Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/5Zk61wOW74wmebh9apzkK-Hzd1o.roa
File: 5Zk61wOW74wmebh9apzkK-Hzd1o.roa (raw, json)
Hash identifier: lzQ77Gc+2o9CFnjVbEJfU5Zl4J2Ev/N870xG0qr4zsQ=
Subject key identifier: E5:99:3A:D7:03:96:EF:8C:26:79:B8:7D:6A:9C:E4:2B:E1:F3:77:5A
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 018571DE8BE55183BE9F8EAB16AB3483E862
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/5Zk61wOW74wmebh9apzkK-Hzd1o.roa
Signing time: Mon 02 Jan 2023 09:44:48 +0000
ROA not before: Mon 02 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206925
IP address blocks: 2a04:2b00:119::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8b:e5:51:83:be:9f:8e:ab:16:ab:34:83:e8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 2 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5993ad70396ef8c2679b87d6a9ce42be1f3775a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:aa:42:96:11:59:07:c9:52:dd:d4:14:c5:
0d:4c:88:24:c9:1b:c2:c2:38:28:0f:da:5d:9f:3c:
bd:fc:02:f8:77:01:11:dc:81:07:aa:c8:d3:fc:31:
8c:4b:cb:cf:72:cf:73:0d:73:dd:76:c6:44:b1:75:
8c:e7:a1:a7:6d:2c:17:a2:25:db:8d:f2:d1:46:82:
4e:03:7a:56:d9:3a:69:3d:3d:1d:25:21:57:5f:45:
8a:62:64:ef:e0:9c:86:75:69:ae:87:86:2c:83:40:
61:ca:28:42:64:d5:43:cf:01:f7:21:ac:a0:46:29:
b3:95:1b:fc:1f:02:19:13:7c:3c:90:a1:f1:55:9a:
92:70:9c:6c:43:f1:57:ff:51:90:bc:35:67:21:d7:
1f:87:e5:20:5d:e0:43:ed:ce:fe:02:be:95:89:bf:
fd:05:a6:e9:90:d4:69:9a:b8:9f:97:30:f9:0a:b3:
35:22:ec:87:28:87:ec:6c:c9:41:3d:c5:e7:8e:71:
a1:6e:ab:a9:2f:04:38:12:97:dd:a3:b9:3a:95:c9:
0a:26:90:a0:ea:67:b4:86:95:51:63:ed:4a:b4:9a:
6c:52:46:16:a3:23:55:79:07:57:95:19:d8:13:4b:
d3:40:d0:71:fc:9c:e3:fb:6b:30:ec:4a:4c:30:08:
9e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:99:3A:D7:03:96:EF:8C:26:79:B8:7D:6A:9C:E4:2B:E1:F3:77:5A
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/5Zk61wOW74wmebh9apzkK-Hzd1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:119::/48
Signature Algorithm: sha256WithRSAEncryption
53:a0:db:8c:3c:dc:63:8b:7b:43:86:60:83:ab:57:4b:a1:c9:
64:03:6c:28:46:52:4b:4c:d7:53:8a:88:be:20:3d:f9:60:40:
06:a7:f5:53:8a:0b:a7:e7:77:13:70:4b:06:51:36:18:55:41:
2f:20:eb:fd:e9:95:4b:e0:23:85:c4:d5:c2:f9:0f:5f:1a:09:
09:5f:49:f0:83:72:19:b5:2e:15:dd:4d:2e:4d:5d:e1:a3:ad:
b7:b0:64:1d:eb:e6:0c:a3:5d:9a:9e:67:88:0c:54:a9:b5:f4:
56:cf:1a:d3:6b:2d:63:b0:38:9a:5f:1c:ca:56:8d:67:9c:33:
84:a3:11:d9:bc:f8:0b:39:91:c1:60:41:81:07:38:1a:d2:e6:
8b:5b:0b:33:80:30:4f:5e:6e:53:e1:ed:c8:5d:9e:d1:71:a4:
30:99:6d:df:7a:12:59:5d:02:98:4c:cc:1f:c7:cc:d4:0d:c1:
3b:16:2b:d4:a1:2f:9a:77:c2:5e:9f:3a:18:9b:43:43:33:96:
f6:6c:30:39:31:35:b0:0c:d6:97:0d:95:8f:e7:4e:d9:96:c6:
69:99:7d:91:bb:03:9f:9d:f0:f4:9d:f9:b1:c6:0f:bc:0c:d9:
7b:db:9d:b3:b7:a0:38:3f:c8:7b:28:0f:38:b1:f0:c5:75:3d:
be:fb:fb:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx3ovlUYO+n46rFqs0g+hiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjMwMTAyMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk5M2FkNzAzOTZlZjhjMjY3OWI4N2Q2YTljZTQyYmUxZjM3NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCiqQpYRWQfJUt3UFMUNTIgkyRvC
wjgoD9pdnzy9/AL4dwER3IEHqsjT/DGMS8vPcs9zDXPddsZEsXWM56GnbSwXoiXb
jfLRRoJOA3pW2TppPT0dJSFXX0WKYmTv4JyGdWmuh4Ysg0BhyihCZNVDzwH3Iayg
RimzlRv8HwIZE3w8kKHxVZqScJxsQ/FX/1GQvDVnIdcfh+UgXeBD7c7+Ar6Vib/9
BabpkNRpmriflzD5CrM1IuyHKIfsbMlBPcXnjnGhbqupLwQ4Epfdo7k6lckKJpCg
6me0hpVRY+1KtJpsUkYWoyNVeQdXlRnYE0vTQNBx/Jzj+2sw7EpMMAieBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOWZOtcDlu+MJnm4fWqc5Cvh83daMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvNVprNjF3T1c3NHdtZWJoOWFwemtLLUh6ZDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgQrAAEZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBToNuMPNxji3tDhmCDq1dLoclkA2woRlJLTNdT
ioi+ID35YEAGp/VTigun53cTcEsGUTYYVUEvIOv96ZVL4COFxNXC+Q9fGgkJX0nw
g3IZtS4V3U0uTV3ho623sGQd6+YMo12anmeIDFSptfRWzxrTay1jsDiaXxzKVo1n
nDOEoxHZvPgLOZHBYEGBBzga0uaLWwszgDBPXm5T4e3IXZ7RcaQwmW3fehJZXQKY
TMwfx8zUDcE7FivUoS+ad8JenzoYm0NDM5b2bDA5MTWwDNaXDZWP507ZlsZpmX2R
uwOfnfD0nfmxxg+8DNl7252zt6A4P8h7KA84sfDFdT2++/vz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:01 2025 by rpki-client