Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/n3HdoYMYW7iDKEmHZmOyBEcjLAc.roa
File: n3HdoYMYW7iDKEmHZmOyBEcjLAc.roa (raw, json)
Hash identifier: 6iDQ0DBGXStHqa6Qef7SW0pzwIEcsLNKogRK4oJ3ej0=
Subject key identifier: 9F:71:DD:A1:83:18:5B:B8:83:28:49:87:66:63:B2:04:47:23:2C:07
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 04D9BAE3
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/n3HdoYMYW7iDKEmHZmOyBEcjLAc.roa
Signing time: Sat 01 Jan 2022 15:54:55 +0000
ROA not before: Sat 01 Jan 2022 15:54:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:580:f010::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81378019 (0x4d9bae3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Jan 1 15:54:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f71dda183185bb8832849876663b20447232c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6d:5c:2c:de:da:8f:46:5c:82:05:49:c0:35:
be:93:ff:fc:9f:61:a0:fa:f5:f3:5a:c3:e2:c3:6f:
18:b8:d8:5a:6e:14:60:58:ac:66:c8:42:8b:2a:78:
3d:96:04:88:24:d9:3b:d8:ca:6a:f4:8e:92:f4:92:
1d:a2:6c:9f:da:d0:66:84:52:02:d3:86:ee:9e:35:
a7:ee:95:11:b2:db:15:c2:72:1e:c8:a5:46:99:73:
7d:61:5d:95:00:08:7e:dd:9a:79:d5:93:9c:f5:81:
49:9d:eb:45:e4:5e:a7:28:78:70:3a:51:16:23:f2:
c3:e0:9e:11:b8:8e:0c:a6:49:93:5e:c6:8a:80:a9:
35:bf:c8:66:4a:38:9b:c7:25:92:4f:62:df:82:4c:
d7:8a:5e:95:f9:8b:ce:45:c2:a7:a2:36:1e:f0:b7:
0c:eb:4e:9d:7d:73:88:c8:47:2f:23:0a:4f:2b:52:
ce:76:2f:e9:f4:8d:04:aa:c6:a1:af:cf:2c:ce:2d:
06:f0:7f:11:a6:e6:7f:89:de:20:0a:0c:bb:d8:be:
47:0f:81:e8:50:54:f1:e0:c0:73:f1:a3:be:af:53:
2a:db:64:eb:b8:4e:eb:25:39:48:55:eb:fb:0f:d9:
6f:93:8d:62:4b:5f:7b:16:53:3e:35:3e:0c:80:a1:
16:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:71:DD:A1:83:18:5B:B8:83:28:49:87:66:63:B2:04:47:23:2C:07
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/n3HdoYMYW7iDKEmHZmOyBEcjLAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:580:f010::/48
Signature Algorithm: sha256WithRSAEncryption
25:c1:d6:92:55:98:91:77:90:8c:d1:b2:c8:e1:99:e6:78:3d:
88:ac:50:2e:34:cb:0d:04:74:2a:bb:5c:6c:da:8e:ba:6d:1c:
03:66:dc:51:8d:19:ff:f5:ee:51:fc:93:c1:f8:ee:71:25:4d:
45:d3:59:a6:91:2d:3d:7d:0b:a8:f3:91:b5:bc:9f:eb:2a:6a:
27:e8:a9:1e:8d:bb:2e:5e:06:24:30:99:bb:f4:a0:54:85:a4:
d7:d8:ce:ba:01:4c:12:d9:dc:92:29:c5:b1:5f:28:26:6c:ad:
8d:34:ff:61:14:b1:c1:6b:94:49:b2:19:fc:a2:80:bc:3c:65:
55:dd:32:d8:ae:34:67:a3:bc:5a:d7:01:d4:ea:c7:a5:11:d9:
18:f0:98:ff:9e:6c:5d:22:37:57:c8:1b:c5:50:c2:54:5e:60:
e0:d6:f2:b3:0b:30:77:91:d8:e1:94:fc:48:92:88:b5:25:eb:
58:9e:92:28:0c:a4:ec:01:40:dd:ff:9c:74:15:d8:14:0d:75:
75:05:dc:ac:b2:32:7c:f9:51:60:c7:35:59:ed:5f:8e:a6:5d:
5d:39:d9:e9:b1:a8:3d:ad:40:2a:96:35:8e:a6:2d:a9:5f:bc:
ff:ca:c6:3f:54:6f:6c:dc:98:f2:8d:c2:f6:ff:b8:46:1f:9c:
de:4a:37:f1
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEBNm64zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc4MmI3OGYyMGE2ZTRiNzA2NDMwNTJiZDFhNDBhZjE1YTU2MzM4MB4XDTIyMDEw
MTE1NTQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY3MWRkYTE4MzE4
NWJiODgzMjg0OTg3NjY2M2IyMDQ0NzIzMmMwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZtXCze2o9GXIIFScA1vpP//J9hoPr181rD4sNvGLjYWm4U
YFisZshCiyp4PZYEiCTZO9jKavSOkvSSHaJsn9rQZoRSAtOG7p41p+6VEbLbFcJy
HsilRplzfWFdlQAIft2aedWTnPWBSZ3rReRepyh4cDpRFiPyw+CeEbiODKZJk17G
ioCpNb/IZko4m8clkk9i34JM14pelfmLzkXCp6I2HvC3DOtOnX1ziMhHLyMKTytS
znYv6fSNBKrGoa/PLM4tBvB/Eabmf4neIAoMu9i+Rw+B6FBU8eDAc/Gjvq9TKttk
67hO6yU5SFXr+w/Zb5ONYktfexZTPjU+DIChFhcCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBSfcd2hgxhbuIMoSYdmY7IERyMsBzAfBgNVHSMEGDAWgBT7eCt48gpuS3Bk
MFK9GkCvFaVjODAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UzLzlkYzkzMy01YzBkLTQ0NjEtYTQ1ZC04ZjdkNTY5MWMxYmUv
MS9uM0hkb1lNWVc3aURLRW1IWm1PeUJFY2pMQWMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uz
LzlkYzkzMy01YzBkLTQ0NjEtYTQ1ZC04ZjdkNTY5MWMxYmUvMS8xLTNncmVQSUti
a3R3WkRCU3ZScEFyeFdsWXpnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgoFgPAQMA0GCSqGSIb3DQEB
CwUAA4IBAQAlwdaSVZiRd5CM0bLI4ZnmeD2IrFAuNMsNBHQqu1xs2o66bRwDZtxR
jRn/9e5R/JPB+O5xJU1F01mmkS09fQuo85G1vJ/rKmon6KkejbsuXgYkMJm79KBU
haTX2M66AUwS2dySKcWxXygmbK2NNP9hFLHBa5RJshn8ooC8PGVV3TLYrjRno7xa
1wHU6selEdkY8Jj/nmxdIjdXyBvFUMJUXmDg1vKzCzB3kdjhlPxIkoi1JetYnpIo
DKTsAUDd/5x0FdgUDXV1BdyssjJ8+VFgxzVZ7V+Opl1dOdnpsag9rUAqljWOpi2p
X7z/ysY/VG9s3JjyjcL2/7hGH5zeSjfx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:34 2025 by rpki-client