Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/uacxk_VDgqXbxsOYUxVmggD0hLI.roa
File: uacxk_VDgqXbxsOYUxVmggD0hLI.roa (raw, json)
Hash identifier: LPUYUQqBekZsZZNwC1j5oG166p+3Qb+evVrsManAluQ=
Subject key identifier: B9:A7:31:93:F5:43:82:A5:DB:C6:C3:98:53:15:66:82:00:F4:84:B2
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181FB662CED9F6081A74D775962F40452ED
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/uacxk_VDgqXbxsOYUxVmggD0hLI.roa
Signing time: Thu 14 Jul 2022 06:29:46 +0000
ROA not before: Thu 14 Jul 2022 06:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204010
IP address blocks: 2a05:900:5::/48 maxlen: 48
2a05:900:8::/48 maxlen: 48
2a05:900:6::/48 maxlen: 48
2a05:900:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fb:66:2c:ed:9f:60:81:a7:4d:77:59:62:f4:04:52:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 14 06:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9a73193f54382a5dbc6c3985315668200f484b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ea:f0:b3:28:34:72:c9:e4:54:aa:24:cb:81:
fd:ee:b8:95:ea:e0:36:e1:17:73:64:7b:52:80:ed:
9a:0b:dc:30:31:6a:12:00:35:2a:48:50:c6:45:a7:
75:f2:38:0a:27:c9:fe:8a:e3:80:c3:0e:a4:01:7d:
bf:1b:b6:ad:93:62:34:30:53:7e:82:35:09:63:11:
f6:a7:08:f3:c9:68:1c:f1:28:6f:4f:b9:bc:62:81:
1c:17:c5:f7:62:a8:38:3f:4e:ad:14:06:fa:71:52:
40:01:68:f7:92:92:0f:1a:19:26:10:f8:0e:07:57:
04:15:43:a4:bb:19:db:d9:72:76:8b:d2:cd:f2:f2:
98:1d:15:5e:96:70:7d:52:37:d6:62:24:03:fe:49:
44:ea:71:44:91:2a:ca:26:8e:db:e3:18:54:3e:ea:
3a:20:60:2b:ee:a3:d6:93:8c:90:21:5e:48:6a:12:
1e:a0:86:15:6b:b7:57:c7:79:30:55:ef:f8:f9:e6:
fb:cc:6e:e9:6b:85:e7:c0:f1:16:93:01:8d:c2:82:
ca:0a:2e:9f:5d:bf:24:e7:39:91:d7:44:55:cf:47:
83:ac:aa:56:be:a3:87:89:a0:fb:40:f3:ce:22:9b:
58:be:cc:07:71:70:de:37:be:81:c6:75:fe:82:2e:
d1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A7:31:93:F5:43:82:A5:DB:C6:C3:98:53:15:66:82:00:F4:84:B2
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/uacxk_VDgqXbxsOYUxVmggD0hLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:900:5::-2a05:900:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:92:07:7e:fc:b1:7c:7e:76:03:07:9d:90:98:f9:8f:ee:73:
05:7c:84:5b:7f:b8:a6:73:e6:cc:59:73:81:71:f6:3a:8b:08:
ab:df:57:4f:cf:12:89:32:10:95:a6:d1:82:c1:82:25:49:e1:
a0:4f:43:4b:7f:5b:48:48:25:4c:88:b6:f8:cb:87:d8:56:1d:
bd:13:8f:1d:d8:bc:88:5f:08:93:1d:09:d4:c5:42:4b:8d:af:
79:e4:e3:33:3a:0a:56:62:fc:83:ac:0c:20:17:d1:05:0d:ff:
56:24:8a:c4:8f:e5:96:ea:00:6b:db:60:90:65:c6:91:68:32:
84:f2:1d:0e:22:30:17:9a:9c:57:53:56:12:67:ba:53:35:27:
66:d5:3b:71:87:7b:b3:c8:5c:fc:7c:61:d0:5d:fe:30:82:b4:
e6:e5:b4:a2:0d:40:72:a3:5a:72:da:c5:a1:93:4a:f6:86:df:
cb:6f:5f:34:72:44:8c:fe:23:c2:af:67:84:e0:98:a7:31:6e:
8c:f4:59:67:1a:61:5a:01:22:6f:74:04:dc:c1:78:40:07:bc:
40:b1:41:11:31:ed:f3:03:5c:3a:49:f3:32:50:ff:41:c1:7d:
0d:b5:fd:41:b9:22:80:1a:7b:43:08:1a:11:d0:e7:c4:47:4f:
ad:29:96:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYH7Ziztn2CBp013WWL0BFLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzE0MDYyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE3MzE5M2Y1NDM4MmE1ZGJjNmMzOTg1MzE1NjY4MjAwZjQ4NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOrwsyg0csnkVKoky4H97riV6uA2
4RdzZHtSgO2aC9wwMWoSADUqSFDGRad18jgKJ8n+iuOAww6kAX2/G7atk2I0MFN+
gjUJYxH2pwjzyWgc8ShvT7m8YoEcF8X3Yqg4P06tFAb6cVJAAWj3kpIPGhkmEPgO
B1cEFUOkuxnb2XJ2i9LN8vKYHRVelnB9UjfWYiQD/klE6nFEkSrKJo7b4xhUPuo6
IGAr7qPWk4yQIV5IahIeoIYVa7dXx3kwVe/4+eb7zG7pa4XnwPEWkwGNwoLKCi6f
Xb8k5zmR10RVz0eDrKpWvqOHiaD7QPPOIptYvswHcXDeN76BxnX+gi7RLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLmnMZP1Q4Kl28bDmFMVZoIA9ISyMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvdWFjeGtfVkRncVhieHNPWVV4Vm1nZ0QwaExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqBQkA
AAUDBwAqBQkAAAgwDQYJKoZIhvcNAQELBQADggEBAEmSB378sXx+dgMHnZCY+Y/u
cwV8hFt/uKZz5sxZc4Fx9jqLCKvfV0/PEokyEJWm0YLBgiVJ4aBPQ0t/W0hIJUyI
tvjLh9hWHb0Tjx3YvIhfCJMdCdTFQkuNr3nk4zM6ClZi/IOsDCAX0QUN/1YkisSP
5ZbqAGvbYJBlxpFoMoTyHQ4iMBeanFdTVhJnulM1J2bVO3GHe7PIXPx8YdBd/jCC
tObltKINQHKjWnLaxaGTSvaG38tvXzRyRIz+I8KvZ4TgmKcxboz0WWcaYVoBIm90
BNzBeEAHvECxQREx7fMDXDpJ8zJQ/0HBfQ21/UG5IoAae0MIGhHQ58RHT60plg8=
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:59:48 2025 by rpki-client