Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1-gdeExiv_NK5gQtZq8xw82X2A_c.roa
File: 1-gdeExiv_NK5gQtZq8xw82X2A_c.roa (raw, json)
Hash identifier: qiE+WHe1fnC2PIo2D01HlPGJ0HB07syjhZfLQM4Wj28=
Subject key identifier: FA:07:5E:13:18:AF:FC:D2:B9:81:0B:59:AB:CC:70:F3:65:F6:03:F7
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 089717DB
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1-gdeExiv_NK5gQtZq8xw82X2A_c.roa
Signing time: Sat 01 Jan 2022 02:51:46 +0000
ROA not before: Sat 01 Jan 2022 02:51:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1764
IP address blocks: 2a03:e600::/32 maxlen: 32
2001:678:c1c::/48 maxlen: 48
2a01:190::/29 maxlen: 32
2a04:9300::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144119771 (0x89717db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 02:51:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa075e1318affcd2b9810b59abcc70f365f603f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:72:de:0d:42:7e:c3:4a:22:51:9f:4c:48:
dc:ad:e2:e8:80:1d:b9:1d:72:c8:08:23:77:99:91:
21:b0:f2:c7:7c:b0:8d:b0:65:44:e8:cf:21:05:0c:
58:c7:b6:00:5b:f3:b7:03:8f:57:55:c6:d9:45:c3:
3f:71:77:3f:26:6f:2c:3f:e8:a8:48:ce:b9:f3:eb:
44:53:fa:1e:c0:5b:7f:c1:f6:62:9b:c8:ec:9e:39:
14:46:2c:b8:79:12:20:ac:7c:85:0c:ef:00:0c:d5:
33:60:97:64:e2:c1:34:ab:01:a7:bb:bc:9b:8c:9e:
71:26:36:b9:3b:e9:ad:f6:99:11:a1:10:f4:03:29:
20:41:67:0e:d7:0f:31:9f:ad:57:2f:55:b6:b7:45:
10:d4:1e:bf:4d:27:9d:ee:8c:ec:13:ac:1e:50:8e:
a8:19:14:c7:d0:e0:cf:fa:e3:e9:f4:21:d1:0c:9f:
77:8c:16:b6:d9:54:2d:0b:56:9c:8e:a4:4f:4b:34:
3b:f4:8c:c5:a0:cf:62:46:a7:b2:7a:4a:33:23:84:
5c:d0:15:43:ef:82:66:23:be:a4:89:b9:1d:c7:d5:
1b:d6:e2:ff:c7:45:b4:4f:07:fb:a5:d9:55:45:73:
33:14:08:2f:25:d6:de:50:b3:f1:b7:90:17:83:02:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:07:5E:13:18:AF:FC:D2:B9:81:0B:59:AB:CC:70:F3:65:F6:03:F7
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1-gdeExiv_NK5gQtZq8xw82X2A_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c1c::/48
2a01:190::/29
2a03:e600::/32
2a04:9300::/29
Signature Algorithm: sha256WithRSAEncryption
99:09:03:2f:14:d0:b9:5a:11:57:63:93:29:f0:8b:8f:29:4d:
be:64:39:cf:6d:97:29:7c:91:bc:03:2e:3b:11:63:ed:42:1e:
27:e6:d2:45:f3:ad:1b:f7:75:75:ee:f7:6e:78:68:1e:cd:51:
bf:70:78:39:5f:0e:be:9a:d0:43:99:3a:c1:58:31:6d:e2:27:
b4:2b:44:15:cd:b8:c8:6e:d2:18:ea:e2:57:77:2c:f8:57:92:
c6:04:18:88:ea:45:72:32:da:58:d7:71:04:6f:3b:c9:64:96:
ba:45:87:ae:f1:56:c8:f1:20:25:71:68:3e:30:ba:cb:5c:1d:
4f:06:0b:03:25:10:4d:fe:0f:39:12:77:2c:e7:3b:6e:96:e8:
7d:25:48:26:e9:12:59:25:b7:37:bb:cb:58:5f:c1:b4:0c:da:
67:91:9d:87:a9:80:f3:06:56:5f:58:c2:f6:cd:05:42:60:65:
f7:a0:25:43:f3:66:7d:9c:15:ba:31:57:6d:79:d6:bb:6d:f8:
65:ea:a0:5e:97:4c:fb:a2:a2:7c:ab:95:77:ad:a9:f7:be:9f:
54:70:6f:54:12:1b:38:9a:12:d1:8b:fa:99:7d:a7:ac:8d:c1:
ab:94:fb:05:28:a7:77:3a:cb:87:a0:7f:a1:4c:c8:ff:f6:a7:
f4:80:c7:8e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECJcX2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjczZDg0OWI3ZDUwNDczNzZkNTdlNmY3OTZmMDAxOGI3MGI0NTA2MB4XDTIyMDEw
MTAyNTE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEwNzVlMTMxOGFm
ZmNkMmI5ODEwYjU5YWJjYzcwZjM2NWY2MDNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALs8ct4NQn7DSiJRn0xI3K3i6IAduR1yyAgjd5mRIbDyx3yw
jbBlROjPIQUMWMe2AFvztwOPV1XG2UXDP3F3PyZvLD/oqEjOufPrRFP6HsBbf8H2
YpvI7J45FEYsuHkSIKx8hQzvAAzVM2CXZOLBNKsBp7u8m4yecSY2uTvprfaZEaEQ
9AMpIEFnDtcPMZ+tVy9VtrdFENQev00nne6M7BOsHlCOqBkUx9Dgz/rj6fQh0Qyf
d4wWttlULQtWnI6kT0s0O/SMxaDPYkansnpKMyOEXNAVQ++CZiO+pIm5HcfVG9bi
/8dFtE8H+6XZVUVzMxQILyXW3lCz8beQF4MCwtkCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT6B14TGK/80rmBC1mrzHDzZfYD9zAfBgNVHSMEGDAWgBTWc9hJt9UEc3bV
fm95bwAYtwtFBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFuUFlTYmZWQkhOMjFYNXZlVzhBR0xjTFJRWS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8x
LzEtZ2RlRXhpdl9OSzVnUXRacTh4dzgyWDJBX2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5
LzJlY2U2Mi0xZDhjLTQ1MGMtOTFlOC04ZWViNzU3Y2Y1NDUvMS8xblBZU2JmVkJI
TjIxWDV2ZVc4QUdMY0xSUVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NwYIKwYBBQUHAQcBAf8EKDAmMCQEAgACMB4DBwAgAQZ4DBwDBQMqAQGQAwUAKgPm
AAMFAyoEkwAwDQYJKoZIhvcNAQELBQADggEBAJkJAy8U0LlaEVdjkynwi48pTb5k
Oc9tlyl8kbwDLjsRY+1CHifm0kXzrRv3dXXu9254aB7NUb9weDlfDr6a0EOZOsFY
MW3iJ7QrRBXNuMhu0hjq4ld3LPhXksYEGIjqRXIy2ljXcQRvO8lklrpFh67xVsjx
ICVxaD4wustcHU8GCwMlEE3+DzkSdyznO26W6H0lSCbpElkltze7y1hfwbQM2meR
nYepgPMGVl9YwvbNBUJgZfegJUPzZn2cFboxV2151rtt+GXqoF6XTPuionyrlXet
qfe+n1Rwb1QSGziaEtGL+pl9p6yNwauU+wUop3c6y4egf6FMyP/2p/SAx44=
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:42:33 2025 by rpki-client