Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4616d7-e808-4e47-a646-5b2f90df796d/1/cn4nDgUBXjmVepXtMEy_TzaPivA.roa
File: cn4nDgUBXjmVepXtMEy_TzaPivA.roa (raw, json)
Hash identifier: 4QCiik0WFD/ERVJApnr5f4XDXx2UAVdKrurmKbK6QlA=
Subject key identifier: 72:7E:27:0E:05:01:5E:39:95:7A:95:ED:30:4C:BF:4F:36:8F:8A:F0
Certificate issuer: /CN=16fe0d024cddbaf868229122158971472b24cb4d
Certificate serial: 01856FCBABE7D27EF05B40F0C7232DDA4A41
Authority key identifier: 16:FE:0D:02:4C:DD:BA:F8:68:22:91:22:15:89:71:47:2B:24:CB:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fv4NAkzduvhoIpEiFYlxRysky00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4616d7-e808-4e47-a646-5b2f90df796d/1/cn4nDgUBXjmVepXtMEy_TzaPivA.roa
Signing time: Mon 02 Jan 2023 00:04:56 +0000
ROA not before: Mon 02 Jan 2023 00:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57048
IP address blocks: 2a0e:f7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:ab:e7:d2:7e:f0:5b:40:f0:c7:23:2d:da:4a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16fe0d024cddbaf868229122158971472b24cb4d
Validity
Not Before: Jan 2 00:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=727e270e05015e39957a95ed304cbf4f368f8af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:15:c3:05:44:f3:31:ec:79:d1:a8:8a:23:
44:bb:18:e2:36:0e:30:f7:93:4b:dd:cf:6f:fb:e1:
3a:dd:52:38:6d:66:3d:bc:e3:ce:dd:b1:50:38:dd:
27:e6:e2:d6:b8:ea:0e:23:97:cb:2d:13:6d:28:c5:
26:f0:c1:e9:48:c9:14:41:c0:ec:44:3f:8e:a0:b6:
57:2c:5d:80:95:81:e3:91:3e:ae:46:c0:c3:4c:5a:
8c:e6:8f:7e:bc:bb:5d:0b:29:d3:d0:02:16:4b:4d:
e9:49:fd:05:95:e2:43:01:b9:94:dc:53:d3:09:38:
4b:e7:cd:37:b4:2e:df:71:8e:1b:84:ba:57:f2:bd:
aa:b7:3a:79:ec:81:73:55:33:9a:4e:52:f1:6a:ab:
79:94:f7:8a:94:04:fa:be:f2:70:96:2c:47:c4:18:
4b:b9:8a:97:ea:17:e7:95:e0:f3:9c:0e:ba:1f:1c:
eb:ea:de:6e:cb:45:f1:0b:c4:c9:51:60:1f:2b:26:
a5:40:79:7e:65:3e:15:1d:80:7e:d1:35:f7:55:86:
4f:f6:a8:6a:33:dd:62:a3:c8:11:3b:2b:f3:c6:fa:
8c:b7:be:29:bd:3f:4b:b1:be:89:e7:9c:ef:03:8a:
93:56:10:a5:a2:75:ba:6f:d5:32:9c:52:e9:c9:de:
be:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7E:27:0E:05:01:5E:39:95:7A:95:ED:30:4C:BF:4F:36:8F:8A:F0
X509v3 Authority Key Identifier:
keyid:16:FE:0D:02:4C:DD:BA:F8:68:22:91:22:15:89:71:47:2B:24:CB:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fv4NAkzduvhoIpEiFYlxRysky00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4616d7-e808-4e47-a646-5b2f90df796d/1/cn4nDgUBXjmVepXtMEy_TzaPivA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4616d7-e808-4e47-a646-5b2f90df796d/1/Fv4NAkzduvhoIpEiFYlxRysky00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:a7:39:62:4d:77:0a:86:bd:fe:b6:1e:12:49:cf:37:ec:94:
