Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5mdtsYDOi7W7yUQ1jWdXGINX6wg.roa
File: 5mdtsYDOi7W7yUQ1jWdXGINX6wg.roa (raw, json)
Hash identifier: 0Fj0KFQbjVbyo70dnTr5h0BuJQQK7VWmIrq9h4il5II=
Subject key identifier: E6:67:6D:B1:80:CE:8B:B5:BB:C9:44:35:8D:67:57:18:83:57:EB:08
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0189FF442B570FFF8F6664CA4EFA54946382
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5mdtsYDOi7W7yUQ1jWdXGINX6wg.roa
Signing time: Wed 16 Aug 2023 16:53:24 +0000
ROA not before: Wed 16 Aug 2023 16:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210712
IP address blocks: 2a02:17a0::/30 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:44:2b:57:0f:ff:8f:66:64:ca:4e:fa:54:94:63:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Aug 16 16:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6676db180ce8bb5bbc944358d6757188357eb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9a:3b:5a:78:f5:a5:a9:23:56:15:31:a6:e9:
1e:91:44:94:61:71:e3:81:8e:30:3d:2e:21:8c:91:
47:66:5f:02:5b:12:47:7e:be:ba:f1:3d:54:d4:10:
d5:20:39:6f:55:8c:bd:ca:74:96:aa:c3:36:6f:c9:
99:54:6c:e4:a0:ac:fc:d2:af:31:7d:6c:6d:64:42:
ac:b3:bf:a2:0f:d8:ee:2e:46:84:33:08:c9:69:d9:
22:4c:99:83:a7:d4:93:be:28:c0:33:d6:17:e5:9f:
ae:aa:1c:bd:da:94:ee:9d:1b:c8:7e:24:b9:69:f4:
0b:f6:09:bf:27:35:ac:67:9e:51:bb:45:f5:77:f2:
1b:4a:71:c5:a8:50:af:a2:81:05:43:99:76:a9:ed:
11:93:4c:78:a5:3e:a2:d0:a2:60:ad:8e:ab:a9:12:
39:ac:fa:89:f2:14:db:bf:f8:8d:c1:1d:de:24:50:
bc:d9:59:a0:2b:00:17:b4:da:1b:f8:09:56:e4:8a:
71:ca:ed:d1:45:09:c7:8d:8e:07:25:21:a4:90:5f:
86:51:74:e2:d6:9e:90:5c:05:dc:f4:7e:4c:db:88:
79:ca:b4:1f:85:20:44:2a:d2:25:d5:a0:e8:eb:7b:
61:10:51:4c:e1:67:e8:2f:2a:4b:9e:d9:c5:80:94:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:67:6D:B1:80:CE:8B:B5:BB:C9:44:35:8D:67:57:18:83:57:EB:08
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5mdtsYDOi7W7yUQ1jWdXGINX6wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17a0::/30
Signature Algorithm: sha256WithRSAEncryption
b5:14:08:e5:3b:e2:1b:d3:38:78:ad:e9:3e:1a:6c:81:41:0b:
8a:59:72:58:5b:87:67:4d:15:f2:f4:3b:e0:eb:cd:c8:76:e8:
47:8c:09:ff:cd:7e:25:41:e4:48:23:10:d7:33:a9:e1:b4:64:
55:1b:a2:c3:32:d2:56:78:e8:4f:0b:c8:4f:0b:6d:3b:eb:2c:
03:5c:78:b8:e0:3f:2c:5a:ca:4b:29:28:9b:0b:b1:38:52:7a:
6e:45:fb:bb:e1:f2:65:dd:a5:d0:6a:56:16:95:5b:f9:f7:81:
db:d4:dd:b8:25:5b:72:f5:f4:44:c4:5e:4f:6d:d3:2e:9f:bb:
1f:ce:96:ff:2c:d9:4d:77:69:0a:6f:63:e4:ea:8e:e6:b4:23:
b2:3f:fe:46:f0:99:9d:6e:8b:c0:7f:2f:75:c9:f7:ec:f8:02:
9f:bc:72:a1:3b:1b:74:e3:15:55:9c:9d:4d:99:4b:eb:4d:21:
81:9f:ab:98:54:5b:1c:c6:ec:f7:f3:31:10:c3:23:e5:92:cd:
31:b2:5b:e5:ce:07:95:8a:69:31:71:70:57:ff:d0:ed:02:01:
0d:51:02:bf:f3:2d:20:92:14:05:3c:ef:2c:06:50:ad:3b:4e:
52:78:6c:39:ca:c8:d3:72:d8:72:b0:ea:3f:da:2e:33:71:5c:
d2:fa:cd:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYn/RCtXD/+PZmTKTvpUlGOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwODE2MTY1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY3NmRiMTgwY2U4YmI1YmJjOTQ0MzU4ZDY3NTcxODgzNTdlYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5o7Wnj1pakjVhUxpukekUSUYXHj
gY4wPS4hjJFHZl8CWxJHfr668T1U1BDVIDlvVYy9ynSWqsM2b8mZVGzkoKz80q8x
fWxtZEKss7+iD9juLkaEMwjJadkiTJmDp9STvijAM9YX5Z+uqhy92pTunRvIfiS5
afQL9gm/JzWsZ55Ru0X1d/IbSnHFqFCvooEFQ5l2qe0Rk0x4pT6i0KJgrY6rqRI5
rPqJ8hTbv/iNwR3eJFC82VmgKwAXtNob+AlW5Ipxyu3RRQnHjY4HJSGkkF+GUXTi
1p6QXAXc9H5M24h5yrQfhSBEKtIl1aDo63thEFFM4WfoLypLntnFgJRtXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOZnbbGAzou1u8lENY1nVxiDV+sIMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvNW1kdHNZRE9pN1c3eVVRMWpXZFhHSU5YNndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgIXoDAN
BgkqhkiG9w0BAQsFAAOCAQEAtRQI5TviG9M4eK3pPhpsgUELillyWFuHZ00V8vQ7
4OvNyHboR4wJ/81+JUHkSCMQ1zOp4bRkVRuiwzLSVnjoTwvITwttO+ssA1x4uOA/
LFrKSykomwuxOFJ6bkX7u+HyZd2l0GpWFpVb+feB29TduCVbcvX0RMReT23TLp+7
H86W/yzZTXdpCm9j5OqO5rQjsj/+RvCZnW6LwH8vdcn37PgCn7xyoTsbdOMVVZyd
TZlL600hgZ+rmFRbHMbs9/MxEMMj5ZLNMbJb5c4HlYppMXFwV//Q7QIBDVECv/Mt
IJIUBTzvLAZQrTtOUnhsOcrI03LYcrDqP9ouM3Fc0vrNwA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:34 2025 by rpki-client