Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/cmoKu9gb6sZ4nr_sqtdNFGnPEtc.roa
File: cmoKu9gb6sZ4nr_sqtdNFGnPEtc.roa (raw, json)
Hash identifier: 59+ac90eVBZ8atF44XSVIKJF2GeDgkMgo8yj2IamIPM=
Subject key identifier: 72:6A:0A:BB:D8:1B:EA:C6:78:9E:BF:EC:AA:D7:4D:14:69:CF:12:D7
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185708C926C658E212F72E06EA27F3C77E4
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/cmoKu9gb6sZ4nr_sqtdNFGnPEtc.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25400
IP address blocks: 2001:2020::/31 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:92:6c:65:8e:21:2f:72:e0:6e:a2:7f:3c:77:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=726a0abbd81beac6789ebfecaad74d1469cf12d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9b:6a:e5:df:73:09:de:92:42:ac:db:78:94:
fb:41:21:65:c0:09:59:54:16:cc:c8:0c:f9:79:39:
6a:07:cb:19:89:8a:aa:7c:52:9a:c1:4f:ab:65:03:
e2:b2:fe:64:1e:48:c0:bf:46:92:12:2a:01:3a:a1:
40:c3:8b:7d:68:a9:90:da:ca:de:40:c2:35:6f:0a:
cd:5f:60:7b:9f:27:2a:64:4f:17:73:4e:a9:19:36:
10:74:a6:60:9c:d3:85:6b:ef:33:35:00:74:60:ac:
e7:93:20:3d:4e:59:c0:2c:7b:39:a3:b5:a5:7d:f6:
1e:55:54:bb:e9:d4:63:58:a0:c5:77:d4:5b:72:70:
c6:04:54:97:2a:89:27:04:7d:1f:cf:83:1b:79:a8:
3a:60:82:b9:7d:65:f5:f3:29:f1:14:6a:62:c2:77:
60:ec:fc:71:3a:22:78:9f:31:64:7e:59:a8:b3:85:
f6:e0:46:ba:8e:d5:08:1a:4f:99:5f:81:d8:50:be:
68:9f:a1:7e:c7:2e:4c:a7:b3:4c:cc:9b:4c:0b:89:
1f:0a:28:49:fe:11:ff:d2:2c:cf:08:dd:68:c1:47:
c1:d6:ea:5f:32:4e:44:7e:9b:02:08:34:c3:87:ee:
8f:56:4b:a7:16:a4:b3:7b:ec:e9:fa:79:bf:d0:c0:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6A:0A:BB:D8:1B:EA:C6:78:9E:BF:EC:AA:D7:4D:14:69:CF:12:D7
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/cmoKu9gb6sZ4nr_sqtdNFGnPEtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2020::/31
Signature Algorithm: sha256WithRSAEncryption
40:ed:a5:40:8d:26:9b:8e:87:aa:c8:7d:44:e1:4d:f8:67:dd:
28:75:0b:09:81:6e:06:db:27:9d:0b:56:5f:88:c7:c3:17:8f:
02:f3:d5:47:52:23:2e:fc:b2:c0:93:b6:20:fd:24:50:e6:9a:
d6:d0:d2:ab:e6:43:71:4c:34:a9:ff:2d:a0:bf:4d:cd:a6:eb:
21:20:65:df:c7:73:ea:49:63:02:d7:6a:78:bd:eb:06:39:2c:
da:77:19:ce:07:ed:0b:5d:ef:1a:55:20:d3:e3:5c:32:75:5e:
3b:b7:2a:d0:6e:84:1c:0d:ca:88:56:65:b2:78:92:5a:94:37:
b9:dd:a1:65:34:59:17:7d:ed:49:5f:ea:35:de:82:ea:c4:37:
65:cd:d0:5d:3b:d4:27:a7:12:94:c2:0e:ce:e6:a4:36:e4:c3:
23:69:db:68:57:a8:da:1d:7c:08:2d:89:60:89:f5:54:c1:ac:
37:0c:70:bb:b5:de:5e:98:fb:1c:3a:ce:1b:81:35:5d:d5:20:
04:d1:98:bf:f6:b3:03:98:2e:3c:69:02:19:87:9b:db:c3:f7:
dd:5d:92:ae:0a:4b:11:eb:7b:3a:d5:a5:7d:2b:b2:1e:d5:7f:
fb:36:b7:89:8c:3d:1c:8a:81:70:60:99:a6:12:68:b8:6e:68:
39:04:11:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwjJJsZY4hL3LgbqJ/PHfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZhMGFiYmQ4MWJlYWM2Nzg5ZWJmZWNhYWQ3NGQxNDY5Y2YxMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJtq5d9zCd6SQqzbeJT7QSFlwAlZ
VBbMyAz5eTlqB8sZiYqqfFKawU+rZQPisv5kHkjAv0aSEioBOqFAw4t9aKmQ2sre
QMI1bwrNX2B7nycqZE8Xc06pGTYQdKZgnNOFa+8zNQB0YKznkyA9TlnALHs5o7Wl
ffYeVVS76dRjWKDFd9RbcnDGBFSXKoknBH0fz4Mbeag6YIK5fWX18ynxFGpiwndg
7PxxOiJ4nzFkflmos4X24Ea6jtUIGk+ZX4HYUL5on6F+xy5Mp7NMzJtMC4kfCihJ
/hH/0izPCN1owUfB1upfMk5EfpsCCDTDh+6PVkunFqSze+zp+nm/0MAPUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHJqCrvYG+rGeJ6/7KrXTRRpzxLXMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvY21vS3U5Z2I2c1o0bnJfc3F0ZE5GR25QRXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEgIDAN
BgkqhkiG9w0BAQsFAAOCAQEAQO2lQI0mm46Hqsh9ROFN+GfdKHULCYFuBtsnnQtW
X4jHwxePAvPVR1IjLvyywJO2IP0kUOaa1tDSq+ZDcUw0qf8toL9NzabrISBl38dz
6kljAtdqeL3rBjks2ncZzgftC13vGlUg0+NcMnVeO7cq0G6EHA3KiFZlsniSWpQ3
ud2hZTRZF33tSV/qNd6C6sQ3Zc3QXTvUJ6cSlMIOzuakNuTDI2nbaFeo2h18CC2J
YIn1VMGsNwxwu7XeXpj7HDrOG4E1XdUgBNGYv/azA5guPGkCGYeb28P33V2SrgpL
Eet7OtWlfSuyHtV/+za3iYw9HIqBcGCZphJouG5oOQQRJQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:22:59 2025 by rpki-client