Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/D2wI5sH3tfwbZn8a3vtJnHvl1pk.roa
File: D2wI5sH3tfwbZn8a3vtJnHvl1pk.roa (raw, json)
Hash identifier: AsZojtW3ZykbW4mf2gmfywNnsovE7eoKhZ4M0weQOXc=
Subject key identifier: 0F:6C:08:E6:C1:F7:B5:FC:1B:66:7F:1A:DE:FB:49:9C:7B:E5:D6:99
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC4008FC8064DAE574A27ADB62010
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/D2wI5sH3tfwbZn8a3vtJnHvl1pk.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:24f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c4:00:8f:c8:06:4d:ae:57:4a:27:ad:b6:20:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f6c08e6c1f7b5fc1b667f1adefb499c7be5d699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e0:02:ad:12:e2:dc:74:27:2d:ef:72:9b:b3:
c7:49:d9:27:27:88:12:5b:9f:92:1d:b1:62:8f:44:
51:c2:d6:89:40:3b:bf:4c:0e:6d:86:88:c5:54:fc:
9a:bd:93:a1:42:1d:ab:73:02:ac:09:3b:cd:86:1e:
3d:c9:1e:c4:bc:63:14:b7:c6:b2:25:8b:b9:d1:89:
45:ff:16:67:22:89:7c:e0:ad:13:94:be:76:80:5b:
cf:20:f9:a9:47:2e:4d:d9:0d:39:02:97:80:82:39:
ee:c2:35:df:1f:4b:6b:31:38:c7:e9:84:07:46:29:
78:bc:25:9e:b9:7e:a6:ad:58:9d:3e:e6:bd:31:93:
77:98:20:ad:b0:31:53:39:ed:bb:fd:cd:40:49:c2:
56:6a:34:91:55:dc:8e:17:1a:d8:23:87:3d:b4:6f:
59:55:8d:5f:28:04:e6:e8:a0:c7:62:d3:8a:c2:af:
96:87:35:18:26:b6:6b:78:33:15:12:62:c1:88:32:
14:7c:af:af:d5:f7:74:c3:ef:d6:09:c0:cb:dd:8f:
1d:9c:65:b1:71:0b:6f:93:41:6a:37:31:9a:3a:50:
a0:8d:44:32:52:5b:8a:a1:48:25:62:5a:6c:68:f5:
ec:0a:83:ad:ec:9b:74:c0:af:91:a2:8c:52:5b:43:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6C:08:E6:C1:F7:B5:FC:1B:66:7F:1A:DE:FB:49:9C:7B:E5:D6:99
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/D2wI5sH3tfwbZn8a3vtJnHvl1pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:24f0::/48
Signature Algorithm: sha256WithRSAEncryption
48:18:a2:6f:ce:7a:55:94:20:b2:f4:60:ea:6d:00:c2:c8:05:
52:7a:b9:7f:94:41:44:62:f6:9f:36:92:ce:41:eb:d9:c0:43:
4f:d9:dc:50:8f:bd:1f:f0:04:be:99:63:cb:bb:29:ec:66:29:
51:83:f6:0e:63:83:6d:43:a7:8d:ab:4d:9d:e8:0a:cf:94:e9:
25:7b:db:c0:3d:13:5d:24:26:45:1e:2e:52:9b:fd:1e:0d:f7:
5f:29:44:c7:a8:a4:86:04:99:7c:d1:5d:19:2b:7c:13:bf:07:
c8:0e:49:d8:52:4f:2e:c5:ec:58:ce:e1:d3:ff:08:ba:7a:0e:
72:23:3f:32:a9:28:41:de:5e:fa:c6:73:a0:ae:04:cc:43:0c:
c1:de:56:77:7b:26:3e:47:50:0d:80:a7:64:d6:26:7a:9c:d2:
3e:b1:58:8a:86:25:47:53:9f:39:07:e9:78:31:f5:c2:ce:8e:
e1:f2:85:1b:3a:c9:9a:62:af:0a:8f:b1:23:7b:53:a7:cb:0e:
53:91:c1:45:8d:c0:97:a9:ee:95:dd:54:db:97:4d:6b:10:6b:
39:4c:64:b8:0d:ad:07:da:b6:6f:0e:d5:68:5b:87:23:b8:fe:
9e:b3:40:7f:fa:31:40:48:b8:a0:13:29:3b:13:d4:16:b4:d8:
8f:b0:12:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvHcQAj8gGTa5XSiettiAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZjMDhlNmMxZjdiNWZjMWI2NjdmMWFkZWZiNDk5YzdiZTVkNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouACrRLi3HQnLe9ym7PHSdknJ4gS
W5+SHbFij0RRwtaJQDu/TA5thojFVPyavZOhQh2rcwKsCTvNhh49yR7EvGMUt8ay
JYu50YlF/xZnIol84K0TlL52gFvPIPmpRy5N2Q05ApeAgjnuwjXfH0trMTjH6YQH
Ril4vCWeuX6mrVidPua9MZN3mCCtsDFTOe27/c1AScJWajSRVdyOFxrYI4c9tG9Z
VY1fKATm6KDHYtOKwq+WhzUYJrZreDMVEmLBiDIUfK+v1fd0w+/WCcDL3Y8dnGWx
cQtvk0FqNzGaOlCgjUQyUluKoUglYlpsaPXsCoOt7Jt0wK+RooxSW0MRWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA9sCObB97X8G2Z/Gt77SZx75daZMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvRDJ3STVzSDN0ZndiWm44YTN2dEpuSHZsMXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCTw
MA0GCSqGSIb3DQEBCwUAA4IBAQBIGKJvznpVlCCy9GDqbQDCyAVSerl/lEFEYvaf
NpLOQevZwENP2dxQj70f8AS+mWPLuynsZilRg/YOY4NtQ6eNq02d6ArPlOkle9vA
PRNdJCZFHi5Sm/0eDfdfKUTHqKSGBJl80V0ZK3wTvwfIDknYUk8uxexYzuHT/wi6
eg5yIz8yqShB3l76xnOgrgTMQwzB3lZ3eyY+R1ANgKdk1iZ6nNI+sViKhiVHU585
B+l4MfXCzo7h8oUbOsmaYq8Kj7Eje1Onyw5TkcFFjcCXqe6V3VTbl01rEGs5TGS4
Da0H2rZvDtVoW4cjuP6es0B/+jFASLigEyk7E9QWtNiPsBKQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:48 2025 by rpki-client