Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQsj6PShYeQ3dvt1rY0eMcgXxRk.roa
File: AQsj6PShYeQ3dvt1rY0eMcgXxRk.roa (raw, json)
Hash identifier: FEh7EVPcg/JekUJdVg87vfmH6njlvf0JqpJXoSy7Q5c=
Subject key identifier: 01:0B:23:E8:F4:A1:61:E4:37:76:FB:75:AD:8D:1E:31:C8:17:C5:19
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01876EFC03DBF7BBE2B53C0C70ABF9FCBF36
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQsj6PShYeQ3dvt1rY0eMcgXxRk.roa
Signing time: Tue 11 Apr 2023 06:23:42 +0000
ROA not before: Tue 11 Apr 2023 06:23:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:2500::/45 maxlen: 45
2001:67c:24f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:fc:03:db:f7:bb:e2:b5:3c:0c:70:ab:f9:fc:bf:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Apr 11 06:23:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010b23e8f4a161e43776fb75ad8d1e31c817c519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3c:fd:3f:2b:e0:0f:c4:01:70:0a:b4:7f:6d:
2d:be:57:3c:76:32:40:60:8c:aa:54:52:7a:2e:42:
d2:f6:94:1a:c2:9d:0a:6e:82:52:e3:8d:30:ef:6e:
f3:67:85:79:14:80:b6:13:df:3b:40:76:97:f0:37:
c1:19:38:4c:16:70:df:ab:f0:bc:a6:5f:6e:48:d8:
1c:ca:4b:7e:8b:89:d1:bb:96:1b:be:20:de:54:4c:
b0:03:4f:c1:87:74:ab:ed:b9:fa:68:e5:23:4c:46:
79:f2:cf:2f:1d:25:1d:1d:56:cb:b8:b8:37:f9:c1:
d8:65:33:41:fa:32:29:e2:f7:3a:91:e5:aa:26:89:
69:7f:82:2e:e7:c0:31:a7:b6:6e:04:f0:8e:81:15:
02:38:63:0b:45:74:eb:9a:3f:c4:7c:04:8d:d3:25:
2e:49:6d:66:1b:68:97:61:a0:3d:49:d0:98:42:5c:
f8:8f:d7:7d:3b:06:10:70:2e:08:82:45:54:c8:13:
64:5e:01:f9:29:d2:5a:ea:01:01:10:5f:2f:0c:62:
36:c9:86:4c:99:94:d6:c1:5a:3d:f7:74:da:a0:7f:
18:3c:91:b3:06:97:86:c3:12:da:8f:63:84:35:f5:
bd:5d:6b:41:20:77:81:ee:2e:ff:51:b6:2a:d8:be:
eb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0B:23:E8:F4:A1:61:E4:37:76:FB:75:AD:8D:1E:31:C8:17:C5:19
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQsj6PShYeQ3dvt1rY0eMcgXxRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:24f0::/48
2001:67c:2500::/45
Signature Algorithm: sha256WithRSAEncryption
2e:7d:65:3f:ef:77:82:16:8e:ed:64:d5:81:aa:91:39:04:f2:
44:eb:13:04:e9:5d:2e:44:e3:3b:b2:8b:88:3c:47:4e:ac:1a:
f4:c5:56:3d:54:4c:f5:59:ee:6e:df:b2:b3:be:b7:b6:58:02:
88:46:c5:94:b5:c9:9a:68:40:e4:46:8b:9f:52:c5:0d:32:12:
38:d5:9b:11:5c:8f:f9:0c:87:55:66:a0:41:14:19:d7:78:78:
61:0c:19:89:9e:00:84:57:c3:4b:37:d5:9f:3d:8e:e6:ae:14:
f5:57:1e:fc:bd:36:e4:27:c7:34:92:63:4e:7b:5d:9b:ca:1b:
6a:32:1d:7e:2b:9a:4a:55:dd:15:35:ca:cc:a2:9f:90:54:a2:
ec:56:4d:fd:4b:e7:cc:1e:35:42:4d:0d:70:1b:55:0b:aa:bd:
02:e2:cb:fe:45:fa:84:94:00:be:65:ee:6a:7d:f6:69:e1:2f:
d8:fa:79:86:0a:38:06:ea:2b:c9:0b:05:b8:96:51:2d:0b:fa:
bb:66:cf:09:f8:ca:e7:45:7f:d9:15:d6:29:f1:78:b3:16:c6:
00:36:54:f9:60:97:8b:7c:a9:59:6d:4a:5b:e0:a7:d7:b4:3a:
9a:b8:e9:ee:bb:93:06:c7:53:6a:f2:be:24:94:8a:48:57:c0:
bf:19:8d:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdu/APb97vitTwMcKv5/L82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwNDExMDYyMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBiMjNlOGY0YTE2MWU0Mzc3NmZiNzVhZDhkMWUzMWM4MTdjNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojz9PyvgD8QBcAq0f20tvlc8djJA
YIyqVFJ6LkLS9pQawp0KboJS440w727zZ4V5FIC2E987QHaX8DfBGThMFnDfq/C8
pl9uSNgcykt+i4nRu5YbviDeVEywA0/Bh3Sr7bn6aOUjTEZ58s8vHSUdHVbLuLg3
+cHYZTNB+jIp4vc6keWqJolpf4Iu58Axp7ZuBPCOgRUCOGMLRXTrmj/EfASN0yUu
SW1mG2iXYaA9SdCYQlz4j9d9OwYQcC4IgkVUyBNkXgH5KdJa6gEBEF8vDGI2yYZM
mZTWwVo993TaoH8YPJGzBpeGwxLaj2OENfW9XWtBIHeB7i7/UbYq2L7r6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAELI+j0oWHkN3b7da2NHjHIF8UZMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvQVFzajZQU2hZZVEzZHZ0MXJZMGVNY2dYeFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfCTw
AwcDIAEGfCUAMA0GCSqGSIb3DQEBCwUAA4IBAQAufWU/73eCFo7tZNWBqpE5BPJE
6xME6V0uROM7souIPEdOrBr0xVY9VEz1We5u37Kzvre2WAKIRsWUtcmaaEDkRouf
UsUNMhI41ZsRXI/5DIdVZqBBFBnXeHhhDBmJngCEV8NLN9WfPY7mrhT1Vx78vTbk
J8c0kmNOe12byhtqMh1+K5pKVd0VNcrMop+QVKLsVk39S+fMHjVCTQ1wG1ULqr0C
4sv+RfqElAC+Ze5qffZp4S/Y+nmGCjgG6ivJCwW4llEtC/q7Zs8J+MrnRX/ZFdYp
8XizFsYANlT5YJeLfKlZbUpb4KfXtDqauOnuu5MGx1Nq8r4klIpIV8C/GY0s
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:53 2025 by rpki-client