Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/f8kR6cFiDKQmwrKNNDNYefHqXtM.roa
File: f8kR6cFiDKQmwrKNNDNYefHqXtM.roa (raw, json)
Hash identifier: uxQZfBO/URerrBqmgl1FMFe1qvgYU3U7tVcas00ts2o=
Subject key identifier: 7F:C9:11:E9:C1:62:0C:A4:26:C2:B2:8D:34:33:58:79:F1:EA:5E:D3
Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial: 11DADDCE
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/f8kR6cFiDKQmwrKNNDNYefHqXtM.roa
Signing time: Sat 01 Jan 2022 13:56:28 +0000
ROA not before: Sat 01 Jan 2022 13:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39912
IP address blocks: 2a04:d200:211::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299556302 (0x11daddce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Validity
Not Before: Jan 1 13:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fc911e9c1620ca426c2b28d34335879f1ea5ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:17:19:9e:d2:be:c1:87:a8:d9:86:03:41:65:
c2:b4:a2:02:89:bf:69:5a:37:19:7b:c9:3b:ee:e7:
bd:06:3b:26:2e:df:07:f5:47:c6:19:f0:2e:85:9c:
8a:3b:66:6a:b3:e5:09:0a:c7:18:c2:db:25:96:a6:
3e:ee:db:ff:1d:b7:79:9c:dc:93:43:2d:75:6a:03:
d7:b8:10:67:b5:cc:a3:d0:d5:2f:18:8b:3b:5c:8e:
21:bc:02:7c:39:0d:3e:fc:0e:46:79:b0:4b:e1:eb:
53:f6:b0:35:9d:59:75:87:b7:27:48:a3:c8:37:5c:
72:4f:b4:72:a6:0b:93:59:f6:24:51:e4:59:ab:a8:
0c:bd:f6:68:e1:e7:4c:9c:75:2c:d9:02:bb:24:36:
d9:ec:62:c4:e6:e0:a5:8b:32:ab:1a:07:5a:ae:72:
7b:3a:14:25:2b:73:60:39:5a:05:6a:5e:cb:01:88:
cd:87:50:18:2a:7c:9c:73:8c:95:e8:66:7f:08:f9:
c5:0e:0a:12:91:38:01:7b:d0:f4:cf:a6:23:34:28:
65:47:1b:39:3b:12:ce:ce:3e:fa:83:b0:21:68:fb:
15:b0:2b:16:3c:4f:9a:54:52:5a:90:e4:65:e0:a5:
72:f7:db:62:2f:54:28:cc:5b:7d:0c:99:d3:e3:bd:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C9:11:E9:C1:62:0C:A4:26:C2:B2:8D:34:33:58:79:F1:EA:5E:D3
X509v3 Authority Key Identifier:
keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/f8kR6cFiDKQmwrKNNDNYefHqXtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:d200:211::/48
Signature Algorithm: sha256WithRSAEncryption
75:cd:33:31:a6:84:6d:c3:d5:18:7e:40:5c:47:73:5a:03:9e:
73:f0:60:77:2e:de:1d:10:c2:81:51:f7:f5:59:48:f3:cb:b5:
7b:7f:27:da:50:ac:ab:89:c3:75:be:69:31:4d:54:09:28:e7:
7d:0c:d5:fc:9f:31:13:1a:d8:f8:70:75:ef:e5:f4:15:5e:d2:
3e:bc:75:fb:9e:3a:ae:2e:c9:55:99:3b:b4:c2:eb:76:66:d1:
33:b7:4d:76:1e:49:3e:7f:91:a2:b4:f2:89:d7:28:67:c6:bc:
8f:e9:1e:e6:9a:da:87:de:ba:58:0c:ce:b7:5e:b9:75:9d:15:
cc:86:9e:0c:23:b4:fd:74:73:dc:10:bc:52:ce:02:0c:e9:8e:
1f:57:07:9d:bb:aa:25:1f:71:7a:a2:f1:8d:58:ae:8e:c8:74:
c8:92:8a:b3:2d:5c:5d:26:31:9e:03:29:97:36:23:31:1a:9c:
72:ae:42:9c:e8:b4:bc:bc:af:18:cb:4c:ab:b5:b7:c5:ef:ae:
60:1d:6d:1c:f4:e1:5f:5f:a1:b0:2b:29:bb:92:5f:d9:b4:30:
b7:9c:d6:1f:05:2f:3c:d9:7f:34:d0:55:45:c6:d4:70:3e:4a:
09:a7:4d:55:4d:e1:ec:00:94:eb:df:e6:c0:b6:b9:62:55:a6:
c3:d5:e8:7b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEdrdzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmQ4MmNjZjBjOGRlYTdkN2Y2YWQ3MmU4ZTYyNDYyZDdiZTIwZDU2MB4XDTIyMDEw
MTEzNTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZjOTExZTljMTYy
MGNhNDI2YzJiMjhkMzQzMzU4NzlmMWVhNWVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIcXGZ7SvsGHqNmGA0FlwrSiAom/aVo3GXvJO+7nvQY7Ji7f
B/VHxhnwLoWcijtmarPlCQrHGMLbJZamPu7b/x23eZzck0MtdWoD17gQZ7XMo9DV
LxiLO1yOIbwCfDkNPvwORnmwS+HrU/awNZ1ZdYe3J0ijyDdcck+0cqYLk1n2JFHk
WauoDL32aOHnTJx1LNkCuyQ22exixObgpYsyqxoHWq5yezoUJStzYDlaBWpeywGI
zYdQGCp8nHOMlehmfwj5xQ4KEpE4AXvQ9M+mIzQoZUcbOTsSzs4++oOwIWj7FbAr
FjxPmlRSWpDkZeClcvfbYi9UKMxbfQyZ0+O9bJUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR/yRHpwWIMpCbCso00M1h58epe0zAfBgNVHSMEGDAWgBTC2CzPDI3qfX9q
1y6OYkYte+INVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d0Z3N6d3lONm4xX2F0Y3VqbUpHTFh2aURWWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvMzI3OTUyLTRjNjYtNGI5NS1iNmRlLTQzMTE4ZTQ5NmQ0MC8x
L2Y4a1I2Y0ZpREtRbXdyS05ORE5ZZWZIcVh0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
MzI3OTUyLTRjNjYtNGI5NS1iNmRlLTQzMTE4ZTQ5NmQ0MC8xL3d0Z3N6d3lONm4x
X2F0Y3VqbUpHTFh2aURWWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoE0gACETANBgkqhkiG9w0BAQsF
AAOCAQEAdc0zMaaEbcPVGH5AXEdzWgOec/Bgdy7eHRDCgVH39VlI88u1e38n2lCs
q4nDdb5pMU1UCSjnfQzV/J8xExrY+HB17+X0FV7SPrx1+546ri7JVZk7tMLrdmbR
M7dNdh5JPn+RorTyidcoZ8a8j+ke5prah966WAzOt165dZ0VzIaeDCO0/XRz3BC8
Us4CDOmOH1cHnbuqJR9xeqLxjViujsh0yJKKsy1cXSYxngMplzYjMRqccq5CnOi0
vLyvGMtMq7W3xe+uYB1tHPThX1+hsCspu5Jf2bQwt5zWHwUvPNl/NNBVRcbUcD5K
CadNVU3h7ACU69/mwLa5YlWmw9Xoew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:01 2025 by rpki-client