0d:8e:d6:5d:c3:e2:3c:97:37:de:6a:d2:25:c3:
ed:9b:17:3f:85:72:99:5b:20:99:a1:23:7b:ff:92:c2:e2:f6:
19:6f:7d:c6:61:1f:3c:e7:89:9f:7c:25:3f:4e:15:93:fb:80:
47:f5:5a:d7:5a:8a:d3:36:c9:93:f2:ea:9c:03:93:1f:9d:8e:
cb:56:37:71:3f:b1:d3:71:4f:87:77:12:db:c8:64:f5:66:7a:
b4:a3:62:a3:74:54:d1:20:70:0b:d7:1e:8b:c7:9c:21:0b:bf:
b4:d8:2d:e5:78:b6:28:49:78:5a:97:2b:76:cc:e8:a8:03:59:
d2:d7:06:6c:81:bd:ed:5f:35:b2:d9:0e:80:29:22:97:d4:4e:
e7:f3:bb:7d:04:9e:28:25:5e:80:ac:74:6c:90:0c:53:7f:e7:
f9:d1:3b:ef:33:1c:8a:97:f4:89:a2:e7:15:d8:f8:24:0e:7c:
c2:13:cb:14:23:32:a2:5e:ff:b4:18:6a:3b:d4:e3:b6:c0:80:
d8:62:d1:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuiwx59EYEidLrz2GXSG5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjYxMmUxZjZiNGQ4M2Y4YTVkNTUyY2YzYjYwZWRkMjNi
ZmU5ZjQwHhcNMjMwMTAxMTgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk0ZTFiMjg2NmYzODQxNWU3ZWJhZTBjYjg0M2E2YjQ1ZjM1ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNUEj35zZsjgPAd5b/lSgKjvUpV/
Qn5jNxYJz6n6FdOSTqHSsMfwEL9s9ptVY0E0kKNKN/zzELZpgmNBzQEPDZEj/DYc
l/LmxGQ/Qy+BvMg0oTWdbnoQKp3JiqB7oew0AtTRThSSjeNaK4L445C66lzfGvBO
zpPeXDipKimn9KaaQAMsFyX+zCb4BhAAZp1sarC3Rn+773AaPjpVXHvYHhNkQic2
X8QNhAppea8KTDNBXVRiNW1YrwFqg2dFFNpxQj9MwgrEKQLcWktOjx0uotx6jhCF
1nn6xvua5XDb0QLTIX+ndqKpgWHPSLNYEmJC0a6xGQeT1agJgmv+qDEZCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPWU4bKGbzhBXn664MuEOmtF817gMB8GA1UdIwQY
MBaAFOy2EuH2tNg/il1VLPO2Dt0jv+n0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xZUzRmYTAyRC1LWFZVczg3WU8zU09fNmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81Y2Q4ODQtNzlmNS00ODNkLTkwNGEt
OTZmZTE5MTFkMGIzLzEvOVpUaHNvWnZPRUZlZnJyZ3k0UTZhMFh6WHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81Y2Q4ODQtNzlmNS00ODNkLTkwNGEtOTZmZTE5MTFkMGIz
LzEvN0xZUzRmYTAyRC1LWFZVczg3WU8zU09fNmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgPlgQAA
AwcAKgPlgQAEMA0GCSqGSIb3DQEBCwUAA4IBAQBRI+qNvQs22KXN7lkea3rjdIph
7nshT7nvDf6mze944WNKYLLGS3ejXOC4WdAI3484ScK27XWhPO35DY7WXcPiPJc3
3mrSJcPtmxc/hXKZWyCZoSN7/5LC4vYZb33GYR8854mffCU/ThWT+4BH9VrXWorT
NsmT8uqcA5MfnY7LVjdxP7HTcU+HdxLbyGT1Znq0o2KjdFTRIHAL1x6Lx5whC7+0
2C3leLYoSXhalyt2zOioA1nS1wZsgb3tXzWy2Q6AKSKX1E7n87t9BJ4oJV6ArHRs
kAxTf+f50TvvMxyKl/SJoucV2PgkDnzCE8sUIzKiXv+0GGo71OO2wIDYYtF7
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:20 2025 by rpki-client