Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/_EwEp7EX8Q3VPpPY-XmaJXs87SE.roa
File: _EwEp7EX8Q3VPpPY-XmaJXs87SE.roa (raw, json)
Hash identifier: bM8VhatclFu8bvUZ+XlrohwNIr7UkrGICVCZa6398SU=
Subject key identifier: FC:4C:04:A7:B1:17:F1:0D:D5:3E:93:D8:F9:79:9A:25:7B:3C:ED:21
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 02A6CD2C
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/_EwEp7EX8Q3VPpPY-XmaJXs87SE.roa
Signing time: Sat 01 Jan 2022 16:02:18 +0000
ROA not before: Sat 01 Jan 2022 16:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213346
IP address blocks: 2a10:b9c0:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44485932 (0x2a6cd2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Jan 1 16:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc4c04a7b117f10dd53e93d8f9799a257b3ced21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:e8:f3:d0:32:93:91:ac:a5:ec:0f:63:5a:
93:af:59:e9:44:fe:6e:15:ec:7c:6d:38:0f:06:87:
69:5d:9a:40:42:db:25:27:b8:f6:3f:c7:09:03:c1:
09:90:ef:67:8c:bf:41:72:b6:0a:36:74:a9:15:23:
ac:74:d6:73:bb:33:a6:b4:14:7d:f5:72:0c:08:b8:
e1:ef:de:6d:80:50:aa:f4:27:37:34:12:9a:04:d7:
c9:2f:09:17:b4:53:53:c7:eb:d9:7d:9f:42:c2:16:
ec:1a:6c:86:c8:1f:c8:51:e3:43:36:30:02:17:04:
90:ce:df:2c:e9:de:86:38:20:4a:d6:12:ab:bb:7b:
fc:d2:ba:3f:1e:90:22:54:8c:0b:70:d4:48:ea:b0:
6d:f9:fe:89:e5:7a:ed:53:f6:88:11:de:43:46:43:
62:85:03:0f:7e:7c:36:e3:41:36:59:20:f3:ae:e9:
51:8b:96:df:b2:cb:50:bc:65:3e:24:52:44:cd:f1:
a4:66:b0:bf:db:cc:89:4a:93:a0:1c:7a:ac:b0:6b:
32:9c:80:6c:b7:18:c6:37:33:51:b1:3f:01:7c:d8:
c4:1d:fa:28:a5:ae:17:21:86:8e:d9:36:fc:73:98:
04:ed:6c:97:2e:30:60:6e:4d:e4:78:0e:65:24:e0:
b8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:4C:04:A7:B1:17:F1:0D:D5:3E:93:D8:F9:79:9A:25:7B:3C:ED:21
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/_EwEp7EX8Q3VPpPY-XmaJXs87SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b9c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
78:d5:dd:c8:8f:cf:39:56:4f:56:6a:32:6b:04:ed:e9:c7:c2:
97:4d:cd:7e:0c:13:4f:51:95:62:56:4b:da:27:94:0d:0f:39:
8e:e7:28:75:e0:7b:b0:26:9d:91:ce:45:4e:ff:d7:75:67:9f:
57:45:e5:02:ee:c1:4a:d7:22:f7:89:24:99:93:d1:6b:59:a0:
9a:f3:08:05:22:9a:db:68:22:66:33:20:21:5d:54:1e:da:d7:
d3:59:f8:39:ad:87:a6:44:bf:58:6d:22:2f:98:7b:15:23:f2:
13:df:a9:65:94:59:48:e7:47:79:20:29:d8:71:cb:5c:fa:8a:
b5:bb:14:ba:c1:b6:1e:b8:9c:3b:48:c1:21:b2:1a:1b:c2:6d:
b9:fb:91:b2:3f:68:8e:37:14:1d:f6:b8:26:6d:e1:9a:b1:e0:
90:2f:9f:05:24:e1:0c:d2:cb:53:9d:7a:50:08:54:ae:c4:e6:
97:5b:71:0d:ab:d9:49:3c:76:83:ed:bb:12:71:a1:b8:6c:62:
25:4b:b0:16:87:ba:39:38:61:e7:1d:54:32:57:93:ec:60:cb:
a3:c9:fc:d2:33:89:45:10:88:c3:54:4c:92:c4:a5:17:6d:f9:
e4:7a:cd:cd:72:75:46:ce:d5:e8:47:d6:ab:ec:70:c2:29:a0:
b6:7e:64:76
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAqbNLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTdmNGY4YWM4Y2E3MzQzZWQxYjRmZjEyY2UyNzYzMThiNjlkMTBlMB4XDTIyMDEw
MTE2MDIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM0YzA0YTdiMTE3
ZjEwZGQ1M2U5M2Q4Zjk3OTlhMjU3YjNjZWQyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRS6PPQMpORrKXsD2Nak69Z6UT+bhXsfG04DwaHaV2aQELb
JSe49j/HCQPBCZDvZ4y/QXK2CjZ0qRUjrHTWc7szprQUffVyDAi44e/ebYBQqvQn
NzQSmgTXyS8JF7RTU8fr2X2fQsIW7BpshsgfyFHjQzYwAhcEkM7fLOnehjggStYS
q7t7/NK6Px6QIlSMC3DUSOqwbfn+ieV67VP2iBHeQ0ZDYoUDD358NuNBNlkg867p
UYuW37LLULxlPiRSRM3xpGawv9vMiUqToBx6rLBrMpyAbLcYxjczUbE/AXzYxB36
KKWuFyGGjtk2/HOYBO1sly4wYG5N5HgOZSTguAsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT8TASnsRfxDdU+k9j5eZolezztITAfBgNVHSMEGDAWgBRKf0+KyMpzQ+0b
T/Es4nYxi2nRDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NuOVBpc2pLYzBQdEcwX3hMT0oyTVl0cDBRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMGU2OTYyLTk2YjctNGZiOC1hODM5LTllYzdhZGQwZWI2OC8x
L19Fd0VwN0VYOFEzVlBwUFktWG1hSlhzODdTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MGU2OTYyLTk2YjctNGZiOC1hODM5LTllYzdhZGQwZWI2OC8xL1NuOVBpc2pLYzBQ
dEcwX3hMT0oyTVl0cDBRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQucD//zANBgkqhkiG9w0BAQsF
AAOCAQEAeNXdyI/POVZPVmoyawTt6cfCl03NfgwTT1GVYlZL2ieUDQ85jucodeB7
sCadkc5FTv/XdWefV0XlAu7BStci94kkmZPRa1mgmvMIBSKa22giZjMgIV1UHtrX
01n4Oa2HpkS/WG0iL5h7FSPyE9+pZZRZSOdHeSAp2HHLXPqKtbsUusG2HricO0jB
IbIaG8JtufuRsj9ojjcUHfa4Jm3hmrHgkC+fBSThDNLLU516UAhUrsTml1txDavZ
STx2g+27EnGhuGxiJUuwFoe6OThh5x1UMleT7GDLo8n80jOJRRCIw1RMksSlF235
5HrNzXJ1Rs7V6EfWq+xwwimgtn5kdg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:29 2025 by rpki-client