Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/5n2eIKNVfa5uHUXbTUKxbxRH7WM.roa
File: 5n2eIKNVfa5uHUXbTUKxbxRH7WM.roa (raw, json)
Hash identifier: QHBMuFF+O7SQh3NKfjuSw64v9J4Jh4BsS9p8Se4zE9Y=
Subject key identifier: E6:7D:9E:20:A3:55:7D:AE:6E:1D:45:DB:4D:42:B1:6F:14:47:ED:63
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 349406CE
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/5n2eIKNVfa5uHUXbTUKxbxRH7WM.roa
Signing time: Sat 01 Jan 2022 08:58:01 +0000
ROA not before: Sat 01 Jan 2022 08:58:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1759
IP address blocks: 2001:2000:6000::/40 maxlen: 40
2001:2062::/32 maxlen: 32
2001:2003::/32 maxlen: 32
2001:2061::/32 maxlen: 32
2001:2001:6000::/40 maxlen: 40
2001:2060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882116302 (0x349406ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 08:58:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e67d9e20a3557dae6e1d45db4d42b16f1447ed63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:2c:96:4c:30:e3:8e:78:b4:ee:f5:38:c3:
75:82:2f:b3:ee:f2:35:33:c1:d8:33:8f:ac:5f:f9:
a5:1a:dc:48:af:32:5e:7f:06:8c:5e:9d:97:c5:c3:
3e:b5:09:6d:ac:66:52:82:15:5c:fb:fc:7e:e1:16:
54:a5:92:76:a6:e1:9c:3f:cd:4a:45:41:66:53:29:
8c:dc:64:83:04:a9:2f:b2:dc:9d:72:48:19:4d:04:
54:00:9e:3c:f7:b4:00:e2:72:b0:82:61:21:6c:6f:
24:69:c2:2c:5b:12:27:a5:27:3b:ed:fc:47:3f:c4:
98:7b:1e:6e:df:d1:d4:4c:7e:3a:5e:67:3b:17:a8:
bf:77:99:50:a3:b7:f0:f8:62:73:49:67:e6:6c:e6:
54:35:63:7a:03:b0:34:20:22:8e:2a:0e:59:d1:dc:
ac:e1:6e:28:c2:c9:d6:f6:6d:b9:a3:2f:a6:9c:bf:
55:26:e9:5b:3a:f0:61:63:ae:88:71:d7:49:2c:78:
3d:9b:1c:94:67:14:ca:a2:9f:df:96:1d:c6:ef:fe:
3a:66:4c:e8:ad:e2:22:79:8f:8c:ee:aa:a0:ae:45:
85:62:59:52:8e:00:42:09:91:8a:b4:23:ed:06:93:
dd:41:e2:6f:9f:86:fe:e4:cf:8b:5a:57:98:b0:5f:
a2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7D:9E:20:A3:55:7D:AE:6E:1D:45:DB:4D:42:B1:6F:14:47:ED:63
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/5n2eIKNVfa5uHUXbTUKxbxRH7WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:6000::/40
2001:2001:6000::/40
2001:2003::/32
2001:2060::-2001:2062:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:95:12:15:d4:a4:64:30:7b:c7:ca:39:2c:da:9d:19:71:97:
db:3f:10:30:1a:9a:e4:ef:b2:e0:60:67:b8:ee:a1:f6:3a:69:
8b:18:9a:4d:a4:70:fb:7d:b5:5f:0d:40:45:76:94:1b:35:97:
d0:1d:aa:06:14:4f:0b:9a:c5:d1:e5:fd:0f:27:fc:62:1b:24:
44:0b:63:04:c9:8f:ce:6f:bb:f2:d5:02:43:10:af:c4:cb:a9:
98:3c:9b:b4:02:16:55:ca:ae:c4:e2:07:0f:31:a0:e8:d3:2c:
62:29:9a:c2:a4:37:c8:2d:f5:68:48:36:c0:00:47:6d:f2:fc:
b3:37:d6:c5:47:47:1d:0f:0f:9e:42:90:d7:05:2d:a5:e3:d5:
a5:d4:21:c6:5d:23:67:e0:0c:3a:82:5a:8a:9e:ba:9f:3c:cc:
de:36:62:7d:7c:52:79:1b:4a:87:5a:20:71:57:04:e9:19:85:
93:2f:46:43:c5:29:fd:7e:f1:1d:2a:ce:b0:7c:9e:62:a7:c7:
74:25:6d:84:6e:50:ad:90:9d:c3:c7:df:9f:97:f7:a6:64:b9:
59:6c:93:b4:c5:2d:a9:f6:26:f2:88:ca:ff:1a:ac:fc:39:4a:
d4:db:ef:85:70:47:c8:d6:22:38:08:91:7d:65:24:c3:65:44:
c1:d0:57:25
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENJQGzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmE1YjFjMDlhYTMxZjY3MTNjNjFiMzJlNTU4MTA5ZTQ3OTY2ZDQyMB4XDTIyMDEw
MTA4NTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY3ZDllMjBhMzU1
N2RhZTZlMWQ0NWRiNGQ0MmIxNmYxNDQ3ZWQ2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUNLJZMMOOOeLTu9TjDdYIvs+7yNTPB2DOPrF/5pRrcSK8y
Xn8GjF6dl8XDPrUJbaxmUoIVXPv8fuEWVKWSdqbhnD/NSkVBZlMpjNxkgwSpL7Lc
nXJIGU0EVACePPe0AOJysIJhIWxvJGnCLFsSJ6UnO+38Rz/EmHsebt/R1Ex+Ol5n
Oxeov3eZUKO38Phic0ln5mzmVDVjegOwNCAijioOWdHcrOFuKMLJ1vZtuaMvppy/
VSbpWzrwYWOuiHHXSSx4PZsclGcUyqKf35Ydxu/+OmZM6K3iInmPjO6qoK5FhWJZ
Uo4AQgmRirQj7QaT3UHib5+G/uTPi1pXmLBfoiECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTmfZ4go1V9rm4dRdtNQrFvFEftYzAfBgNVHSMEGDAWgBQ7pbHAmqMfZxPG
GzLlWBCeR5ZtQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L082V3h3SnFqSDJjVHhoc3k1VmdRbmtlV2JVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8x
LzVuMmVJS05WZmE1dUhVWGJUVUt4YnhSSDdXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8xL082V3h3SnFqSDJj
VHhoc3k1VmdRbmtlV2JVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wLQQCAAIwJwMGACABIABgAwYAIAEgAWADBQAgASAD
MA4DBQUgASBgAwUAIAEgYjANBgkqhkiG9w0BAQsFAAOCAQEAEZUSFdSkZDB7x8o5
LNqdGXGX2z8QMBqa5O+y4GBnuO6h9jppixiaTaRw+321Xw1ARXaUGzWX0B2qBhRP
C5rF0eX9Dyf8YhskRAtjBMmPzm+78tUCQxCvxMupmDybtAIWVcquxOIHDzGg6NMs
YimawqQ3yC31aEg2wABHbfL8szfWxUdHHQ8PnkKQ1wUtpePVpdQhxl0jZ+AMOoJa
ip66nzzM3jZifXxSeRtKh1ogcVcE6RmFky9GQ8Up/X7xHSrOsHyeYqfHdCVthG5Q
rZCdw8ffn5f3pmS5WWyTtMUtqfYm8ojK/xqs/DlK1NvvhXBHyNYiOAiRfWUkw2VE
wdBXJQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:45:31 2025 by rpki-client