Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/86r9Ifd-fiZb1w3SORao6mPl7-Q.roa
File: 86r9Ifd-fiZb1w3SORao6mPl7-Q.roa (raw, json)
Hash identifier: 9T9FRjyLhkqlMWb9mAYuOuekfgemwwJS+buUXBsS1FA=
Subject key identifier: F3:AA:FD:21:F7:7E:7E:26:5B:D7:0D:D2:39:16:A8:EA:63:E5:EF:E4
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 380E37F1
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/86r9Ifd-fiZb1w3SORao6mPl7-Q.roa
Signing time: Sat 01 Jan 2022 04:04:09 +0000
ROA not before: Sat 01 Jan 2022 04:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212477
IP address blocks: 2a03:3f40:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940455921 (0x380e37f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 04:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3aafd21f77e7e265bd70dd23916a8ea63e5efe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1f:9e:d1:5b:41:6d:90:d0:4c:78:2b:47:6f:
54:e6:44:c6:f6:9c:ad:38:a5:03:9e:2f:41:1e:46:
0a:d5:71:49:96:45:10:7a:71:af:50:75:99:61:6f:
e9:f8:b5:47:11:b6:c7:d3:47:ee:55:32:7b:0d:3a:
b1:f2:d0:83:d9:95:3c:0e:64:09:05:d1:d6:12:5c:
4b:85:4f:88:43:0e:4c:9f:17:3c:a3:58:56:5d:9a:
d3:c8:c2:01:ad:0e:1f:c8:7c:5b:f6:a5:5c:ac:42:
e6:9b:04:de:ee:44:b3:8d:98:23:1e:b3:0c:27:6e:
c9:3b:e4:8b:14:47:44:8d:0a:03:bd:06:68:72:ad:
9b:4b:41:e6:bc:cb:27:5b:fd:fa:b0:96:7d:56:7d:
97:67:6e:46:78:a5:5c:f5:41:1f:15:63:00:33:d5:
76:53:b6:8d:4e:2f:a6:ed:a3:df:96:6e:16:80:6e:
1f:61:bb:53:ca:a8:d4:ae:6b:c6:ce:4a:ce:fa:63:
ee:fe:29:32:9f:f0:a1:be:b4:cd:1a:f9:49:f4:e7:
45:2c:4d:6e:3f:81:f6:e2:3e:24:09:43:f4:68:4b:
7f:95:10:d6:93:bf:6a:23:74:89:a5:3c:00:2f:2c:
32:71:37:13:ff:af:c2:8a:10:31:9a:d1:f3:82:9a:
51:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:FD:21:F7:7E:7E:26:5B:D7:0D:D2:39:16:A8:EA:63:E5:EF:E4
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/86r9Ifd-fiZb1w3SORao6mPl7-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:3f40:d::/48
Signature Algorithm: sha256WithRSAEncryption
33:cb:98:c8:3f:30:0d:73:d6:22:21:ed:f4:63:02:75:22:93:
86:b2:58:bf:95:2f:32:99:93:f1:f0:b2:76:d7:de:a7:b7:6d:
ca:6e:da:32:9a:46:fa:a8:d4:2f:79:86:79:da:53:09:80:31:
ac:61:8e:78:36:bb:90:8e:56:ab:5a:e6:4f:9f:df:bb:71:9b:
48:1e:03:6f:f4:22:90:31:d4:14:f3:ab:0e:b3:44:06:71:4a:
74:4c:0c:74:4e:d1:f1:05:34:9d:9b:54:69:88:37:fc:76:e1:
bb:ee:90:fe:13:df:a0:e6:4a:8c:51:ac:88:27:29:f5:51:4e:
89:25:e9:d3:c1:55:7d:94:9b:69:00:95:35:07:31:1e:d5:e1:
e0:f0:a4:18:4b:72:fe:61:d2:7b:f9:e8:ac:75:f4:00:4b:a1:
d5:2c:80:66:b6:55:d0:9f:fa:c4:04:4f:f1:72:ac:d8:49:27:
7e:67:89:db:7f:15:b0:0a:36:ba:bc:09:60:e7:8c:02:4e:f2:
98:1a:36:9a:a8:80:c9:4f:45:a8:59:c0:5e:8b:8d:14:08:bf:
81:4a:29:5a:32:59:d4:fe:62:62:c5:13:77:d8:a3:a2:ed:87:
3a:9d:fd:fe:0d:ea:75:02:54:82:e8:26:bf:a5:e4:c1:fe:f5:
c4:22:8a:ce
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEOA438TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjMxMTY2ZGU3ODVhMzUzMWJkYzgzNjFmMTE5MGE4MzY5YTdlZDZhMB4XDTIyMDEw
MTA0MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNhYWZkMjFmNzdl
N2UyNjViZDcwZGQyMzkxNmE4ZWE2M2U1ZWZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAfntFbQW2Q0Ex4K0dvVOZExvacrTilA54vQR5GCtVxSZZF
EHpxr1B1mWFv6fi1RxG2x9NH7lUyew06sfLQg9mVPA5kCQXR1hJcS4VPiEMOTJ8X
PKNYVl2a08jCAa0OH8h8W/alXKxC5psE3u5Es42YIx6zDCduyTvkixRHRI0KA70G
aHKtm0tB5rzLJ1v9+rCWfVZ9l2duRnilXPVBHxVjADPVdlO2jU4vpu2j35ZuFoBu
H2G7U8qo1K5rxs5Kzvpj7v4pMp/wob60zRr5SfTnRSxNbj+B9uI+JAlD9GhLf5UQ
1pO/aiN0iaU8AC8sMnE3E/+vwooQMZrR84KaUV0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTzqv0h935+JlvXDdI5FqjqY+Xv5DAfBgNVHSMEGDAWgBQmMRZt54WjUxvc
g2HxGQqDaaftajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pqRVdiZWVGbzFNYjNJTmg4UmtLZzJtbjdXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8x
Lzg2cjlJZmQtZmlaYjF3M1NPUmFvNm1QbDctUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8xL0pqRVdiZWVGbzFN
YjNJTmg4UmtLZzJtbjdXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDP0AADTANBgkqhkiG9w0BAQsF
AAOCAQEAM8uYyD8wDXPWIiHt9GMCdSKThrJYv5UvMpmT8fCydtfep7dtym7aMppG
+qjUL3mGedpTCYAxrGGOeDa7kI5Wq1rmT5/fu3GbSB4Db/QikDHUFPOrDrNEBnFK
dEwMdE7R8QU0nZtUaYg3/Hbhu+6Q/hPfoOZKjFGsiCcp9VFOiSXp08FVfZSbaQCV
NQcxHtXh4PCkGEty/mHSe/norHX0AEuh1SyAZrZV0J/6xARP8XKs2EknfmeJ238V
sAo2urwJYOeMAk7ymBo2mqiAyU9FqFnAXouNFAi/gUopWjJZ1P5iYsUTd9ijou2H
Op39/g3qdQJUgugmv6Xkwf71xCKKzg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:29:27 2025 by rpki-client