Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/DFUz4zaX2bJBd8Ij4NKAlQS4ED8.roa
File: DFUz4zaX2bJBd8Ij4NKAlQS4ED8.roa (raw, json)
Hash identifier: gzOSRqK7Wac9SF8DhHilHY3ZXmiKGATRxAQHXpxzRhk=
Subject key identifier: 0C:55:33:E3:36:97:D9:B2:41:77:C2:23:E0:D2:80:95:04:B8:10:3F
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 09AF644D
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/DFUz4zaX2bJBd8Ij4NKAlQS4ED8.roa
Signing time: Mon 20 Jun 2022 09:26:45 +0000
ROA not before: Mon 20 Jun 2022 09:26:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:1b43::/32 maxlen: 32
2a0e:2b01::/32 maxlen: 32
2a0e:2b05::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
2a0e:2b04::/32 maxlen: 32
2a0e:1b40::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
2a0e:2b03::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a0e:2b00::/29 maxlen: 29
2a0e:2b07::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
2a0e:2b00::/32 maxlen: 32
2a0e:2b06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162489421 (0x9af644d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jun 20 09:26:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c5533e33697d9b24177c223e0d2809504b8103f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1d:6c:64:87:5e:2b:1a:23:04:b3:33:ed:6f:
c0:05:f3:60:d3:eb:9d:b7:44:e6:2e:d3:50:b4:1d:
eb:c1:20:16:a6:9a:ac:af:67:a1:9b:83:79:0a:bf:
96:94:01:17:e2:68:42:0c:bf:0e:c5:87:31:36:7d:
06:68:cc:5a:c5:37:59:7f:f6:64:79:f3:e7:42:aa:
04:60:44:41:e5:13:dc:ec:9f:ac:90:38:ed:56:2d:
d1:7c:4a:d7:22:8d:ad:92:ef:fa:dd:a4:46:dc:c3:
3e:15:35:18:b6:17:8e:80:8f:92:8b:df:7f:8b:2f:
ee:20:29:e7:71:ae:98:72:97:c8:1e:ef:4c:57:43:
3b:b2:1e:e7:62:0b:44:33:6f:28:74:08:0a:16:5b:
04:e9:bc:e3:4d:b1:bb:e7:ef:14:d9:f8:b1:f3:9b:
cb:09:ec:e4:6e:52:13:2d:e4:ab:60:01:4b:dc:03:
97:d2:e4:72:24:09:bc:87:df:82:d2:a3:ad:a4:00:
4a:4e:b1:b3:29:86:5c:df:b7:86:86:53:6e:15:4b:
22:c1:6e:c1:99:9c:e7:ca:0e:f4:00:6a:9c:d4:d6:
19:ed:9a:96:b2:c1:c1:79:f2:dc:e3:a6:1a:ed:09:
59:28:aa:72:7a:fc:8c:40:b4:bc:88:26:9e:5a:e1:
48:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:55:33:E3:36:97:D9:B2:41:77:C2:23:E0:D2:80:95:04:B8:10:3F
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/DFUz4zaX2bJBd8Ij4NKAlQS4ED8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
2a0e:2b00::/29
Signature Algorithm: sha256WithRSAEncryption
29:12:7c:b0:65:47:c4:4a:ff:43:26:17:a0:dd:5b:e4:da:73:
71:23:71:d2:f3:85:de:db:59:0a:c1:a0:ee:a4:98:f3:f1:d0:
d7:e6:68:d8:99:b5:93:06:2a:de:08:ae:35:6d:4d:5c:ea:bd:
e6:f8:14:6c:fc:f4:1b:a3:d5:8e:e8:b4:24:17:c2:af:df:54:
e3:b7:84:16:af:62:1c:2e:66:71:d4:62:14:18:f0:1e:ef:66:
46:b6:12:18:29:b7:88:1d:f4:12:a3:aa:1f:3e:c1:f5:92:d1:
f1:d9:6d:fe:c1:39:12:6f:80:51:6d:01:41:f8:30:c1:6c:18:
c2:26:05:e3:b8:a5:1c:52:b6:33:2f:95:f4:27:7d:eb:03:33:
b2:d4:17:26:ff:fb:e5:b0:04:58:47:0b:f0:e6:35:67:06:e9:
42:40:8b:05:31:41:ec:26:30:e5:21:d1:a3:2d:da:c9:87:51:
15:70:31:c7:2e:d4:14:33:ba:86:24:37:0f:5e:4d:9e:08:b4:
66:da:d2:ee:69:1b:c0:03:ac:18:c2:13:8f:32:ab:41:b7:03:
9a:03:63:c4:6f:4e:ab:23:48:eb:a4:fd:5e:66:89:95:5a:c5:
a9:25:b0:35:a0:75:96:76:fe:93:84:ec:93:2f:7a:ad:c0:36:
13:e8:a2:81
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECa9kTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDYy
MDA5MjY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM1NTMzZTMzNjk3
ZDliMjQxNzdjMjIzZTBkMjgwOTUwNGI4MTAzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkdbGSHXisaIwSzM+1vwAXzYNPrnbdE5i7TULQd68EgFqaa
rK9noZuDeQq/lpQBF+JoQgy/DsWHMTZ9BmjMWsU3WX/2ZHnz50KqBGBEQeUT3Oyf
rJA47VYt0XxK1yKNrZLv+t2kRtzDPhU1GLYXjoCPkovff4sv7iAp53GumHKXyB7v
TFdDO7Ie52ILRDNvKHQIChZbBOm8402xu+fvFNn4sfObywns5G5SEy3kq2ABS9wD
l9LkciQJvIffgtKjraQASk6xsymGXN+3hoZTbhVLIsFuwZmc58oO9ABqnNTWGe2a
lrLBwXny3OOmGu0JWSiqcnr8jEC0vIgmnlrhSDcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQMVTPjNpfZskF3wiPg0oCVBLgQPzAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L0RGVXo0emFYMmJKQmQ4SWo0TktBbFFTNEVEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoOG0ADBQMqDisAMA0GCSqGSIb3
DQEBCwUAA4IBAQApEnywZUfESv9DJheg3Vvk2nNxI3HS84Xe21kKwaDupJjz8dDX
5mjYmbWTBireCK41bU1c6r3m+BRs/PQbo9WO6LQkF8Kv31Tjt4QWr2IcLmZx1GIU
GPAe72ZGthIYKbeIHfQSo6ofPsH1ktHx2W3+wTkSb4BRbQFB+DDBbBjCJgXjuKUc
UrYzL5X0J33rAzOy1Bcm//vlsARYRwvw5jVnBulCQIsFMUHsJjDlIdGjLdrJh1EV
cDHHLtQUM7qGJDcPXk2eCLRm2tLuaRvAA6wYwhOPMqtBtwOaA2PEb06rI0jrpP1e
ZomVWsWpJbA1oHWWdv6ThOyTL3qtwDYT6KKB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:14 2025 by rpki-client