Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/0zvNaYhSvxcuV_q8DoHWKSufq4w.roa
File: 0zvNaYhSvxcuV_q8DoHWKSufq4w.roa (raw, json)
Hash identifier: f5DtGQWvPrucjMQTAg7BeHbJIKqu0bXMwBq6ANwWD8M=
Subject key identifier: D3:3B:CD:69:88:52:BF:17:2E:57:FA:BC:0E:81:D6:29:2B:9F:AB:8C
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 0184E1DCEA8797076DB3473390FB4B52F630
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/0zvNaYhSvxcuV_q8DoHWKSufq4w.roa
Signing time: Mon 05 Dec 2022 10:37:42 +0000
ROA not before: Mon 05 Dec 2022 10:37:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42845
IP address blocks: 2a00:7200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:dc:ea:87:97:07:6d:b3:47:33:90:fb:4b:52:f6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Dec 5 10:37:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d33bcd698852bf172e57fabc0e81d6292b9fab8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:66:aa:e1:5a:3d:2a:cb:1c:25:44:e6:a1:ee:
f5:7c:bb:01:14:26:ca:ff:11:7d:8d:b2:2e:7c:2f:
31:9f:33:68:d6:85:12:d8:cb:73:07:9c:0d:ed:f7:
a6:12:76:52:5e:4a:60:4b:6f:c3:f6:44:de:cd:9a:
d6:73:db:33:62:c9:74:f6:b0:5a:de:d1:45:67:ba:
e3:aa:ed:f4:fe:a2:b7:52:29:23:fc:5b:e5:65:b3:
05:a3:90:a5:74:4b:8c:20:4c:21:e6:77:18:59:a6:
be:a4:40:1a:0e:41:49:3f:ed:9c:e1:d2:6c:d4:26:
42:86:35:fb:b6:e0:51:3f:d8:4c:7e:08:47:9a:91:
c7:18:c3:5a:e6:cd:be:1c:76:06:58:a6:f3:37:24:
39:88:10:47:4f:e7:33:1f:ba:7f:77:64:b7:37:e7:
13:41:0a:70:69:31:c3:8f:0e:2d:2a:91:90:b7:9b:
98:9a:1b:cc:15:43:f5:5d:52:df:1d:f2:70:b8:9c:
b9:3d:46:6c:b7:c0:59:d5:88:69:b9:25:e9:cd:2a:
89:79:60:70:1e:f8:5f:d0:2e:71:28:ce:96:54:79:
0c:5a:d2:a5:a4:b4:38:84:2e:9e:ca:70:27:33:b8:
d9:50:ff:2f:a3:10:b6:4a:d4:69:cf:2f:11:9e:a4:
79:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3B:CD:69:88:52:BF:17:2E:57:FA:BC:0E:81:D6:29:2B:9F:AB:8C
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/0zvNaYhSvxcuV_q8DoHWKSufq4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:7200::/32
Signature Algorithm: sha256WithRSAEncryption
73:d3:3d:8c:a0:97:16:72:c4:a2:f8:b4:36:0e:d7:c5:ea:6b:
29:a4:4f:49:97:67:60:2a:59:aa:8c:fe:d7:68:45:95:34:1e:
ec:77:1c:a1:01:4f:5c:de:5a:c6:d7:2c:20:74:c4:c3:18:10:
b4:31:db:7e:2f:d5:95:1c:4f:85:d3:4b:2c:2a:5d:70:82:da:
24:67:f7:46:4c:c3:43:6d:fb:65:72:6b:3f:09:56:d9:c8:39:
14:b5:d7:3d:8e:da:e4:0b:95:e3:b2:fc:70:c6:de:fc:b1:6d:
41:f4:fd:d4:f6:a3:17:83:cc:0b:ed:7c:c9:b6:fc:f4:8f:3f:
d1:a3:91:29:36:db:55:24:d8:88:ee:28:6a:56:1c:ff:b1:8e:
4c:4f:3d:af:59:65:3e:64:44:30:2a:ef:a7:18:fa:d5:05:34:
f0:b1:28:5f:38:7d:52:36:73:06:85:42:ef:1f:67:9f:2c:1a:
93:42:74:58:ae:ce:0b:58:57:ad:05:88:33:4c:03:63:10:ac:
51:a8:4b:0b:63:01:13:62:a3:e7:c3:e4:dc:59:44:cc:f1:f9:
e9:01:d6:45:66:ad:27:7a:07:14:a1:a2:0a:87:1e:d8:45:e7:
8c:19:7f:72:77:0a:7b:e6:9d:bd:4a:ab:9b:d5:e0:82:7e:c9:
df:1c:eb:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTh3OqHlwdts0czkPtLUvYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjIxMjA1MTAzNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNiY2Q2OTg4NTJiZjE3MmU1N2ZhYmMwZTgxZDYyOTJiOWZhYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2aq4Vo9KsscJUTmoe71fLsBFCbK
/xF9jbIufC8xnzNo1oUS2MtzB5wN7femEnZSXkpgS2/D9kTezZrWc9szYsl09rBa
3tFFZ7rjqu30/qK3Uikj/FvlZbMFo5CldEuMIEwh5ncYWaa+pEAaDkFJP+2c4dJs
1CZChjX7tuBRP9hMfghHmpHHGMNa5s2+HHYGWKbzNyQ5iBBHT+czH7p/d2S3N+cT
QQpwaTHDjw4tKpGQt5uYmhvMFUP1XVLfHfJwuJy5PUZst8BZ1YhpuSXpzSqJeWBw
Hvhf0C5xKM6WVHkMWtKlpLQ4hC6eynAnM7jZUP8voxC2StRpzy8RnqR5RQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNM7zWmIUr8XLlf6vA6B1ikrn6uMMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvMHp2TmFZaFN2eGN1Vl9xOERvSFdLU3VmcTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgByADAN
BgkqhkiG9w0BAQsFAAOCAQEAc9M9jKCXFnLEovi0Ng7XxeprKaRPSZdnYCpZqoz+
12hFlTQe7HccoQFPXN5axtcsIHTEwxgQtDHbfi/VlRxPhdNLLCpdcILaJGf3RkzD
Q237ZXJrPwlW2cg5FLXXPY7a5AuV47L8cMbe/LFtQfT91PajF4PMC+18ybb89I8/
0aORKTbbVSTYiO4oalYc/7GOTE89r1llPmREMCrvpxj61QU08LEoXzh9UjZzBoVC
7x9nnywak0J0WK7OC1hXrQWIM0wDYxCsUahLC2MBE2Kj58Pk3FlEzPH56QHWRWat
J3oHFKGiCoce2EXnjBl/cncKe+advUqrm9Xggn7J3xzrkg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:22 2025 by rpki-client