Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iT1MI-xw6zcUK94O1qYciVfmO9k.roa
File: iT1MI-xw6zcUK94O1qYciVfmO9k.roa (raw, json)
Hash identifier: F3hIA6L/TdW8b1Ys0e6H06tPP6Mq3C16vcyHx4sxCVY=
Subject key identifier: 89:3D:4C:23:EC:70:EB:37:14:2B:DE:0E:D6:A6:1C:89:57:E6:3B:D9
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 3497170B
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iT1MI-xw6zcUK94O1qYciVfmO9k.roa
Signing time: Sat 01 Jan 2022 08:58:03 +0000
ROA not before: Sat 01 Jan 2022 08:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12929
IP address blocks: 2001:2020::/31 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882317067 (0x3497170b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 08:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=893d4c23ec70eb37142bde0ed6a61c8957e63bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a8:2b:ce:f7:52:14:e7:62:f4:1f:3b:a8:ab:
f2:b3:e3:e9:bb:f8:36:14:e0:9b:69:59:70:a6:d2:
fc:6f:51:33:3e:d1:55:8f:58:b6:3c:77:c9:23:e1:
fb:23:7e:98:82:22:5b:7c:d6:49:48:b5:c6:03:d9:
85:bf:70:67:c9:3a:53:f0:9b:bf:04:90:63:e8:c9:
42:3c:79:c8:95:69:41:b3:24:87:d4:9f:9e:2f:6e:
ac:9d:b2:34:c0:0e:86:08:4b:36:eb:76:27:6f:b3:
25:20:bf:93:60:c9:fb:80:fd:c0:3d:cc:f0:92:73:
3f:e0:7d:8d:0f:33:40:56:bd:fb:16:a9:8d:06:ef:
96:80:75:4f:8f:18:6a:c0:21:d0:0d:52:12:d2:ae:
4c:3d:66:e6:0f:a6:9c:bd:30:47:67:54:f8:86:4d:
59:79:1f:cb:0e:67:0f:dc:24:0b:bc:5b:12:05:ce:
ab:84:29:1d:e2:e0:ef:05:af:68:1b:74:58:d6:52:
e0:f0:4c:9f:2a:f1:3d:6e:7e:30:08:26:11:bc:68:
6b:f9:42:c1:50:76:50:40:dd:9d:04:40:55:d0:e6:
ca:3a:ad:37:de:72:d1:9a:86:4f:1a:5f:7f:14:62:
71:e1:cb:ff:3e:8f:f9:b9:33:21:72:ac:c4:31:19:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3D:4C:23:EC:70:EB:37:14:2B:DE:0E:D6:A6:1C:89:57:E6:3B:D9
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iT1MI-xw6zcUK94O1qYciVfmO9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2020::/31
Signature Algorithm: sha256WithRSAEncryption
45:3c:06:14:d4:d9:e0:4e:9a:95:ad:33:11:d1:bf:0f:22:60:
c4:31:ca:96:48:93:59:d8:32:62:b7:79:c7:d6:79:f9:2e:f9:
e3:ba:ad:e0:14:40:fc:da:a3:8b:53:1f:d9:5c:d6:e6:e4:1a:
d6:16:92:38:5b:ef:e6:f7:b0:fd:81:52:19:a8:e1:d5:84:24:
f9:a9:ae:f5:a2:5c:fb:d7:af:be:b5:e6:0f:dd:c5:6c:df:85:
f4:21:02:2c:07:52:2e:82:0b:b7:16:f6:64:08:bd:fe:4d:69:
dc:0a:21:75:20:25:f6:72:27:53:88:d0:07:17:3c:b1:17:06:
5e:ff:14:e7:09:24:2d:66:1d:83:a6:e5:24:35:dd:d6:4b:bd:
a2:e3:6e:89:75:62:46:40:d1:9d:62:87:0d:f9:91:92:cd:51:
71:57:8c:85:59:5b:2a:08:76:38:c3:13:bb:22:56:24:31:ae:
99:de:22:e0:26:4a:6d:fd:b1:33:a6:9b:eb:94:a8:74:c9:30:
00:28:c3:f4:35:d6:03:53:3f:62:53:e3:33:59:38:0d:f1:e5:
58:5f:5e:90:4a:7d:e9:2e:ca:c4:a8:6f:96:9f:19:0b:e6:4d:
77:fc:4f:8e:13:79:77:43:5e:9b:22:60:0b:c5:61:2f:f0:65:
67:18:9b:7e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENJcXCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmE1YjFjMDlhYTMxZjY3MTNjNjFiMzJlNTU4MTA5ZTQ3OTY2ZDQyMB4XDTIyMDEw
MTA4NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkzZDRjMjNlYzcw
ZWIzNzE0MmJkZTBlZDZhNjFjODk1N2U2M2JkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmoK873UhTnYvQfO6ir8rPj6bv4NhTgm2lZcKbS/G9RMz7R
VY9Ytjx3ySPh+yN+mIIiW3zWSUi1xgPZhb9wZ8k6U/CbvwSQY+jJQjx5yJVpQbMk
h9Sfni9urJ2yNMAOhghLNut2J2+zJSC/k2DJ+4D9wD3M8JJzP+B9jQ8zQFa9+xap
jQbvloB1T48YasAh0A1SEtKuTD1m5g+mnL0wR2dU+IZNWXkfyw5nD9wkC7xbEgXO
q4QpHeLg7wWvaBt0WNZS4PBMnyrxPW5+MAgmEbxoa/lCwVB2UEDdnQRAVdDmyjqt
N95y0ZqGTxpffxRiceHL/z6P+bkzIXKsxDEZd0cCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSJPUwj7HDrNxQr3g7WphyJV+Y72TAfBgNVHSMEGDAWgBQ7pbHAmqMfZxPG
GzLlWBCeR5ZtQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L082V3h3SnFqSDJjVHhoc3k1VmdRbmtlV2JVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8x
L2lUMU1JLXh3NnpjVUs5NE8xcVljaVZmbU85ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8xL082V3h3SnFqSDJj
VHhoc3k1VmdRbmtlV2JVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFASABICAwDQYJKoZIhvcNAQELBQAD
ggEBAEU8BhTU2eBOmpWtMxHRvw8iYMQxypZIk1nYMmK3ecfWefku+eO6reAUQPza
o4tTH9lc1ubkGtYWkjhb7+b3sP2BUhmo4dWEJPmprvWiXPvXr7615g/dxWzfhfQh
AiwHUi6CC7cW9mQIvf5NadwKIXUgJfZyJ1OI0AcXPLEXBl7/FOcJJC1mHYOm5SQ1
3dZLvaLjbol1YkZA0Z1ihw35kZLNUXFXjIVZWyoIdjjDE7siViQxrpneIuAmSm39
sTOmm+uUqHTJMAAow/Q11gNTP2JT4zNZOA3x5VhfXpBKfekuysSob5afGQvmTXf8
T44TeXdDXpsiYAvFYS/wZWcYm34=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:48:14 2025 by rpki-client