Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/fz11zoIJuRJhL60O1M-u33ijSl8.roa
File: fz11zoIJuRJhL60O1M-u33ijSl8.roa (raw, json)
Hash identifier: hqxFZWeCp6MJ00QnEfpZFs+aNiLWAUUC0c21Fh1hB1g=
Subject key identifier: 7F:3D:75:CE:82:09:B9:12:61:2F:AD:0E:D4:CF:AE:DF:78:A3:4A:5F
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181D3B7365808E42CA196997DE4D7199665
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/fz11zoIJuRJhL60O1M-u33ijSl8.roa
Signing time: Wed 06 Jul 2022 13:33:28 +0000
ROA not before: Wed 06 Jul 2022 13:33:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:b7:36:58:08:e4:2c:a1:96:99:7d:e4:d7:19:96:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 6 13:33:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f3d75ce8209b912612fad0ed4cfaedf78a34a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f3:39:1f:f9:e2:97:b4:86:64:c0:05:58:d7:
ac:90:e5:49:17:65:33:35:8b:e6:35:ae:4c:a0:26:
f0:b3:d0:d5:6d:2a:1c:8f:41:b6:06:16:21:06:cc:
4b:31:af:9c:c4:ea:3d:ec:33:76:5e:ea:ff:11:97:
91:e3:08:03:c0:1c:f5:34:6d:a8:69:56:01:ac:23:
c1:e5:92:2c:d5:54:b6:1e:77:73:cf:bf:43:52:06:
27:b7:ed:7d:79:81:01:98:90:66:aa:c1:a7:3d:f8:
1b:06:90:78:e2:d7:e5:f2:ce:23:1c:2e:d0:bf:87:
8a:50:4b:ae:26:69:62:85:26:75:61:77:9e:77:77:
03:3f:c9:b0:24:ce:d0:b5:30:e0:83:4a:44:5b:53:
63:88:a7:a4:34:15:ad:f8:b8:15:e5:68:24:c1:46:
57:ac:65:3a:68:c2:3c:8e:5c:7e:c1:2b:b7:1a:17:
78:00:d4:f1:5c:e5:ae:ee:6b:d9:b4:36:1e:77:16:
09:3a:c4:0b:5e:92:f6:a6:30:19:f8:eb:71:a4:78:
c0:0d:ce:ba:15:46:75:9d:ec:7f:14:7f:2d:6c:44:
fc:b8:86:ed:81:00:e0:03:69:ff:60:c7:40:a3:02:
7e:9c:40:32:26:3d:a2:f2:27:74:6a:e6:40:66:98:
61:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3D:75:CE:82:09:B9:12:61:2F:AD:0E:D4:CF:AE:DF:78:A3:4A:5F
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/fz11zoIJuRJhL60O1M-u33ijSl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
3b:73:b1:90:e2:91:73:e6:80:2e:e7:50:70:31:44:a6:99:ce:
d6:cc:92:e8:8b:fa:c4:77:13:cd:bd:34:e5:eb:cf:74:42:d0:
6b:65:98:ed:c0:de:8b:16:35:45:72:f7:7d:43:f5:e0:64:8e:
d3:f8:1d:42:5d:60:d0:e8:1a:f6:d8:8b:dc:f9:4d:97:4f:e2:
99:81:ca:88:21:99:a5:ad:56:97:5c:c1:e2:80:33:a7:44:69:
a7:47:9a:46:11:06:29:b3:12:47:56:95:72:f9:2e:12:08:87:
95:32:71:85:cd:49:26:65:7d:2e:d2:e5:c8:76:11:68:a7:00:
16:a1:2b:f2:92:1d:a7:17:59:3d:4b:24:e3:ef:bd:9a:0c:7d:
7a:23:8f:d8:63:14:1c:d2:f3:5e:91:99:0b:29:b5:9b:fb:dc:
88:64:1b:a3:41:ae:1b:8e:1f:fa:c1:65:cb:05:95:71:ab:eb:
fc:1d:c3:c7:41:b5:35:df:1d:eb:8e:b0:c3:e4:74:4f:1a:43:
c9:8a:71:79:ba:dc:d3:2b:81:91:a0:98:3a:95:ce:2f:eb:e7:
0d:33:9a:ee:34:9f:82:f4:db:25:1c:87:a6:83:e4:30:e2:b6:
e5:e9:78:e8:f7:a0:d5:39:0d:44:11:f2:2d:c4:5a:ce:54:10:
26:fe:6d:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHTtzZYCOQsoZaZfeTXGZZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzA2MTMzMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjNkNzVjZTgyMDliOTEyNjEyZmFkMGVkNGNmYWVkZjc4YTM0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPM5H/nil7SGZMAFWNeskOVJF2Uz
NYvmNa5MoCbws9DVbSocj0G2BhYhBsxLMa+cxOo97DN2Xur/EZeR4wgDwBz1NG2o
aVYBrCPB5ZIs1VS2Hndzz79DUgYnt+19eYEBmJBmqsGnPfgbBpB44tfl8s4jHC7Q
v4eKUEuuJmlihSZ1YXeed3cDP8mwJM7QtTDgg0pEW1NjiKekNBWt+LgV5WgkwUZX
rGU6aMI8jlx+wSu3Ghd4ANTxXOWu7mvZtDYedxYJOsQLXpL2pjAZ+OtxpHjADc66
FUZ1nex/FH8tbET8uIbtgQDgA2n/YMdAowJ+nEAyJj2i8id0auZAZphhtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH89dc6CCbkSYS+tDtTPrt94o0pfMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvZnoxMXpvSUp1UkpoTDYwTzFNLXUzM2lqU2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUJADAN
BgkqhkiG9w0BAQsFAAOCAQEAO3OxkOKRc+aALudQcDFEppnO1syS6Iv6xHcTzb00
5evPdELQa2WY7cDeixY1RXL3fUP14GSO0/gdQl1g0Oga9tiL3PlNl0/imYHKiCGZ
pa1Wl1zB4oAzp0Rpp0eaRhEGKbMSR1aVcvkuEgiHlTJxhc1JJmV9LtLlyHYRaKcA
FqEr8pIdpxdZPUsk4++9mgx9eiOP2GMUHNLzXpGZCym1m/vciGQbo0GuG44f+sFl
ywWVcavr/B3Dx0G1Nd8d646ww+R0TxpDyYpxebrc0yuBkaCYOpXOL+vnDTOa7jSf
gvTbJRyHpoPkMOK25el46Peg1TkNRBHyLcRazlQQJv5tLA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:29:52 2025 by rpki-client