Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/IFnJaqV7p9xh9PMxgtvfUzZJ6Sc.roa
File: IFnJaqV7p9xh9PMxgtvfUzZJ6Sc.roa (raw, json)
Hash identifier: 6pEFZ8ob6a0sVelcfTOoagPNfDZOvjj44jVlIxsEIFc=
Subject key identifier: 20:59:C9:6A:A5:7B:A7:DC:61:F4:F3:31:82:DB:DF:53:36:49:E9:27
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 01856DAF4D956EE34B978AB19589C263FAFF
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/IFnJaqV7p9xh9PMxgtvfUzZJ6Sc.roa
Signing time: Sun 01 Jan 2023 14:14:43 +0000
ROA not before: Sun 01 Jan 2023 14:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209861
IP address blocks: 2a10:a642:ad00::/40 maxlen: 40
2a10:a642:aa00::/40 maxlen: 48
2a10:a642:aa00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:4d:95:6e:e3:4b:97:8a:b1:95:89:c2:63:fa:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jan 1 14:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2059c96aa57ba7dc61f4f33182dbdf533649e927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:45:15:5c:6e:89:0c:1d:1b:30:7d:65:d2:
9e:31:50:d8:2a:c5:65:e5:7d:bf:a6:27:17:75:ad:
4b:78:b5:c1:34:2e:62:b7:26:66:0f:94:20:09:82:
71:53:2e:30:5d:e4:33:f5:c6:81:ae:12:3b:7d:29:
36:c5:3e:c4:e6:d1:ef:ac:27:c4:c3:72:e7:4d:41:
d8:63:31:9f:71:71:5d:d0:3d:01:11:c0:cb:a8:1c:
05:0f:8a:46:29:0d:0b:42:12:d7:8a:3c:e0:c3:bc:
69:88:aa:17:0d:87:e4:24:12:61:02:76:87:b5:3a:
7a:02:6d:05:5a:2f:3f:f4:56:11:2e:8c:36:f4:ce:
c6:fe:47:25:3a:a6:fd:84:9b:a5:fa:13:9b:72:97:
86:07:43:f3:85:28:a8:57:97:15:05:2c:8d:65:d6:
6a:3e:ca:57:07:7f:b9:84:ab:dd:b8:3e:33:79:82:
aa:26:ea:d6:d5:de:ed:9a:57:20:d2:16:53:3e:75:
26:cb:0c:38:d9:87:be:27:a0:9b:0b:7c:d7:91:b8:
50:f8:33:14:f1:5c:4a:a4:91:5b:53:b3:28:d9:01:
79:4e:93:73:00:e2:93:9e:27:38:1b:25:fe:53:bc:
30:96:da:1a:a8:81:14:ee:36:56:9b:29:b4:6d:b5:
bd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:59:C9:6A:A5:7B:A7:DC:61:F4:F3:31:82:DB:DF:53:36:49:E9:27
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/IFnJaqV7p9xh9PMxgtvfUzZJ6Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a642:aa00::/40
2a10:a642:ad00::/40
Signature Algorithm: sha256WithRSAEncryption
6f:5a:78:7e:1d:11:cf:10:09:fa:c8:f9:ea:49:ec:dc:69:77:
4d:41:3b:99:92:40:e3:55:6f:79:63:4f:fd:c7:ae:f3:08:cd:
7f:e3:0c:3d:7b:a9:d5:5a:44:97:f8:d5:b4:42:b7:a9:86:9b:
3e:12:0b:a0:9c:18:07:29:3a:51:6e:d4:c0:fb:00:86:ab:fb:
ef:6d:cd:0c:6a:70:fc:e5:fe:ea:b0:9c:24:84:27:00:03:56:
bb:02:a4:1e:92:1e:ad:20:db:94:ae:3a:93:8c:6c:64:d4:8a:
50:c5:3e:08:7b:dc:92:5a:60:23:16:a1:3b:2a:40:f2:01:b1:
68:a8:85:c9:4a:93:1a:56:c5:e4:88:ac:e6:a8:fb:0f:fc:9b:
d4:55:86:f4:40:96:54:97:fa:9c:5c:2f:a1:df:d9:11:b2:ef:
84:1f:98:58:01:f0:f1:ca:d1:9f:3a:e6:c8:2f:11:cb:e0:f5:
89:db:aa:72:45:5b:49:7b:38:4e:f9:8c:a3:12:0a:8e:aa:78:
cb:e3:17:d7:0c:02:a3:59:a7:5d:18:f3:27:36:f5:f5:8c:83:
5f:3c:97:32:9d:28:4f:b9:57:e6:15:2a:ba:f9:f4:7c:f3:bd:
d9:75:da:44:21:f0:06:93:8f:0e:61:76:4b:a5:8f:d9:79:b6:
ee:bc:ba:97
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVtr02VbuNLl4qxlYnCY/r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjMwMTAxMTQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU5Yzk2YWE1N2JhN2RjNjFmNGYzMzE4MmRiZGY1MzM2NDllOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM5FFVxuiQwdGzB9ZdKeMVDYKsVl
5X2/picXda1LeLXBNC5ityZmD5QgCYJxUy4wXeQz9caBrhI7fSk2xT7E5tHvrCfE
w3LnTUHYYzGfcXFd0D0BEcDLqBwFD4pGKQ0LQhLXijzgw7xpiKoXDYfkJBJhAnaH
tTp6Am0FWi8/9FYRLow29M7G/kclOqb9hJul+hObcpeGB0PzhSioV5cVBSyNZdZq
PspXB3+5hKvduD4zeYKqJurW1d7tmlcg0hZTPnUmyww42Ye+J6CbC3zXkbhQ+DMU
8VxKpJFbU7Mo2QF5TpNzAOKTnic4GyX+U7wwltoaqIEU7jZWmym0bbW9FwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCBZyWqle6fcYfTzMYLb31M2SeknMB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvSUZuSmFxVjdwOXhoOVBNeGd0dmZVelpKNlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKhCmQqoD
BgAqEKZCrTANBgkqhkiG9w0BAQsFAAOCAQEAb1p4fh0RzxAJ+sj56kns3Gl3TUE7
mZJA41VveWNP/ceu8wjNf+MMPXup1VpEl/jVtEK3qYabPhILoJwYByk6UW7UwPsA
hqv7723NDGpw/OX+6rCcJIQnAANWuwKkHpIerSDblK46k4xsZNSKUMU+CHvcklpg
IxahOypA8gGxaKiFyUqTGlbF5Iis5qj7D/yb1FWG9ECWVJf6nFwvod/ZEbLvhB+Y
WAHw8crRnzrmyC8Ry+D1iduqckVbSXs4TvmMoxIKjqp4y+MX1wwCo1mnXRjzJzb1
9YyDXzyXMp0oT7lX5hUquvn0fPO92XXaRCHwBpOPDmF2S6WP2Xm27ry6lw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:48:42 2025 by rpki-client