Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zxEjEm8NzkI-Wige7HZgAsKGhc0.roa
File: zxEjEm8NzkI-Wige7HZgAsKGhc0.roa (raw, json)
Hash identifier: HAVXyPu80yaJRoSQybWXmrF9ufGm3RVX+A053rX/PF0=
Subject key identifier: CF:11:23:12:6F:0D:CE:42:3E:5A:28:1E:EC:76:60:02:C2:86:85:CD
Certificate issuer: /CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
Certificate serial: 08E0C728
Authority key identifier: CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zxEjEm8NzkI-Wige7HZgAsKGhc0.roa
Signing time: Sat 01 Jan 2022 11:55:03 +0000
ROA not before: Sat 01 Jan 2022 11:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48882
IP address blocks: 2a0e:2100::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148948776 (0x8e0c728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1242e6c7ebd82a23fa1a08f396ebe5ab34cf6b
Validity
Not Before: Jan 1 11:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf1123126f0dce423e5a281eec766002c28685cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:95:42:0c:ec:7e:bf:69:4c:3a:cc:24:5a:19:
8e:20:15:15:6c:be:8a:e3:5b:c8:de:5c:ef:4f:6f:
5c:a8:99:9c:da:a6:6c:62:c6:50:26:69:16:c0:20:
b5:55:88:c1:f1:65:29:5f:7e:ba:1f:25:14:c0:da:
7a:01:c4:87:71:bf:36:a9:ad:66:a7:87:7a:0a:27:
35:ba:e9:93:df:84:54:e4:b0:b5:07:1e:93:28:a0:
36:2c:72:f6:2d:91:87:bc:c7:25:5e:a5:90:ca:0c:
28:70:23:37:c0:9e:3c:7e:7d:cb:7f:4c:43:d6:c8:
ed:d4:c2:67:67:ff:5c:29:7a:56:5a:66:57:fa:ce:
ac:3a:66:09:9d:ae:60:2b:a1:0d:d2:1a:87:f7:0a:
bd:94:d8:81:70:d5:48:23:ab:d0:27:9f:3f:5a:c1:
ad:85:35:ba:bd:7e:c0:d2:9e:90:a5:bb:f5:e4:82:
b6:cd:1b:59:6e:47:fc:2a:8c:8c:da:41:27:a6:2d:
94:3f:a7:b1:7f:64:6b:3b:66:97:92:1e:ac:60:87:
12:be:fe:71:34:30:e7:3b:75:3a:04:5f:45:76:bb:
62:53:70:73:8e:85:f5:e7:29:65:58:12:20:19:5e:
da:93:ef:91:2a:5c:0d:b6:57:cf:11:09:cf:d4:06:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:11:23:12:6F:0D:CE:42:3E:5A:28:1E:EC:76:60:02:C2:86:85:CD
X509v3 Authority Key Identifier:
keyid:CD:12:42:E6:C7:EB:D8:2A:23:FA:1A:08:F3:96:EB:E5:AB:34:CF:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRJC5sfr2Coj-hoI85br5as0z2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zxEjEm8NzkI-Wige7HZgAsKGhc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a757c-adde-485c-9171-f603538412c8/1/zRJC5sfr2Coj-hoI85br5as0z2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2100::/47
Signature Algorithm: sha256WithRSAEncryption
4d:25:5c:91:0a:c6:ab:96:b3:4a:f1:b3:e3:5a:b5:15:ea:b4:
