Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fs09K-SMcWmXuAXEA3sHn4v4DrU.roa
File: fs09K-SMcWmXuAXEA3sHn4v4DrU.roa (raw, json)
Hash identifier: dI0aSaEXgd5G1p/Jft/RO2fr8sMDq85JptYE22Pg19g=
Subject key identifier: 7E:CD:3D:2B:E4:8C:71:69:97:B8:05:C4:03:7B:07:9F:8B:F8:0E:B5
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 0184E3DE5119D4D146F702B7CCE3E28AB2E8
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fs09K-SMcWmXuAXEA3sHn4v4DrU.roa
Signing time: Mon 05 Dec 2022 19:58:28 +0000
ROA not before: Mon 05 Dec 2022 19:58:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197444
IP address blocks: 2a13:50c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:de:51:19:d4:d1:46:f7:02:b7:cc:e3:e2:8a:b2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Dec 5 19:58:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ecd3d2be48c716997b805c4037b079f8bf80eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e0:d1:11:8c:88:b2:fc:2c:38:2a:1a:bc:66:
cb:9f:02:9d:6f:0b:32:93:dc:aa:11:58:66:97:ae:
b3:8b:ce:ed:86:73:c4:b8:97:b4:82:12:3f:67:d5:
8f:e6:68:43:a3:71:1d:fd:40:49:21:49:94:62:1e:
8b:4a:b1:72:28:91:71:60:97:b0:fe:05:02:6a:26:
fd:13:cd:8d:d9:6f:ab:b6:62:01:e3:b1:7f:e8:0e:
9a:1a:9e:2e:b7:b7:07:46:50:4f:e8:de:07:48:83:
d4:5c:87:24:72:55:59:19:b6:77:26:66:05:e0:0b:
c9:6c:8b:b3:79:8c:ee:fa:b0:ae:d8:83:77:4d:d6:
88:10:aa:ad:14:44:93:77:ac:e0:bd:d7:f5:2e:c7:
72:51:c9:94:19:cd:53:b2:39:ec:61:93:6a:1b:7a:
68:19:dc:be:d4:68:4a:c7:20:d8:58:67:c6:4e:9b:
6e:92:66:f1:df:e3:11:f2:9b:ba:d9:15:3f:1a:de:
cd:7f:aa:a4:a2:d0:fc:67:97:fa:14:eb:2c:a9:e7:
af:a9:93:2e:b0:bd:7b:c1:46:5c:c8:7c:d4:79:d9:
6b:25:fd:6a:b1:86:cf:33:da:02:c7:51:5c:aa:d0:
df:a1:ad:e3:d1:40:d0:79:74:e2:17:68:55:83:c8:
07:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CD:3D:2B:E4:8C:71:69:97:B8:05:C4:03:7B:07:9F:8B:F8:0E:B5
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fs09K-SMcWmXuAXEA3sHn4v4DrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:9b:17:c1:23:5a:e7:35:d0:aa:30:40:84:51:25:4e:d6:43:
97:2e:06:f4:d2:4d:06:c7:d9:ad:40:7e:72:f1:be:2f:31:f9:
bc:3c:88:4a:3a:66:61:c5:19:e9:7e:d4:b7:25:64:19:d5:a5:
d3:54:bb:1e:ab:04:c9:d4:9d:3f:10:05:a5:8a:70:b0:08:48:
71:7f:7d:90:12:c1:63:56:ea:81:52:d7:25:8e:c9:e6:28:c0:
b4:47:b6:5b:b5:d7:f7:63:40:52:2f:70:ee:0d:fa:2d:0d:33:
c5:ea:a7:d0:95:68:85:b9:93:3f:9e:5b:dd:a7:55:1e:0a:66:
de:7d:d9:fb:c1:e8:09:2b:a3:fa:05:91:85:2e:03:ed:6d:72:
81:a8:6a:18:7b:50:c2:70:19:24:3d:a5:53:35:e1:1e:a0:fc:
34:d6:db:17:5c:08:83:49:4a:01:6a:d7:38:26:6d:42:e9:f1:
8c:42:d6:67:35:ce:16:fa:a8:30:e6:9a:cd:6f:03:6c:b4:85:
3d:38:11:68:7c:18:1c:18:1a:e5:31:d4:cd:77:32:ac:96:ec:
8e:ab:50:c7:88:6f:49:49:e7:b8:da:1e:6c:c0:76:bf:39:ac:
e3:94:b8:ab:e5:1a:3d:6b:74:22:86:f2:87:0f:7d:de:c4:23:
62:84:77:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTj3lEZ1NFG9wK3zOPiirLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjIxMjA1MTk1ODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNkM2QyYmU0OGM3MTY5OTdiODA1YzQwMzdiMDc5ZjhiZjgwZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiODREYyIsvwsOCoavGbLnwKdbwsy
k9yqEVhml66zi87thnPEuJe0ghI/Z9WP5mhDo3Ed/UBJIUmUYh6LSrFyKJFxYJew
/gUCaib9E82N2W+rtmIB47F/6A6aGp4ut7cHRlBP6N4HSIPUXIckclVZGbZ3JmYF
4AvJbIuzeYzu+rCu2IN3TdaIEKqtFESTd6zgvdf1LsdyUcmUGc1TsjnsYZNqG3po
Gdy+1GhKxyDYWGfGTptukmbx3+MR8pu62RU/Gt7Nf6qkotD8Z5f6FOssqeevqZMu
sL17wUZcyHzUedlrJf1qsYbPM9oCx1FcqtDfoa3j0UDQeXTiF2hVg8gHUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH7NPSvkjHFpl7gFxAN7B5+L+A61MB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvZnMwOUstU01jV21YdUFYRUEzc0huNHY0RHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAB5sXwSNa5zXQqjBAhFElTtZDly4G9NJNBsfZrUB+
cvG+LzH5vDyISjpmYcUZ6X7UtyVkGdWl01S7HqsEydSdPxAFpYpwsAhIcX99kBLB
Y1bqgVLXJY7J5ijAtEe2W7XX92NAUi9w7g36LQ0zxeqn0JVohbmTP55b3adVHgpm
3n3Z+8HoCSuj+gWRhS4D7W1ygahqGHtQwnAZJD2lUzXhHqD8NNbbF1wIg0lKAWrX
OCZtQunxjELWZzXOFvqoMOaazW8DbLSFPTgRaHwYHBga5THUzXcyrJbsjqtQx4hv
SUnnuNoebMB2vzms45S4q+UaPWt0Iobyhw993sQjYoR36g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:52 2025 by rpki-client