Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/zHbWDDJLbWzCdAvenN2yvjwKr50.roa
File: zHbWDDJLbWzCdAvenN2yvjwKr50.roa (raw, json)
Hash identifier: 9JTBTDZs+z5GuFZs603piqpLSmJXvmP3vi3AvT+KSuc=
Subject key identifier: CC:76:D6:0C:32:4B:6D:6C:C2:74:0B:DE:9C:DD:B2:BE:3C:0A:AF:9D
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 20945B03
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/zHbWDDJLbWzCdAvenN2yvjwKr50.roa
Signing time: Sat 01 Jan 2022 16:11:25 +0000
ROA not before: Sat 01 Jan 2022 16:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9201
IP address blocks: 2001:1405::/32 maxlen: 32
2001:1400:ffee::/48 maxlen: 48
2001:1407::/32 maxlen: 32
2001:1400::/29 maxlen: 29
2001:1401::/32 maxlen: 32
2001:1406::/32 maxlen: 32
2001:1404::/32 maxlen: 32
2001:1402::/32 maxlen: 32
2001:1403::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 546593539 (0x20945b03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Jan 1 16:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc76d60c324b6d6cc2740bde9cddb2be3c0aaf9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:23:36:f7:88:c8:07:37:42:cc:8d:d9:09:21:
2f:2f:2a:72:2c:46:79:a8:8e:8d:ae:55:9c:6b:4b:
0e:5f:74:dd:8f:04:fe:fa:43:30:44:fa:35:ba:df:
de:2a:ea:d2:57:a6:97:83:4d:2d:93:cc:44:24:a7:
a3:84:19:87:98:04:92:f8:82:04:16:b4:54:fb:bb:
3b:29:24:d1:91:c8:90:b3:d8:36:8d:69:e4:12:ea:
f2:72:b2:be:b8:9d:4c:dd:fc:e1:18:65:a5:e6:42:
58:cc:a6:27:d8:3d:7f:54:5a:d5:ad:c6:1e:bb:3f:
8e:3f:38:0e:b1:ba:ab:21:e6:0a:2f:cc:8a:93:03:
d6:b2:64:83:fc:ad:d4:68:db:0a:f1:a7:21:da:91:
86:91:ba:64:22:4c:1e:de:b8:f0:8f:f0:f8:10:49:
e9:8a:7b:d3:6f:37:17:b6:45:c6:21:e8:4b:f2:7d:
99:5f:1f:fd:b3:a8:db:29:6f:38:5a:a7:4d:83:17:
e3:6c:dc:ae:cd:4c:82:5e:a0:02:b4:49:45:2e:4f:
61:0e:ec:6b:61:cb:de:6d:1e:11:11:c4:05:e2:64:
53:1a:48:a0:9d:1d:fd:4c:c5:11:f3:43:05:ec:ec:
84:d7:8a:43:9f:fa:eb:2b:9b:11:a0:ab:52:9a:22:
3d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:76:D6:0C:32:4B:6D:6C:C2:74:0B:DE:9C:DD:B2:BE:3C:0A:AF:9D
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/zHbWDDJLbWzCdAvenN2yvjwKr50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1400::/29
Signature Algorithm: sha256WithRSAEncryption
5e:a1:3f:59:53:d1:1e:fd:19:80:dd:e4:0a:59:9d:4a:b6:56:
2b:4a:3c:3a:20:42:3e:e5:36:62:98:56:10:6f:23:9a:6f:d6:
5c:36:0e:de:9a:47:62:91:ea:6e:a0:14:7a:20:80:7d:01:03:
bf:40:66:21:cf:31:24:36:43:d9:21:aa:8c:97:c6:4b:64:15:
bb:fc:ce:eb:e9:c5:ea:1e:3e:51:cb:49:d5:6f:a9:66:70:2e:
64:cb:14:2f:87:32:0b:8b:af:58:91:c5:de:db:fc:dc:d7:ae:
79:fa:c1:bc:bd:34:31:0f:27:a2:d3:fd:fc:c6:d5:d7:01:25:
02:8f:f6:1e:d6:14:c3:5c:9e:70:e7:83:5e:53:85:71:69:9a:
3e:37:e0:0c:36:14:1e:36:15:bc:9e:67:26:f2:83:bf:87:47:
cd:54:88:9c:7b:45:4d:1b:1b:0e:e0:a3:34:bc:4d:d6:b7:f3:
76:4f:a7:c8:3c:22:4f:e0:00:2f:93:b2:81:a4:81:03:81:68:
26:05:f9:25:ed:ab:19:29:f9:5c:ef:10:27:6f:e2:66:98:cd:
55:f9:42:5f:aa:91:69:25:95:b3:93:68:25:a1:2e:a3:e3:3f:
cf:b5:de:71:aa:2f:ed:89:d0:4b:b1:d8:88:78:57:49:f4:3c:
d0:bd:ab:9b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEIJRbAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODJjOWJjMmQyZGFjZmQ2ZjEzMGQ4NWE4NGZlZGVhYmYxNzlhNTY3MB4XDTIyMDEw
MTE2MTEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M3NmQ2MGMzMjRi
NmQ2Y2MyNzQwYmRlOWNkZGIyYmUzYzBhYWY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkjNveIyAc3QsyN2QkhLy8qcixGeaiOja5VnGtLDl903Y8E
/vpDMET6Nbrf3irq0leml4NNLZPMRCSno4QZh5gEkviCBBa0VPu7Oykk0ZHIkLPY
No1p5BLq8nKyvridTN384RhlpeZCWMymJ9g9f1Ra1a3GHrs/jj84DrG6qyHmCi/M
ipMD1rJkg/yt1GjbCvGnIdqRhpG6ZCJMHt648I/w+BBJ6Yp70283F7ZFxiHoS/J9
mV8f/bOo2ylvOFqnTYMX42zcrs1Mgl6gArRJRS5PYQ7sa2HL3m0eERHEBeJkUxpI
oJ0d/UzFEfNDBezshNeKQ5/66yubEaCrUpoiPekCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTMdtYMMkttbMJ0C96c3bK+PAqvnTAfBgNVHSMEGDAWgBSoLJvC0trP1vEw
2FqE/t6r8XmlZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FDeWJ3dExhejlieE1OaGFoUDdlcV9GNXBXYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvMWI5MTg1LTQwYjUtNDkwYi05YWY4LTU1YzE0MGM5ZjU0Zi8x
L3pIYldEREpMYld6Q2RBdmVuTjJ5dmp3S3I1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
MWI5MTg1LTQwYjUtNDkwYi05YWY4LTU1YzE0MGM5ZjU0Zi8xL3FDeWJ3dExhejli
eE1OaGFoUDdlcV9GNXBXYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABFAAwDQYJKoZIhvcNAQELBQAD
ggEBAF6hP1lT0R79GYDd5ApZnUq2VitKPDogQj7lNmKYVhBvI5pv1lw2Dt6aR2KR
6m6gFHoggH0BA79AZiHPMSQ2Q9khqoyXxktkFbv8zuvpxeoePlHLSdVvqWZwLmTL
FC+HMguLr1iRxd7b/NzXrnn6wby9NDEPJ6LT/fzG1dcBJQKP9h7WFMNcnnDng15T
hXFpmj434Aw2FB42FbyeZybyg7+HR81UiJx7RU0bGw7gozS8Tda383ZPp8g8Ik/g
AC+TsoGkgQOBaCYF+SXtqxkp+VzvECdv4maYzVX5Ql+qkWkllbOTaCWhLqPjP8+1
3nGqL+2J0Eux2Ih4V0n0PNC9q5s=
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:38:41 2025 by rpki-client