Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/kKfNGnylGPPnyFWrDq6Gt5O9k3Y.roa
File: kKfNGnylGPPnyFWrDq6Gt5O9k3Y.roa (raw, json)
Hash identifier: AAPgWVhWpj3p/Uv4ae5KWF0qHGUsUeUwyAWNgqcx+fY=
Subject key identifier: 90:A7:CD:1A:7C:A5:18:F3:E7:C8:55:AB:0E:AE:86:B7:93:BD:93:76
Certificate issuer: /CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Certificate serial: 01856ED4A2CA42F60E664E72FE3038E8F6A0
Authority key identifier: 9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/kKfNGnylGPPnyFWrDq6Gt5O9k3Y.roa
Signing time: Sun 01 Jan 2023 19:35:07 +0000
ROA not before: Sun 01 Jan 2023 19:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57707
IP address blocks: 2a03:a900:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a2:ca:42:f6:0e:66:4e:72:fe:30:38:e8:f6:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Validity
Not Before: Jan 1 19:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90a7cd1a7ca518f3e7c855ab0eae86b793bd9376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4b:0a:69:d6:5a:16:60:ab:8c:6f:cd:37:89:
31:46:11:2e:d2:58:e9:25:e6:8a:17:ae:d0:c8:94:
29:d8:d2:7d:03:67:a4:34:a8:46:ac:a9:b8:9e:0b:
46:cd:b8:b7:90:d4:b8:60:37:4a:0b:ac:8d:9e:dc:
b7:86:60:af:47:0f:e7:63:23:24:5d:8d:55:fb:40:
2a:df:97:68:56:45:c8:9f:68:13:9a:b6:c3:d9:09:
a5:52:dc:b1:da:cd:ef:25:c9:01:5d:2b:0b:41:84:
e0:68:d3:72:c8:4a:50:19:cd:19:e9:0c:c0:2c:bd:
96:07:51:28:57:64:cd:93:ba:98:b8:64:a4:6b:24:
27:ad:fd:ee:66:62:ae:d8:50:c6:c0:fa:0a:89:59:
1a:7b:c3:ae:77:a6:b8:68:1f:eb:da:2e:4a:64:0c:
98:f6:9d:c9:17:85:71:79:ab:48:17:0c:85:1a:ce:
dd:6f:4a:8c:a7:49:1a:f9:89:78:91:a4:dd:ea:f7:
1d:06:7b:a6:ac:35:4e:5f:c1:e2:93:31:5d:24:fa:
24:36:b8:c1:63:2c:f1:7a:a9:ad:88:44:92:ff:0b:
ab:1f:d7:f5:d6:9a:ff:aa:c8:07:b3:e9:68:6d:43:
f1:0e:39:d1:1d:0e:b9:b3:94:3a:76:08:4b:e3:05:
ac:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A7:CD:1A:7C:A5:18:F3:E7:C8:55:AB:0E:AE:86:B7:93:BD:93:76
X509v3 Authority Key Identifier:
keyid:9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/kKfNGnylGPPnyFWrDq6Gt5O9k3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:a900:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
ad:1e:da:c3:ad:48:d7:ac:ef:51:cd:a0:76:b2:7e:76:80:24:
7a:b8:64:81:02:9c:53:e1:c6:fb:95:b2:93:bb:a4:7d:59:2d:
e4:35:d0:24:fc:a2:81:68:92:3a:f0:d8:75:75:9d:e8:bc:a1:
aa:2c:6e:d7:ed:d9:9c:5e:8d:4c:87:8d:2c:31:4a:02:b3:ac:
89:d6:b1:3d:15:3f:4a:b6:d5:48:5f:bc:59:5f:99:aa:07:3a:
13:df:85:3f:83:c1:2b:d3:06:48:fa:81:00:4d:ac:05:e1:ab:
e6:e5:b7:eb:e6:8d:6c:57:d0:0f:88:02:5c:bb:76:56:d8:81:
2b:fe:5c:90:cf:75:f3:cc:b0:06:82:c0:39:e4:84:a3:9a:02:
0b:af:4f:19:8e:66:38:f8:1f:7c:99:0c:4c:61:18:4a:d4:11:
6d:46:41:ee:a8:6b:cf:25:80:0c:35:8a:f4:48:86:80:b7:60:
58:fb:a3:8b:6a:ba:0e:58:2e:94:9a:e5:73:e8:b4:8f:40:8a:
86:c9:31:28:f9:df:a2:a4:6a:b6:97:01:7b:68:92:34:e9:51:
c8:d0:33:32:ba:2b:c5:cb:68:3e:84:92:20:90:b1:25:0f:52:
95:f6:53:a8:33:c1:24:6c:e2:7c:6c:0f:65:df:87:17:c3:cb:
d3:68:52:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1KLKQvYOZk5y/jA46PagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODE1MWFlMTY0YTViNzgyYjEwM2RlN2Y3YzhhODk0ODkz
MmFlYmYwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE3Y2QxYTdjYTUxOGYzZTdjODU1YWIwZWFlODZiNzkzYmQ5Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEsKadZaFmCrjG/NN4kxRhEu0ljp
JeaKF67QyJQp2NJ9A2ekNKhGrKm4ngtGzbi3kNS4YDdKC6yNnty3hmCvRw/nYyMk
XY1V+0Aq35doVkXIn2gTmrbD2QmlUtyx2s3vJckBXSsLQYTgaNNyyEpQGc0Z6QzA
LL2WB1EoV2TNk7qYuGSkayQnrf3uZmKu2FDGwPoKiVkae8Oud6a4aB/r2i5KZAyY
9p3JF4VxeatIFwyFGs7db0qMp0ka+Yl4kaTd6vcdBnumrDVOX8HikzFdJPokNrjB
YyzxeqmtiESS/wurH9f11pr/qsgHs+lobUPxDjnRHQ65s5Q6dghL4wWskwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJCnzRp8pRjz58hVqw6uhreTvZN2MB8GA1UdIwQY
MBaAFJuBUa4WSlt4KxA95/fIqJSJMq6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWIt
ZGExZmU5ZWJlZThlLzEva0tmTkdueWxHUFBueUZXckRxNkd0NU85azNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWItZGExZmU5ZWJlZThl
LzEvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOpAP//
MA0GCSqGSIb3DQEBCwUAA4IBAQCtHtrDrUjXrO9RzaB2sn52gCR6uGSBApxT4cb7
lbKTu6R9WS3kNdAk/KKBaJI68Nh1dZ3ovKGqLG7X7dmcXo1Mh40sMUoCs6yJ1rE9
FT9KttVIX7xZX5mqBzoT34U/g8Er0wZI+oEATawF4avm5bfr5o1sV9APiAJcu3ZW
2IEr/lyQz3XzzLAGgsA55ISjmgILr08ZjmY4+B98mQxMYRhK1BFtRkHuqGvPJYAM
NYr0SIaAt2BY+6OLaroOWC6UmuVz6LSPQIqGyTEo+d+ipGq2lwF7aJI06VHI0DMy
uivFy2g+hJIgkLElD1KV9lOoM8EkbOJ8bA9l34cXw8vTaFLn
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:57 2025 by rpki-client