Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/7-rCnEEfMjPmY_4_gCurqs2XmJg.roa
File: 7-rCnEEfMjPmY_4_gCurqs2XmJg.roa (raw, json)
Hash identifier: ZEVRFZC6vhfIR5VMz96m9zuNQY5OCI7EsbyqdLk4yLg=
Subject key identifier: EF:EA:C2:9C:41:1F:32:33:E6:63:FE:3F:80:2B:AB:AA:CD:97:98:98
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 01831EA044DF6E907A379FBA883A0EABD606
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/7-rCnEEfMjPmY_4_gCurqs2XmJg.roa
Signing time: Thu 08 Sep 2022 19:42:43 +0000
ROA not before: Thu 08 Sep 2022 19:42:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399976
IP address blocks: 2a12:c6c7::/32 maxlen: 48
2a12:c6c6::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1e:a0:44:df:6e:90:7a:37:9f:ba:88:3a:0e:ab:d6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Sep 8 19:42:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efeac29c411f3233e663fe3f802babaacd979898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a1:fd:98:da:30:9b:c3:c1:85:4c:45:d0:d2:
98:5c:6a:3e:e6:0d:46:91:7c:2b:e8:55:f2:03:fd:
04:71:7c:ad:01:4f:c3:fc:39:10:c2:b8:0c:07:54:
5c:be:40:30:47:ee:28:a2:a8:fa:31:4e:69:32:0b:
2d:50:2f:ba:90:19:cd:3e:6b:46:26:33:49:0e:01:
9a:14:62:b5:58:6d:bb:94:a2:f4:41:88:08:5d:f2:
59:d0:25:b1:be:77:4c:66:34:92:4e:b6:51:14:a5:
18:0f:a5:a3:99:0c:0d:22:77:7f:f2:c8:7f:dc:67:
60:fe:16:df:f1:57:c0:de:a5:e3:42:bd:41:c5:7d:
d6:1e:ed:88:ed:e4:85:8d:09:72:df:62:d0:9b:5a:
db:23:4b:42:00:b5:d7:bc:bc:6a:1a:eb:c0:62:1a:
e6:15:6d:ee:0a:4e:02:1f:41:fd:87:79:f8:7b:32:
14:41:02:0a:52:84:9d:a5:52:b2:df:53:40:ac:be:
85:0f:3d:14:da:aa:ce:4e:8f:a2:85:0d:ee:5f:0f:
4b:d0:39:ab:ce:66:b3:e0:43:03:5f:9f:9a:22:0a:
23:a9:e4:71:fe:7d:c5:07:74:20:4b:ab:15:42:f2:
eb:ce:16:57:34:81:50:fb:af:35:43:87:56:67:ef:
b1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:EA:C2:9C:41:1F:32:33:E6:63:FE:3F:80:2B:AB:AA:CD:97:98:98
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/7-rCnEEfMjPmY_4_gCurqs2XmJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c6::/31
Signature Algorithm: sha256WithRSAEncryption
31:22:bb:ff:18:17:9a:69:d2:76:2d:ac:48:fb:fb:05:09:c0:
5d:79:23:e2:66:ae:67:0c:bc:e8:98:7f:b4:81:b0:7d:5b:58:
c1:a3:23:0e:5d:8e:73:10:69:52:87:43:2a:fa:7f:b0:f5:60:
c0:d2:bc:11:80:e7:59:77:61:a2:d9:21:68:c9:ab:09:13:74:
3d:11:1f:03:d9:cc:dd:5f:e0:01:9f:d9:70:d7:8a:5a:cc:d0:
bc:26:db:72:65:69:a8:bd:04:ef:7a:8c:c9:b4:97:2b:d1:f9:
da:9c:f5:97:fe:ff:be:7a:92:a5:64:f3:dd:e4:0d:0e:70:6b:
f0:85:23:3f:9b:95:f9:9b:be:3d:b0:f5:69:7f:ab:cb:19:e0:
8f:c3:a8:87:ad:a9:28:11:a0:d4:b5:da:39:13:99:72:a7:da:
e8:cb:36:46:10:35:58:40:8f:7d:e2:f9:92:07:a6:20:18:49:
93:43:be:44:8b:cc:db:9d:74:f9:7a:cc:a8:fe:f5:87:0d:da:
d7:76:bb:6d:5d:29:2a:8c:36:99:fd:b7:b4:74:64:be:7c:ab:
05:ce:7d:b7:60:2c:d8:86:d9:bf:5d:ac:a3:19:14:c3:b7:48:
ea:84:42:30:f5:5c:dc:ba:17:03:56:43:9f:52:81:b1:d7:d2:
fc:f1:48:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMeoETfbpB6N5+6iDoOq9YGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjIwOTA4MTk0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmVhYzI5YzQxMWYzMjMzZTY2M2ZlM2Y4MDJiYWJhYWNkOTc5ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKH9mNowm8PBhUxF0NKYXGo+5g1G
kXwr6FXyA/0EcXytAU/D/DkQwrgMB1RcvkAwR+4ooqj6MU5pMgstUC+6kBnNPmtG
JjNJDgGaFGK1WG27lKL0QYgIXfJZ0CWxvndMZjSSTrZRFKUYD6WjmQwNInd/8sh/
3Gdg/hbf8VfA3qXjQr1BxX3WHu2I7eSFjQly32LQm1rbI0tCALXXvLxqGuvAYhrm
FW3uCk4CH0H9h3n4ezIUQQIKUoSdpVKy31NArL6FDz0U2qrOTo+ihQ3uXw9L0Dmr
zmaz4EMDX5+aIgojqeRx/n3FB3QgS6sVQvLrzhZXNIFQ+681Q4dWZ++xQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO/qwpxBHzIz5mP+P4Arq6rNl5iYMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvNy1yQ25FRWZNalBtWV80X2dDdXJxczJYbUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhLGxjAN
BgkqhkiG9w0BAQsFAAOCAQEAMSK7/xgXmmnSdi2sSPv7BQnAXXkj4mauZwy86Jh/
tIGwfVtYwaMjDl2OcxBpUodDKvp/sPVgwNK8EYDnWXdhotkhaMmrCRN0PREfA9nM
3V/gAZ/ZcNeKWszQvCbbcmVpqL0E73qMybSXK9H52pz1l/7/vnqSpWTz3eQNDnBr
8IUjP5uV+Zu+PbD1aX+ryxngj8Ooh62pKBGg1LXaOROZcqfa6Ms2RhA1WECPfeL5
kgemIBhJk0O+RIvM2510+XrMqP71hw3a13a7bV0pKow2mf23tHRkvnyrBc59t2As
2IbZv12soxkUw7dI6oRCMPVc3LoXA1ZDn1KBsdfS/PFIbA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:31 2025 by rpki-client