ab:13:c2:bd:4b:4f:f2:3b:dc:10:1b:3e:d1:43:78:fc:27:80:
96:5d:06:a1:46:93:8f:79:e6:c6:6a:01:a2:3d:8a:32:fd:cc:
f2:61:c4:6f:a3:e2:a9:7c:01:fe:91:62:28:81:e8:dc:12:38:
8f:0e:c4:de:e2:e0:c7:d3:11:9c:83:2a:2f:ca:33:14:a9:39:
e9:64:2f:c2:e4:9d:6c:3c:19:dc:16:70:10:db:2a:5a:d2:24:
59:9b:54:7a:eb:7d:7b:ad:e8:22:ab:33:09:36:9e:66:e7:72:
f7:b7:ba:e6:27:88:13:06:41:4a:98:9c:60:83:7f:83:5a:d2:
41:e9:30:ae:1e:a6:4f:30:fd:49:2f:f3:52:b2:ac:ee:c0:26:
c4:e8:54:48:fc:32:2b:e8:bd:36:91:6d:4d:80:0f:a9:5f:38:
d0:c7:75:7a:20:43:2f:6d:b9:09:d0:f4:32:55:62:b9:92:cf:
0f:b4:f8:68:0d:53:8c:0d:ac:97:09:ca:47:0f:6c:32:fe:d5:
fc:b1:04:4b:9d:87:66:f2:a2:ad:39:29:61:9e:3a:f7:27:d4:
0b:c1:69:e7:9b:f9:6f:96:02:1d:24:6a:f9:9b:45:cf:16:7e:
a5:9d:7c:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvy6vn0n7wW0DwxyMt2kpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZmUwZDAyNGNkZGJhZjg2ODIyOTEyMjE1ODk3MTQ3MmIy
NGNiNGQwHhcNMjMwMTAyMDAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdlMjcwZTA1MDE1ZTM5OTU3YTk1ZWQzMDRjYmY0ZjM2OGY4YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo54VwwVE8zHsedGoiiNEuxjiNg4w
95NL3c9v++E63VI4bWY9vOPO3bFQON0n5uLWuOoOI5fLLRNtKMUm8MHpSMkUQcDs
RD+OoLZXLF2AlYHjkT6uRsDDTFqM5o9+vLtdCynT0AIWS03pSf0FleJDAbmU3FPT
CThL5803tC7fcY4bhLpX8r2qtzp57IFzVTOaTlLxaqt5lPeKlAT6vvJwlixHxBhL
uYqX6hfnleDznA66Hxzr6t5uy0XxC8TJUWAfKyalQHl+ZT4VHYB+0TX3VYZP9qhq
M91io8gROyvzxvqMt74pvT9Lsb6J55zvA4qTVhClonW6b9UynFLpyd6+AQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHJ+Jw4FAV45lXqV7TBMv082j4rwMB8GA1UdIwQY
MBaAFBb+DQJM3br4aCKRIhWJcUcrJMtNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnY0TkFremR1dmhvSXBFaUZZbHhSeXNreTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80NjE2ZDctZTgwOC00ZTQ3LWE2NDYt
NWIyZjkwZGY3OTZkLzEvY240bkRnVUJYam1WZXBYdE1FeV9UemFQaXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80NjE2ZDctZTgwOC00ZTQ3LWE2NDYtNWIyZjkwZGY3OTZk
LzEvRnY0TkFremR1dmhvSXBFaUZZbHhSeXNreTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg73wDAN
BgkqhkiG9w0BAQsFAAOCAQEAAqc5Yk13Coa9/rYeEknPN+yUqxPCvUtP8jvcEBs+
0UN4/CeAll0GoUaTj3nmxmoBoj2KMv3M8mHEb6PiqXwB/pFiKIHo3BI4jw7E3uLg
x9MRnIMqL8ozFKk56WQvwuSdbDwZ3BZwENsqWtIkWZtUeut9e63oIqszCTaeZudy
97e65ieIEwZBSpicYIN/g1rSQekwrh6mTzD9SS/zUrKs7sAmxOhUSPwyK+i9NpFt
TYAPqV840Md1eiBDL225CdD0MlViuZLPD7T4aA1TjA2slwnKRw9sMv7V/LEES52H
ZvKirTkpYZ469yfUC8Fp55v5b5YCHSRq+ZtFzxZ+pZ188g==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:18:22 2025 by rpki-client