Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/DwNzLlFqjjn_WMiD9SGyMLn6o3E.roa
File: DwNzLlFqjjn_WMiD9SGyMLn6o3E.roa (raw, json)
Hash identifier: TACKE/9663ymgy9GH1U2sAyPge25p+pewz1O31hxr5s=
Subject key identifier: 0F:03:73:2E:51:6A:8E:39:FF:58:C8:83:F5:21:B2:30:B9:FA:A3:71
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA3B14AA71891B438128F711F0A913
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/DwNzLlFqjjn_WMiD9SGyMLn6o3E.roa
Signing time: Mon 02 Jan 2023 13:44:45 +0000
ROA not before: Mon 02 Jan 2023 13:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2546
IP address blocks: 2001:648:2120::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:3b:14:aa:71:89:1b:43:81:28:f7:11:f0:a9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f03732e516a8e39ff58c883f521b230b9faa371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:7c:12:78:9e:ac:27:0a:a7:55:c4:09:62:
1c:1e:c0:c7:6d:1b:cc:93:ec:fe:40:d0:d9:f8:a4:
ec:f4:b1:ff:65:9a:87:49:10:ee:29:fd:ac:58:b3:
2a:e6:74:4f:fa:bb:0f:36:e0:01:c2:ce:c2:6e:6b:
e5:1c:bc:cb:71:4b:66:e8:9c:b9:55:b7:c9:10:ab:
b8:1f:0e:1c:6d:00:f0:5e:63:13:35:aa:bd:b3:b0:
74:70:53:da:d7:8b:a6:2e:13:91:9f:f3:5e:d6:b0:
0e:a7:da:6c:a0:d2:b1:35:8b:4f:25:22:8c:c2:85:
20:9d:f1:e1:ae:bf:bf:12:72:ef:95:d7:59:ad:8d:
1f:85:86:26:7f:38:c6:da:bd:74:4e:1a:c2:e5:90:
8a:3f:8f:ae:59:04:19:2d:44:8b:4f:44:c5:17:7c:
91:00:87:7e:02:f4:75:f0:f9:6e:d8:17:70:51:8f:
74:5f:1e:e6:6e:7a:52:c5:27:db:74:c3:ed:e0:e0:
dc:51:7e:46:2f:c5:5e:bb:f1:eb:3f:a6:52:76:e8:
a9:2d:e6:77:17:00:c2:cb:3f:8b:ff:97:5a:e9:07:
42:41:0e:77:e9:c2:dd:51:0b:49:e0:d9:95:2f:ec:
de:9f:07:bd:f7:53:01:44:cd:40:0e:bc:12:2c:16:
fa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:03:73:2E:51:6A:8E:39:FF:58:C8:83:F5:21:B2:30:B9:FA:A3:71
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/DwNzLlFqjjn_WMiD9SGyMLn6o3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:648:2120::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a0:17:52:2b:89:64:56:3f:52:b9:2d:a9:93:4c:02:e5:e8:
5e:b9:4c:46:30:c9:f0:a3:9a:b2:86:2e:94:a2:59:67:2b:7f:
d8:cb:90:e8:22:47:8a:eb:95:f7:af:ff:c2:57:65:60:7f:0d:
02:f0:f7:76:18:07:2a:97:2a:66:67:82:04:d8:07:27:de:e6:
2b:c8:a9:6f:04:6c:83:01:dd:5a:8f:b5:2a:9e:b4:7c:fb:47:
75:49:62:6a:a3:3f:f7:24:12:85:98:dd:6f:1d:72:ea:d2:06:
e4:0a:80:cf:80:75:38:fa:a2:8c:4d:81:fa:f2:9b:0e:5d:d3:
2b:b9:6e:2a:17:dc:1f:f6:26:88:9c:37:2f:26:6d:2c:d3:df:
2c:38:65:07:d7:19:cb:a5:8d:da:72:d7:67:7d:db:21:b2:16:
0c:2b:42:02:74:3c:f5:f3:53:38:b9:b0:41:29:04:24:08:be:
61:0a:8b:32:86:2b:2b:cf:e2:b2:e1:eb:60:b1:70:e4:6e:1b:
52:dd:28:71:00:e6:7d:c8:75:46:c7:59:cf:07:59:76:dc:84:
19:11:79:99:58:4a:8d:e4:6d:e5:31:a8:98:30:c0:65:11:1d:
82:9f:e4:85:f1:4b:cf:90:55:5a:6a:84:2a:19:0e:99:3a:50:
29:8f:ab:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyujsUqnGJG0OBKPcR8KkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjAzNzMyZTUxNmE4ZTM5ZmY1OGM4ODNmNTIxYjIzMGI5ZmFhMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk18EnierCcKp1XECWIcHsDHbRvM
k+z+QNDZ+KTs9LH/ZZqHSRDuKf2sWLMq5nRP+rsPNuABws7CbmvlHLzLcUtm6Jy5
VbfJEKu4Hw4cbQDwXmMTNaq9s7B0cFPa14umLhORn/Ne1rAOp9psoNKxNYtPJSKM
woUgnfHhrr+/EnLvlddZrY0fhYYmfzjG2r10ThrC5ZCKP4+uWQQZLUSLT0TFF3yR
AId+AvR18Plu2BdwUY90Xx7mbnpSxSfbdMPt4ODcUX5GL8Veu/HrP6ZSduipLeZ3
FwDCyz+L/5da6QdCQQ536cLdUQtJ4NmVL+zenwe991MBRM1ADrwSLBb6mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA8Dcy5Rao45/1jIg/UhsjC5+qNxMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvRHdOekxsRnFqam5fV01pRDlTR3lNTG42bzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGSCEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBroBdSK4lkVj9SuS2pk0wC5eheuUxGMMnwo5qy
hi6UollnK3/Yy5DoIkeK65X3r//CV2Vgfw0C8Pd2GAcqlypmZ4IE2Acn3uYryKlv
BGyDAd1aj7UqnrR8+0d1SWJqoz/3JBKFmN1vHXLq0gbkCoDPgHU4+qKMTYH68psO
XdMruW4qF9wf9iaInDcvJm0s098sOGUH1xnLpY3actdnfdshshYMK0ICdDz181M4
ubBBKQQkCL5hCosyhisrz+Ky4etgsXDkbhtS3ShxAOZ9yHVGx1nPB1l23IQZEXmZ
WEqN5G3lMaiYMMBlER2Cn+SF8UvPkFVaaoQqGQ6ZOlApj6sV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:22 2025 by rpki-client