Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/lJfXWt_H6Q0g-ml7XOjx-UmS4lM.roa
File: lJfXWt_H6Q0g-ml7XOjx-UmS4lM.roa (raw, json)
Hash identifier: EkhVjr4gKiJKnoS3Vl9XUqMNt1ND8kUDLise0di7PRw=
Subject key identifier: 94:97:D7:5A:DF:C7:E9:0D:20:FA:69:7B:5C:E8:F1:F9:49:92:E2:53
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 0183FB8EEFAFD60FAA59D81E42B818A32E83
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/lJfXWt_H6Q0g-ml7XOjx-UmS4lM.roa
Signing time: Fri 21 Oct 2022 17:19:52 +0000
ROA not before: Fri 21 Oct 2022 17:19:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399976
IP address blocks: 2a12:c6c4::/32 maxlen: 48
2a12:c6c7::/32 maxlen: 48
2a12:c6c6::/32 maxlen: 48
2a12:c6c5::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:8e:ef:af:d6:0f:aa:59:d8:1e:42:b8:18:a3:2e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Oct 21 17:19:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9497d75adfc7e90d20fa697b5ce8f1f94992e253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4b:eb:96:17:09:16:20:40:3b:ac:09:e6:70:
da:c9:86:b6:cf:40:f4:c9:74:5c:25:36:1b:56:c5:
46:90:2f:2d:68:c4:20:d1:f8:6d:5f:9f:b4:dd:39:
9b:00:d0:92:55:3a:7b:8a:dd:bc:59:dd:6b:d2:6e:
65:5c:10:01:e9:ba:51:bb:44:b2:11:ce:fd:36:3e:
3a:b5:23:d9:e4:f2:ec:bc:0b:67:1b:a0:b5:05:98:
09:c4:68:f9:31:67:61:76:1e:c5:6a:d8:33:f5:0d:
5b:00:88:e1:19:a1:e5:cb:bb:bc:25:60:4f:cb:cc:
80:60:63:9e:b8:32:e2:d4:a6:2e:a2:e5:88:5f:cf:
78:58:6b:0a:f2:19:59:8c:25:0d:07:f4:3c:38:be:
bc:1e:bb:d5:c1:e2:f5:f7:83:01:13:27:ac:eb:f6:
50:24:6b:d4:44:7e:38:b0:f0:10:93:00:d1:45:74:
a7:1f:81:77:af:d2:1d:64:ed:f3:45:ec:35:52:f5:
60:74:f0:8e:08:49:18:1d:7b:36:92:b8:fc:96:af:
79:f5:05:01:77:5f:0a:43:ec:ee:16:ff:d8:f8:a9:
9d:9f:13:e0:8b:e4:91:5d:16:85:9c:ab:b4:1e:05:
06:a1:a1:2e:f6:5a:3e:b5:6b:f6:86:a2:1a:7d:d4:
38:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:97:D7:5A:DF:C7:E9:0D:20:FA:69:7B:5C:E8:F1:F9:49:92:E2:53
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/lJfXWt_H6Q0g-ml7XOjx-UmS4lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c4::/30
Signature Algorithm: sha256WithRSAEncryption
ab:73:72:0d:1a:41:a7:ec:32:b3:c3:db:72:85:61:0b:49:b1:
30:f1:d2:0b:b5:19:44:d7:c3:86:af:46:4c:92:1e:71:76:ab:
9a:e0:f2:43:bb:6d:e2:57:e3:f8:44:bf:38:8b:41:54:fa:0f:
90:5d:29:f1:5e:e4:86:70:10:5e:af:d9:0e:b3:c3:0d:e5:fe:
d3:e9:f4:c7:31:e2:3e:dc:80:2b:b9:8f:03:e9:e4:4c:04:b5:
77:3c:00:7e:18:77:11:01:ac:73:aa:6d:64:21:b8:68:37:fd:
89:c3:7f:53:24:87:65:03:c1:06:d2:03:e6:5f:6b:0d:3a:1a:
a7:f6:16:c8:a9:4e:4d:36:ca:5d:aa:f9:50:09:f5:e7:b3:1e:
c6:a1:20:0c:7d:02:d8:67:ce:fc:25:16:cd:76:04:03:68:1e:
81:73:03:e2:1e:1e:30:2b:f6:f3:e3:01:c0:31:69:31:f4:b4:
3f:b5:eb:bc:66:15:9a:bd:e4:55:81:7f:ed:50:12:aa:9d:2b:
11:49:7d:2d:e4:69:eb:c6:59:c0:55:94:b7:ae:27:8c:d0:4e:
9a:23:1c:d3:ea:5e:df:3e:d3:09:d7:04:1f:d3:76:bc:8e:fb:
6e:3e:94:5f:de:d7:fe:29:81:68:47:e8:10:69:62:bb:73:d0:
20:19:24:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYP7ju+v1g+qWdgeQrgYoy6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjIxMDIxMTcxOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk3ZDc1YWRmYzdlOTBkMjBmYTY5N2I1Y2U4ZjFmOTQ5OTJlMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0vrlhcJFiBAO6wJ5nDayYa2z0D0
yXRcJTYbVsVGkC8taMQg0fhtX5+03TmbANCSVTp7it28Wd1r0m5lXBAB6bpRu0Sy
Ec79Nj46tSPZ5PLsvAtnG6C1BZgJxGj5MWdhdh7Fatgz9Q1bAIjhGaHly7u8JWBP
y8yAYGOeuDLi1KYuouWIX894WGsK8hlZjCUNB/Q8OL68HrvVweL194MBEyes6/ZQ
JGvURH44sPAQkwDRRXSnH4F3r9IdZO3zRew1UvVgdPCOCEkYHXs2krj8lq959QUB
d18KQ+zuFv/Y+KmdnxPgi+SRXRaFnKu0HgUGoaEu9lo+tWv2hqIafdQ4iQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJSX11rfx+kNIPppe1zo8flJkuJTMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvbEpmWFd0X0g2UTBnLW1sN1hPangtVW1TNGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhLGxDAN
BgkqhkiG9w0BAQsFAAOCAQEAq3NyDRpBp+wys8PbcoVhC0mxMPHSC7UZRNfDhq9G
TJIecXarmuDyQ7tt4lfj+ES/OItBVPoPkF0p8V7khnAQXq/ZDrPDDeX+0+n0xzHi
PtyAK7mPA+nkTAS1dzwAfhh3EQGsc6ptZCG4aDf9icN/UySHZQPBBtID5l9rDToa
p/YWyKlOTTbKXar5UAn157MexqEgDH0C2GfO/CUWzXYEA2gegXMD4h4eMCv28+MB
wDFpMfS0P7XrvGYVmr3kVYF/7VASqp0rEUl9LeRp68ZZwFWUt64njNBOmiMc0+pe
3z7TCdcEH9N2vI77bj6UX97X/imBaEfoEGliu3PQIBkkcA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:52:01 2025 by rpki-client