Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/DKZ5z21fmvYksSVLnQKAc7g7C1o.roa
File: DKZ5z21fmvYksSVLnQKAc7g7C1o.roa (raw, json)
Hash identifier: iq9YJJT+TOK1M0VdHh2Aebcuvh0Wd92eY82K5/sXQXA=
Subject key identifier: 0C:A6:79:CF:6D:5F:9A:F6:24:B1:25:4B:9D:02:80:73:B8:3B:0B:5A
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 0372AF52
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/DKZ5z21fmvYksSVLnQKAc7g7C1o.roa
Signing time: Sat 19 Feb 2022 10:20:41 +0000
ROA not before: Sat 19 Feb 2022 10:20:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211227
IP address blocks: 2a0e:46c4:1600::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57847634 (0x372af52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Feb 19 10:20:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ca679cf6d5f9af624b1254b9d028073b83b0b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e9:d7:90:17:e8:4c:16:6b:c2:d2:a5:9f:59:
d2:f5:82:62:c2:43:37:c3:22:b7:a1:4c:c8:8a:3b:
6c:e8:db:6d:77:02:75:58:99:4d:42:de:85:48:15:
14:16:82:32:91:24:25:99:ef:36:2e:8d:a3:00:df:
1b:3a:93:ad:e1:9e:f3:92:73:79:d5:95:b9:34:22:
19:9e:3a:fe:73:c5:86:81:c9:fe:95:62:fd:4d:c8:
42:a1:1d:e4:cc:cf:1b:22:2f:d4:55:5a:fa:d2:31:
58:77:13:08:f1:42:d5:81:10:9a:e9:1d:cb:38:15:
b6:e3:b1:c2:60:a6:e7:a1:70:aa:6d:ea:cc:1f:52:
47:ee:81:85:14:8f:1f:66:aa:e1:bb:7a:92:1c:a0:
6a:b9:98:8f:87:3c:16:40:b7:5c:7a:7b:a3:c6:06:
68:74:9c:1e:34:67:6b:ea:d9:31:b6:e6:21:ca:3c:
7b:4c:c4:50:81:98:d4:a5:aa:27:b5:04:a6:3f:41:
aa:6a:ec:8f:cb:9c:c6:5f:f4:52:3e:d3:58:d9:6b:
d1:2e:04:c4:80:f7:21:23:65:a6:c2:59:d1:fb:fa:
47:e0:d9:5c:61:82:41:e6:32:bf:8b:c9:3d:b7:46:
e3:b7:99:6e:e4:78:17:60:29:6f:7d:87:c6:c0:09:
34:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A6:79:CF:6D:5F:9A:F6:24:B1:25:4B:9D:02:80:73:B8:3B:0B:5A
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/DKZ5z21fmvYksSVLnQKAc7g7C1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:1600::/40
Signature Algorithm: sha256WithRSAEncryption
44:57:b0:60:57:83:0b:f5:a5:5f:c3:1f:9f:7e:00:98:49:d2:
6b:84:45:07:55:f7:76:a3:14:e8:9f:0b:94:55:38:11:3a:f3:
7f:cb:ce:ea:88:9a:95:eb:74:37:11:e1:53:11:e6:15:ae:89:
1c:a1:a2:65:10:06:69:a4:09:a8:01:30:01:2a:66:15:40:51:
33:bc:5b:81:2f:eb:31:f7:4e:da:68:95:0a:76:6b:4e:89:1f:
8b:d6:97:d0:b1:9f:57:00:d3:94:1c:9e:a8:2b:56:65:5d:a7:
ae:77:1a:b3:09:c0:65:c8:63:ad:e5:31:1a:83:fa:e0:0f:79:
73:66:7c:18:0a:06:6f:fe:68:81:8a:f8:0b:9a:c5:00:03:24:
35:47:e6:72:fb:2a:a4:29:7e:5e:f6:92:0a:0c:3c:74:f1:5c:
df:81:fc:0c:00:49:d7:0a:67:ac:7c:35:b5:83:12:57:77:50:
66:14:a0:21:8f:4a:f1:62:a0:33:27:6e:6b:3e:e3:60:7a:cd:
bb:f9:8b:a4:50:30:3f:0e:d7:49:36:d9:50:6a:42:3e:08:73:
d0:87:67:40:06:b1:30:a3:a1:9f:c4:04:bd:34:9a:d4:84:66:
4b:8d:d3:7f:2d:9b:02:2f:c9:ba:7a:74:69:67:51:01:50:10:
d8:fe:cb:15
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEA3KvUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzBlNTQ1MGQxNDg2NzgwYWJhNTRmMDQ1ZWM0ODAyZjE5ZjBiNGY3MB4XDTIyMDIx
OTEwMjA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhNjc5Y2Y2ZDVm
OWFmNjI0YjEyNTRiOWQwMjgwNzNiODNiMGI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjp15AX6EwWa8LSpZ9Z0vWCYsJDN8Mit6FMyIo7bOjbbXcC
dViZTULehUgVFBaCMpEkJZnvNi6NowDfGzqTreGe85JzedWVuTQiGZ46/nPFhoHJ
/pVi/U3IQqEd5MzPGyIv1FVa+tIxWHcTCPFC1YEQmukdyzgVtuOxwmCm56Fwqm3q
zB9SR+6BhRSPH2aq4bt6khygarmYj4c8FkC3XHp7o8YGaHScHjRna+rZMbbmIco8
e0zEUIGY1KWqJ7UEpj9Bqmrsj8ucxl/0Uj7TWNlr0S4ExID3ISNlpsJZ0fv6R+DZ
XGGCQeYyv4vJPbdG47eZbuR4F2Apb32HxsAJNHcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQMpnnPbV+a9iSxJUudAoBzuDsLWjAfBgNVHSMEGDAWgBQ3DlRQ0UhngKul
TwRexIAvGfC09zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L053NVVVTkZJWjRDcnBVOEVYc1NBTHhud3RQYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvZjBmNzBjLTA2ZTctNDFhYy1hMmI4LTg1OGRjZTU3ZmNkYi8x
L0RLWjV6MjFmbXZZa3NTVkxuUUtBYzdnN0Mxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
ZjBmNzBjLTA2ZTctNDFhYy1hMmI4LTg1OGRjZTU3ZmNkYi8xL053NVVVTkZJWjRD
cnBVOEVYc1NBTHhud3RQYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoORsQWMA0GCSqGSIb3DQEBCwUA
A4IBAQBEV7BgV4ML9aVfwx+ffgCYSdJrhEUHVfd2oxTonwuUVTgROvN/y87qiJqV
63Q3EeFTEeYVrokcoaJlEAZppAmoATABKmYVQFEzvFuBL+sx907aaJUKdmtOiR+L
1pfQsZ9XANOUHJ6oK1ZlXaeudxqzCcBlyGOt5TEag/rgD3lzZnwYCgZv/miBivgL
msUAAyQ1R+Zy+yqkKX5e9pIKDDx08VzfgfwMAEnXCmesfDW1gxJXd1BmFKAhj0rx
YqAzJ25rPuNges27+YukUDA/DtdJNtlQakI+CHPQh2dABrEwo6GfxAS9NJrUhGZL
jdN/LZsCL8m6enRpZ1EBUBDY/ssV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:51 2025 by rpki-client