b3:b7:97:62:af:c5:14:e9:c6:f5:d5:08:c3:10:ba:22:86:2b:
9f:02:a0:ca:c4:38:22:f3:77:e5:7f:4f:db:0e:88:63:2e:b6:
d1:57:08:ec:87:9e:07:78:fa:55:ab:aa:dc:4b:be:48:c9:98:
5c:50:2d:a1:c4:4d:c8:13:3a:9b:1c:f7:1d:c1:8b:c8:47:71:
ae:fd:c7:cd:2a:d0:f8:75:18:ec:c5:11:be:c2:a2:91:b3:d8:
e9:24:72:48:22:0e:e3:25:aa:14:f1:7f:2b:03:f5:48:e8:55:
12:a6:c5:16:b4:7c:5e:fd:79:b5:09:82:27:37:55:d2:1b:9d:
27:e8:ce:7f:09:38:97:60:88:31:33:d6:ea:c7:fe:18:5a:1e:
f5:d5:d8:c2:ee:44:a2:32:c1:8a:dd:6e:b7:f6:19:b2:2f:5d:
1a:f0:a2:65:4c:16:da:2a:ab:25:6c:67:ab:f7:66:24:68:2e:
f1:df:05:3b:6c:3c:b5:ad:ab:91:94:ae:de:b2:1c:b9:da:a3:
ce:b3:e1:c8:de:75:4b:cd:3b:8a:9d:de:30:15:84:e7:58:bd:
c4:e3:22:1d:e2:43:38:91:8d:a6:11:93:0d:6d:4d:41:e7:66:
c7:18:16:2b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECODHKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDEyNDJlNmM3ZWJkODJhMjNmYTFhMDhmMzk2ZWJlNWFiMzRjZjZiMB4XDTIyMDEw
MTExNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YxMTIzMTI2ZjBk
Y2U0MjNlNWEyODFlZWM3NjYwMDJjMjg2ODVjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKVQgzsfr9pTDrMJFoZjiAVFWy+iuNbyN5c709vXKiZnNqm
bGLGUCZpFsAgtVWIwfFlKV9+uh8lFMDaegHEh3G/NqmtZqeHegonNbrpk9+EVOSw
tQcekyigNixy9i2Rh7zHJV6lkMoMKHAjN8CePH59y39MQ9bI7dTCZ2f/XCl6Vlpm
V/rOrDpmCZ2uYCuhDdIah/cKvZTYgXDVSCOr0CefP1rBrYU1ur1+wNKekKW79eSC
ts0bWW5H/CqMjNpBJ6YtlD+nsX9kaztml5IerGCHEr7+cTQw5zt1OgRfRXa7YlNw
c46F9ecpZVgSIBle2pPvkSpcDbZXzxEJz9QGglcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTPESMSbw3OQj5aKB7sdmACwoaFzTAfBgNVHSMEGDAWgBTNEkLmx+vYKiP6
GgjzluvlqzTPazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pSSkM1c2ZyMkNvai1ob0k4NWJyNWFzMHoycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvNGE3NTdjLWFkZGUtNDg1Yy05MTcxLWY2MDM1Mzg0MTJjOC8x
L3p4RWpFbThOemtJLVdpZ2U3SFpnQXNLR2hjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
NGE3NTdjLWFkZGUtNDg1Yy05MTcxLWY2MDM1Mzg0MTJjOC8xL3pSSkM1c2ZyMkNv
ai1ob0k4NWJyNWFzMHoycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoOIQAAADANBgkqhkiG9w0BAQsF
AAOCAQEATSVckQrGq5azSvGz41q1Feq0s7eXYq/FFOnG9dUIwxC6IoYrnwKgysQ4
IvN35X9P2w6IYy620VcI7IeeB3j6Vauq3Eu+SMmYXFAtocRNyBM6mxz3HcGLyEdx
rv3HzSrQ+HUY7MURvsKikbPY6SRySCIO4yWqFPF/KwP1SOhVEqbFFrR8Xv15tQmC
JzdV0hudJ+jOfwk4l2CIMTPW6sf+GFoe9dXYwu5EojLBit1ut/YZsi9dGvCiZUwW
2iqrJWxnq/dmJGgu8d8FO2w8ta2rkZSu3rIcudqjzrPhyN51S807ip3eMBWE51i9
xOMiHeJDOJGNphGTDW1NQedmxxgWKw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:26 2025 by rpki-client