Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Uub8iKSvbluLw0C-SfN-BQBdQjQ.roa
File: Uub8iKSvbluLw0C-SfN-BQBdQjQ.roa (raw, json)
Hash identifier: cQydro2Ppbj3DjLlYHFNWnjKMqK7YEcKTgu1ZnVen0A=
Subject key identifier: 52:E6:FC:88:A4:AF:6E:5B:8B:C3:40:BE:49:F3:7E:05:00:5D:42:34
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B97D47D0D1179D3DE58F118A100033
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Uub8iKSvbluLw0C-SfN-BQBdQjQ.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196782
IP address blocks: 2a03:2a80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7d:47:d0:d1:17:9d:3d:e5:8f:11:8a:10:00:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e6fc88a4af6e5b8bc340be49f37e05005d4234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:02:5d:ba:91:a8:fd:5b:48:d5:db:fc:0f:38:
10:7f:9c:0b:15:19:46:ec:3b:c5:4b:7f:19:34:44:
93:6c:b8:13:d7:9b:97:12:e2:b0:a8:a8:05:7f:c0:
83:12:72:bf:44:be:6a:46:ec:55:4b:74:62:d4:5f:
49:f8:ad:08:f9:1a:97:50:5d:75:f2:65:50:25:22:
d1:71:88:f1:cd:a1:de:3e:80:1f:97:45:b1:56:74:
1f:3b:6e:63:e6:9c:bc:d1:3c:2e:b9:37:45:4c:fd:
25:6a:67:76:2a:98:ce:00:df:b8:53:21:81:5e:7a:
87:8d:b9:cb:ca:9a:ee:d3:f7:25:56:c5:70:82:87:
3f:c0:21:d3:98:ac:dd:0b:b6:27:40:ce:43:97:97:
18:90:b3:b0:d8:05:78:85:27:29:e3:24:6d:ec:bd:
98:be:07:86:c5:b6:92:54:ef:6c:f6:0b:91:67:42:
e7:2e:2c:23:4a:59:63:c2:a9:72:52:d9:9f:83:4c:
3d:32:b4:47:ad:a4:e3:81:c0:9a:fc:b6:70:e0:75:
32:d4:ea:ec:c8:f2:f7:ca:45:57:ac:ee:c3:f3:b7:
7c:d7:44:d5:3b:fb:49:0a:70:ca:ce:9d:70:e6:3a:
b7:d7:36:60:9d:52:b9:d9:f6:5c:45:c7:f5:a1:e4:
2a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E6:FC:88:A4:AF:6E:5B:8B:C3:40:BE:49:F3:7E:05:00:5D:42:34
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Uub8iKSvbluLw0C-SfN-BQBdQjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
b4:41:cd:4d:e1:f0:6f:b5:06:b0:e7:12:5f:96:75:28:a6:9d:
d1:00:50:d8:57:35:0c:16:1c:43:b6:52:1a:07:98:54:7c:60:
fa:99:f6:1a:96:fb:76:9f:5f:ac:91:ca:d1:ce:a6:c5:1f:0a:
b3:e0:c7:3b:79:3d:7b:2f:d7:e5:b6:e6:04:d1:f9:7e:4e:62:
01:5a:d0:c8:a1:09:c0:d9:0c:29:ec:70:c2:31:32:35:66:30:
58:d5:6e:11:e5:fc:b8:45:b7:a8:b1:f1:37:ed:da:98:61:d7:
aa:c8:73:d5:fe:f2:c4:19:54:3b:64:be:73:e1:2d:66:b8:19:
5d:11:34:97:b3:c0:2c:e6:4c:9f:fb:4c:6f:2e:b7:c2:b4:19:
f7:4b:f4:be:ee:66:6a:28:f7:e9:76:ff:1e:dd:10:95:a4:ae:
ac:08:6d:27:a7:98:87:bf:1b:a1:a1:65:0a:77:fe:a7:16:af:
da:c9:49:84:b9:ac:4c:db:6b:98:6c:31:31:6a:62:51:71:eb:
f1:14:22:c7:4e:72:78:a3:68:4d:e8:75:80:04:75:00:97:86:
fa:d9:7c:c6:52:01:87:8f:1d:46:26:42:4c:d5:cc:9f:5e:e2:
be:23:25:f4:20:65:03:82:d5:46:8f:ab:a9:20:ae:c9:da:02:
34:9e:d5:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwuX1H0NEXnT3ljxGKEAAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU2ZmM4OGE0YWY2ZTViOGJjMzQwYmU0OWYzN2UwNTAwNWQ0MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAJdupGo/VtI1dv8DzgQf5wLFRlG
7DvFS38ZNESTbLgT15uXEuKwqKgFf8CDEnK/RL5qRuxVS3Ri1F9J+K0I+RqXUF11
8mVQJSLRcYjxzaHePoAfl0WxVnQfO25j5py80TwuuTdFTP0lamd2KpjOAN+4UyGB
XnqHjbnLypru0/clVsVwgoc/wCHTmKzdC7YnQM5Dl5cYkLOw2AV4hScp4yRt7L2Y
vgeGxbaSVO9s9guRZ0LnLiwjSlljwqlyUtmfg0w9MrRHraTjgcCa/LZw4HUy1Ors
yPL3ykVXrO7D87d810TVO/tJCnDKzp1w5jq31zZgnVK52fZcRcf1oeQqBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFLm/Iikr25bi8NAvknzfgUAXUI0MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvVXViOGlLU3ZibHVMdzBDLVNmTi1CUUJkUWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgMqgDAN
BgkqhkiG9w0BAQsFAAOCAQEAtEHNTeHwb7UGsOcSX5Z1KKad0QBQ2Fc1DBYcQ7ZS
GgeYVHxg+pn2Gpb7dp9frJHK0c6mxR8Ks+DHO3k9ey/X5bbmBNH5fk5iAVrQyKEJ
wNkMKexwwjEyNWYwWNVuEeX8uEW3qLHxN+3amGHXqshz1f7yxBlUO2S+c+EtZrgZ
XRE0l7PALOZMn/tMby63wrQZ90v0vu5maij36Xb/Ht0QlaSurAhtJ6eYh78boaFl
Cnf+pxav2slJhLmsTNtrmGwxMWpiUXHr8RQix05yeKNoTeh1gAR1AJeG+tl8xlIB
h48dRiZCTNXMn17iviMl9CBlA4LVRo+rqSCuydoCNJ7Vbw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:36 2025 by rpki-client