Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/908O4BXVuUE8_D2QKmu7rt3qFEw.roa
File: 908O4BXVuUE8_D2QKmu7rt3qFEw.roa (raw, json)
Hash identifier: pphskD0eHVrmaK7lr66W7gS6zTv6Ma2uJUoGP7yFyRc=
Subject key identifier: F7:4F:0E:E0:15:D5:B9:41:3C:FC:3D:90:2A:6B:BB:AE:DD:EA:14:4C
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 1C6B7079
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/908O4BXVuUE8_D2QKmu7rt3qFEw.roa
Signing time: Sat 01 Jan 2022 13:04:17 +0000
ROA not before: Sat 01 Jan 2022 13:04:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210118
IP address blocks: 2a00:6060:ff00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476803193 (0x1c6b7079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 13:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f74f0ee015d5b9413cfc3d902a6bbbaeddea144c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:46:49:43:b7:5b:43:bd:d3:0c:a8:8a:e3:
89:25:27:92:bb:77:41:f2:55:5a:90:bf:bc:15:ba:
e5:78:c1:81:38:8f:be:43:b4:71:4b:41:a5:eb:45:
dc:ff:94:f5:92:1c:2e:c1:a4:8d:3e:da:26:ca:46:
1d:34:aa:cf:3c:80:61:22:5c:42:f5:3b:6e:c2:e8:
fe:fd:92:55:a0:fb:bd:6c:3f:35:fd:78:63:39:c1:
18:ee:c8:18:ee:a4:7c:68:63:4a:6b:65:98:27:11:
9f:5e:ea:c4:0d:10:e8:bf:89:76:8e:4d:3b:12:e9:
5c:f5:2a:76:96:e0:82:fa:3c:e0:3c:4c:55:d7:91:
b4:f0:f4:45:63:1e:93:fc:90:10:7e:25:0d:86:9a:
f7:d6:dd:2e:59:a4:ab:1f:75:01:97:a1:f3:7f:8b:
7b:36:c1:40:78:7d:7e:6f:59:e1:1f:33:3e:3c:4a:
fd:17:d2:28:74:ce:87:a1:3d:77:cd:35:84:de:01:
f7:25:bc:8d:fc:b6:4e:85:36:16:c5:29:7e:72:ed:
86:ff:7a:83:63:76:8b:c5:06:a7:e5:c8:5d:da:91:
a8:22:87:8a:73:44:b1:74:8c:25:87:ef:ab:be:39:
7b:3e:14:05:78:d9:91:16:cf:91:2e:c3:35:5a:c5:
8a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4F:0E:E0:15:D5:B9:41:3C:FC:3D:90:2A:6B:BB:AE:DD:EA:14:4C
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/908O4BXVuUE8_D2QKmu7rt3qFEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6060:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
03:34:9f:b2:3b:f8:77:51:62:15:11:8b:a6:60:5c:8e:19:b0:
6b:b3:35:5f:c0:fc:eb:db:ea:63:1b:3a:0c:a3:12:f2:f6:1e:
f1:7e:f6:7f:96:e9:31:1b:44:89:3b:e7:6f:b2:35:6c:41:7d:
a1:38:87:14:4d:d3:86:61:69:c3:4c:c7:99:cf:97:52:64:2e:
e5:e3:fb:e2:4c:37:34:90:a0:c5:de:de:6e:da:22:63:a4:79:
d5:c2:8d:3e:b6:46:ee:a3:6f:0c:0c:2f:66:b3:95:9a:18:b8:
5d:dc:f5:c4:af:8e:54:dc:24:69:6d:0a:fc:39:80:08:0d:ba:
66:cc:32:50:a3:ea:3a:ef:7d:e9:58:86:e7:f4:e9:32:e2:94:
61:6c:8c:ff:ec:41:d6:bf:4f:1d:2c:5e:e2:7e:c2:5f:b8:b5:
b3:be:71:0f:98:44:72:c5:c8:78:f4:7d:0a:0d:69:2c:a2:04:
08:0e:6b:91:75:6b:a9:66:e8:e5:92:f5:f9:35:39:cf:2b:bb:
2e:f5:b8:de:31:13:20:1e:8e:18:e9:9d:96:e0:23:96:d2:35:
1c:37:ff:38:27:ee:b4:b6:49:18:43:48:1a:29:e6:a1:4b:75:
79:42:26:2d:25:de:52:ea:6d:54:b8:80:24:53:cd:d4:ed:c6:
8f:28:a8:e5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEHGtweTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTJmOWNiM2MyOThiMTUwYmViNzkwODAzNzZmNzRiZGVhYzQzOGFjMB4XDTIyMDEw
MTEzMDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc0ZjBlZTAxNWQ1
Yjk0MTNjZmMzZDkwMmE2YmJiYWVkZGVhMTQ0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYFRklDt1tDvdMMqIrjiSUnkrt3QfJVWpC/vBW65XjBgTiP
vkO0cUtBpetF3P+U9ZIcLsGkjT7aJspGHTSqzzyAYSJcQvU7bsLo/v2SVaD7vWw/
Nf14YznBGO7IGO6kfGhjSmtlmCcRn17qxA0Q6L+Jdo5NOxLpXPUqdpbggvo84DxM
VdeRtPD0RWMek/yQEH4lDYaa99bdLlmkqx91AZeh83+LezbBQHh9fm9Z4R8zPjxK
/RfSKHTOh6E9d801hN4B9yW8jfy2ToU2FsUpfnLthv96g2N2i8UGp+XIXdqRqCKH
inNEsXSMJYfvq745ez4UBXjZkRbPkS7DNVrFircCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT3Tw7gFdW5QTz8PZAqa7uu3eoUTDAfBgNVHSMEGDAWgBRxL5yzwpixUL63
kIA3b3S96sQ4rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NTLWNzOEtZc1ZDLXQ1Q0FOMjkwdmVyRU9Ldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8x
LzkwOE80QlhWdVVFOF9EMlFLbXU3cnQzcUZFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZTJlMTE5LWZkNzgtNGIxYS1iMTZhLTk4N2RhNDM5MjA1Ni8xL2NTLWNzOEtZc1ZD
LXQ1Q0FOMjkwdmVyRU9Ldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAYGD/ADANBgkqhkiG9w0BAQsF
AAOCAQEAAzSfsjv4d1FiFRGLpmBcjhmwa7M1X8D869vqYxs6DKMS8vYe8X72f5bp
MRtEiTvnb7I1bEF9oTiHFE3ThmFpw0zHmc+XUmQu5eP74kw3NJCgxd7ebtoiY6R5
1cKNPrZG7qNvDAwvZrOVmhi4Xdz1xK+OVNwkaW0K/DmACA26ZswyUKPqOu996ViG
5/TpMuKUYWyM/+xB1r9PHSxe4n7CX7i1s75xD5hEcsXIePR9Cg1pLKIECA5rkXVr
qWbo5ZL1+TU5zyu7LvW43jETIB6OGOmdluAjltI1HDf/OCfutLZJGENIGinmoUt1
eUImLSXeUuptVLiAJFPN1O3Gjyio5Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:01:38 2025 by rpki-client