Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/5iuoXAjtvqYRNwwF0vLTJi8JarQ.roa
File: 5iuoXAjtvqYRNwwF0vLTJi8JarQ.roa (raw, json)
Hash identifier: N5OmI+2lNrIz1Sii5iODgPaPOfLFGCmF5j5LZGG5mxA=
Subject key identifier: E6:2B:A8:5C:08:ED:BE:A6:11:37:0C:05:D2:F2:D3:26:2F:09:6A:B4
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 0183D3E4966E67240D79C907A953DCEC776A
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/5iuoXAjtvqYRNwwF0vLTJi8JarQ.roa
Signing time: Fri 14 Oct 2022 00:28:36 +0000
ROA not before: Fri 14 Oct 2022 00:28:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44445
IP address blocks: 2a12:c6c1::/32 maxlen: 48
2a12:c6c0::/29 maxlen: 29
2a12:c6c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d3:e4:96:6e:67:24:0d:79:c9:07:a9:53:dc:ec:77:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Oct 14 00:28:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e62ba85c08edbea611370c05d2f2d3262f096ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2d:a1:5c:b1:fd:88:83:f5:11:2d:38:8e:d8:
bd:83:28:5a:12:ec:e3:ab:43:42:0d:4c:49:0f:2d:
0a:b1:6b:fe:15:6a:f7:6a:97:f4:82:5e:6b:0c:27:
a7:26:a8:c0:a3:24:11:67:89:9a:1a:a7:6b:5b:c0:
e5:12:bb:47:90:fb:7d:7e:a7:cf:15:61:01:28:e5:
03:70:1e:7f:a6:6a:08:de:fe:86:da:dc:45:51:10:
0f:32:06:69:88:79:60:e6:05:92:fd:02:93:fe:fe:
69:7d:b8:9c:36:b7:d2:99:45:66:1e:61:01:0e:aa:
80:16:44:29:8e:05:1c:cd:73:1e:2e:a2:d2:69:a7:
53:15:82:c0:15:73:00:e2:95:e4:14:fb:b8:31:b4:
01:f4:39:9b:ef:72:89:db:22:c0:6a:86:42:36:a2:
de:e1:17:f0:b6:5d:ee:e1:e4:69:fb:e3:5b:01:67:
59:48:ec:32:10:d8:9d:c7:59:7e:44:2a:9f:7c:b0:
5a:6a:b3:da:0d:b7:34:f8:45:79:05:2b:57:b5:2e:
13:5b:90:60:45:e3:83:0a:65:11:51:63:9f:b2:6a:
3d:bf:89:a1:e7:0b:c5:17:6b:13:47:46:85:de:7d:
cc:89:9e:bd:b9:73:30:1f:02:85:6d:b3:d7:e9:85:
f4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2B:A8:5C:08:ED:BE:A6:11:37:0C:05:D2:F2:D3:26:2F:09:6A:B4
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/5iuoXAjtvqYRNwwF0vLTJi8JarQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:25:00:e3:f3:3d:55:95:eb:8d:f2:ad:7b:51:1f:6f:56:7d:
52:32:7a:44:3a:11:bb:53:19:df:e6:68:b3:db:1b:53:2a:8f:
db:f6:31:b4:e2:aa:d2:e3:a0:bb:6b:4a:1c:78:80:c2:0f:30:
f5:57:e8:05:e9:7b:a0:b3:0f:64:1b:d9:b0:15:03:2e:92:da:
a4:09:6a:0d:14:3f:65:1f:f1:df:c2:63:a9:fb:e8:20:d8:c7:
4b:e0:c7:dd:1b:35:e5:93:a1:ca:b6:55:ca:0b:d9:41:b2:64:
81:7c:69:24:d7:25:62:bd:91:12:a7:0d:2e:a4:e1:cb:ac:d1:
fc:8c:31:25:81:dc:b9:a1:94:27:18:a5:40:4c:3c:f4:dc:e2:
ca:fe:71:95:85:05:09:fc:eb:d6:e8:be:b9:bd:a5:69:f7:0b:
7b:7e:e3:1f:23:4f:ef:fd:86:60:f2:76:3b:9b:55:fb:2b:18:
69:80:cd:51:9c:04:e5:de:5a:20:6b:5a:e9:5c:3b:b8:d7:52:
7c:ba:d4:1c:3b:1b:4d:b6:34:d3:7b:19:51:24:f2:e3:ce:41:
06:d4:4f:ef:e1:aa:47:50:94:76:91:08:d9:74:60:b8:67:60:
f6:03:33:04:c7:6f:c3:3c:13:cb:51:7b:32:70:e4:2e:15:b3:
5c:6e:20:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPT5JZuZyQNeckHqVPc7HdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjIxMDE0MDAyODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJiYTg1YzA4ZWRiZWE2MTEzNzBjMDVkMmYyZDMyNjJmMDk2YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi2hXLH9iIP1ES04jti9gyhaEuzj
q0NCDUxJDy0KsWv+FWr3apf0gl5rDCenJqjAoyQRZ4maGqdrW8DlErtHkPt9fqfP
FWEBKOUDcB5/pmoI3v6G2txFURAPMgZpiHlg5gWS/QKT/v5pfbicNrfSmUVmHmEB
DqqAFkQpjgUczXMeLqLSaadTFYLAFXMA4pXkFPu4MbQB9Dmb73KJ2yLAaoZCNqLe
4Rfwtl3u4eRp++NbAWdZSOwyENidx1l+RCqffLBaarPaDbc0+EV5BStXtS4TW5Bg
ReODCmURUWOfsmo9v4mh5wvFF2sTR0aF3n3MiZ69uXMwHwKFbbPX6YX0VwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOYrqFwI7b6mETcMBdLy0yYvCWq0MB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvNWl1b1hBanR2cVlSTnd3RjB2TFRKaThKYXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAISUA4/M9VZXrjfKte1Efb1Z9UjJ6RDoRu1MZ3+Zo
s9sbUyqP2/YxtOKq0uOgu2tKHHiAwg8w9VfoBel7oLMPZBvZsBUDLpLapAlqDRQ/
ZR/x38JjqfvoINjHS+DH3Rs15ZOhyrZVygvZQbJkgXxpJNclYr2REqcNLqThy6zR
/IwxJYHcuaGUJxilQEw89Nziyv5xlYUFCfzr1ui+ub2lafcLe37jHyNP7/2GYPJ2
O5tV+ysYaYDNUZwE5d5aIGta6Vw7uNdSfLrUHDsbTbY003sZUSTy485BBtRP7+Gq
R1CUdpEI2XRguGdg9gMzBMdvwzwTy1F7MnDkLhWzXG4gig==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:56:05 2025 by rpki-client