Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/VAf8v8rXW3D2VsbWSSnSv6cMO6k.roa
File: VAf8v8rXW3D2VsbWSSnSv6cMO6k.roa (raw, json)
Hash identifier: vd36dbNiDPe6YE4+fQ7jJiSBf/mITsqd0yPJ0lkj9NE=
Subject key identifier: 54:07:FC:BF:CA:D7:5B:70:F6:56:C6:D6:49:29:D2:BF:A7:0C:3B:A9
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 347D6B54
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/VAf8v8rXW3D2VsbWSSnSv6cMO6k.roa
Signing time: Wed 12 Jan 2022 00:19:37 +0000
ROA not before: Wed 12 Jan 2022 00:19:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197223
IP address blocks: 2a03:8c0:1000::/36 maxlen: 36
2a03:8c0::/32 maxlen: 32
2a03:8c0:3000::/36 maxlen: 36
2a03:8c0:9000::/36 maxlen: 36
2a03:8c0:7000::/36 maxlen: 36
2a03:8c0:5000::/36 maxlen: 36
2a03:8c0:2000::/36 maxlen: 36
2a03:8c0:4000::/36 maxlen: 36
2a03:8c0:6000::/36 maxlen: 36
2a03:8c0:8000::/36 maxlen: 36
2a03:8c0::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880634708 (0x347d6b54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 12 00:19:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5407fcbfcad75b70f656c6d64929d2bfa70c3ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7b:5b:0e:92:ef:3c:b0:b9:ca:46:e0:18:92:
54:c0:d0:b3:68:f8:2e:b8:1d:d6:3f:32:70:cd:37:
0c:b0:7b:ae:65:ce:ef:d8:17:93:ac:a6:1a:6c:27:
9a:3a:0e:b0:77:89:7d:00:32:c6:79:95:2d:45:f9:
cb:3e:47:31:37:0a:fb:55:45:40:c4:4f:c5:23:c4:
50:0f:3a:69:70:e5:c5:99:78:6b:22:cd:d7:ae:86:
e5:35:c4:c9:a8:13:18:3e:ed:21:80:41:99:37:80:
30:27:75:2c:cd:5d:0b:13:02:77:4d:e7:5c:12:0e:
75:6d:f6:f1:1e:2c:b5:ef:01:24:30:10:76:ee:77:
7e:39:3c:a7:8b:24:49:3e:8b:39:fe:38:30:a1:f5:
90:c6:9d:9c:27:94:ed:51:6d:b1:05:09:2e:ec:a1:
4e:54:84:f9:08:d2:cc:0b:1c:a6:fb:29:26:14:b3:
b5:36:2c:f3:ce:1a:fd:5e:a3:43:66:5d:8f:ad:cf:
c5:5b:05:a4:60:57:a0:3b:79:e8:c1:b1:11:da:c1:
8f:e7:4b:d9:b4:14:d5:d5:ed:4d:ae:0f:05:16:ef:
36:7e:99:f8:3d:08:17:aa:d7:13:13:54:b1:09:04:
be:de:5f:cf:d8:87:b8:a7:6d:a3:40:80:d9:97:a3:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:07:FC:BF:CA:D7:5B:70:F6:56:C6:D6:49:29:D2:BF:A7:0C:3B:A9
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/VAf8v8rXW3D2VsbWSSnSv6cMO6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:62:70:7c:bf:31:1a:80:5e:23:ea:0f:24:94:75:c3:63:18:
ed:8d:25:5f:bf:b8:14:18:eb:d0:96:11:f4:13:80:8b:af:f4:
4d:ec:38:a1:d1:eb:22:ba:3b:3b:fb:d5:aa:65:c5:4c:77:06:
ec:c6:18:0b:d6:af:44:e0:52:95:2b:b8:75:bc:b5:b8:15:af:
f9:21:93:74:fd:5f:e5:17:cc:8b:5d:48:6f:3a:44:ae:79:90:
cf:a3:9b:71:e9:e4:5a:59:b2:16:9f:35:e8:b3:8e:8b:fa:34:
34:58:d7:6d:17:bf:c0:ea:59:89:f3:52:dd:91:2e:f3:3d:b7:
d6:c4:8e:85:3f:7b:12:8e:82:21:20:da:fc:db:eb:14:38:1e:
42:3a:86:9f:2a:cd:dd:dc:f1:80:2e:1d:02:3f:4e:85:92:09:
bf:89:e4:bc:93:76:29:ca:c1:40:78:bf:5a:c6:d9:1d:bd:14:
4f:93:2b:05:a4:e9:4c:70:68:c1:12:99:a9:5f:d5:a9:69:2f:
cc:56:d1:67:c9:3c:eb:71:16:e6:7b:25:ab:d1:9d:c9:3a:62:
6a:bd:23:d9:a6:64:f5:54:99:73:9b:75:cd:da:4d:a5:ca:c7:
18:cc:f9:38:fb:ea:79:f1:40:0f:93:3e:58:ae:a6:55:15:c6:
5b:3a:3e:dd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENH1rVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDEx
MjAwMTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQwN2ZjYmZjYWQ3
NWI3MGY2NTZjNmQ2NDkyOWQyYmZhNzBjM2JhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIp7Ww6S7zywucpG4BiSVMDQs2j4Lrgd1j8ycM03DLB7rmXO
79gXk6ymGmwnmjoOsHeJfQAyxnmVLUX5yz5HMTcK+1VFQMRPxSPEUA86aXDlxZl4
ayLN166G5TXEyagTGD7tIYBBmTeAMCd1LM1dCxMCd03nXBIOdW328R4ste8BJDAQ
du53fjk8p4skST6LOf44MKH1kMadnCeU7VFtsQUJLuyhTlSE+QjSzAscpvspJhSz
tTYs884a/V6jQ2Zdj63PxVsFpGBXoDt56MGxEdrBj+dL2bQU1dXtTa4PBRbvNn6Z
+D0IF6rXExNUsQkEvt5fz9iHuKdto0CA2ZejjEkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRUB/y/ytdbcPZWxtZJKdK/pww7qTAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L1ZBZjh2OHJYVzNEMlZzYldTU25TdjZjTU82ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoDCMAwDQYJKoZIhvcNAQELBQAD
ggEBAARicHy/MRqAXiPqDySUdcNjGO2NJV+/uBQY69CWEfQTgIuv9E3sOKHR6yK6
Ozv71aplxUx3BuzGGAvWr0TgUpUruHW8tbgVr/khk3T9X+UXzItdSG86RK55kM+j
m3Hp5FpZshafNeizjov6NDRY120Xv8DqWYnzUt2RLvM9t9bEjoU/exKOgiEg2vzb
6xQ4HkI6hp8qzd3c8YAuHQI/ToWSCb+J5LyTdinKwUB4v1rG2R29FE+TKwWk6Uxw
aMESmalf1alpL8xW0WfJPOtxFuZ7JavRnck6Ymq9I9mmZPVUmXObdc3aTaXKxxjM
+Tj76nnxQA+TPliuplUVxls6Pt0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:38 2025 by rpki-client