Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/Z7mVj4mlIqGUevZywMNLQky0sgg.roa
File: Z7mVj4mlIqGUevZywMNLQky0sgg.roa (raw, json)
Hash identifier: m6b9XfuWlLL6TjDlpTbdiV7Wk5M0KisWoIsBekKV3Ss=
Subject key identifier: 67:B9:95:8F:89:A5:22:A1:94:7A:F6:72:C0:C3:4B:42:4C:B4:B2:08
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 0186D0E857951193B4FA50E17D3CA6B22E26
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/Z7mVj4mlIqGUevZywMNLQky0sgg.roa
Signing time: Sat 11 Mar 2023 13:42:13 +0000
ROA not before: Sat 11 Mar 2023 13:42:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a13:3f83::/40 maxlen: 40
2a13:3f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d0:e8:57:95:11:93:b4:fa:50:e1:7d:3c:a6:b2:2e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Mar 11 13:42:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67b9958f89a522a1947af672c0c34b424cb4b208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3a:7e:4c:db:a2:2e:1d:13:f7:35:e9:06:47:
fb:56:dc:98:81:48:cc:09:03:e2:94:81:28:6b:9c:
b6:0a:16:57:be:4e:f4:1f:65:8a:84:0c:4e:f7:2f:
8f:f2:0b:a5:9e:e1:f8:7f:7e:2f:40:5a:9f:19:28:
1b:32:b9:de:32:26:08:7c:f7:c8:e6:94:db:b7:0f:
50:6c:c9:ff:1e:ff:68:86:aa:50:13:3d:74:cf:43:
e1:6c:00:f5:91:d5:18:55:b1:25:54:36:fd:d6:34:
93:ee:57:52:48:9e:3e:98:05:80:c0:8a:ea:95:a0:
ad:55:9b:31:eb:f5:3c:cb:20:9d:f2:f3:62:9f:9b:
0c:7e:42:81:08:76:a1:a7:2b:e0:e8:e9:86:52:8f:
68:ec:6a:7b:0b:49:01:9f:9c:9a:cf:da:c7:79:eb:
f1:0d:ff:c6:7f:ff:c4:14:d6:b1:5e:c3:9b:f0:29:
06:22:cb:87:c1:7c:b4:a7:47:b9:8e:a2:84:e5:2a:
30:77:e6:64:b3:4e:89:57:6d:a8:53:26:67:12:53:
ae:ca:00:98:bd:df:6d:c5:f7:73:7a:d4:b0:c1:74:
37:95:24:20:e3:1d:b7:0b:2e:10:ef:f2:2f:ce:a8:
1d:fe:64:39:8b:60:23:88:ba:c8:3c:c4:e3:e2:da:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B9:95:8F:89:A5:22:A1:94:7A:F6:72:C0:C3:4B:42:4C:B4:B2:08
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/Z7mVj4mlIqGUevZywMNLQky0sgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3f80::/32
2a13:3f83::/40
Signature Algorithm: sha256WithRSAEncryption
0e:dc:3e:bc:94:80:c8:f2:cd:97:1f:cc:22:d1:19:7f:57:c9:
7a:91:92:2f:74:56:ce:70:00:5f:61:cb:d8:c4:24:63:62:2d:
d8:14:22:ba:a4:88:39:1c:f2:a0:61:16:86:0b:8a:94:25:c9:
4f:98:7e:aa:0f:a7:aa:93:f8:b2:b6:f8:22:f4:ca:57:ce:29:
61:d0:4e:00:4a:75:a7:74:42:9a:bc:cd:fb:fa:48:a4:c2:7c:
83:6d:37:95:15:64:e3:59:83:f8:80:0e:8d:f6:39:4a:f4:74:
40:7d:9f:b2:1c:11:38:95:b6:6f:23:80:46:02:bd:40:d8:c5:
ac:62:1b:84:7e:91:22:fa:af:3b:13:29:fa:fc:aa:74:97:e5:
a2:e2:48:91:55:17:d4:b8:85:30:be:b3:8a:59:df:3a:02:06:
17:55:96:34:8e:92:90:55:dd:ed:d4:37:6c:7e:26:f9:70:b0:
c4:62:1f:a0:12:44:0e:e7:71:7e:b3:0b:bb:4e:63:55:20:3e:
21:6b:f9:3a:d8:ef:9a:a4:4f:05:8e:a1:be:be:ab:4c:73:d4:
5c:0a:c9:d2:b5:11:98:6f:ae:fb:87:49:e5:da:b9:2d:b2:cb:
93:90:d8:d8:bf:02:7f:5f:10:fa:63:bd:3a:71:28:88:54:ca:
62:09:30:a0
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYbQ6FeVEZO0+lDhfTymsi4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjMwMzExMTM0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I5OTU4Zjg5YTUyMmExOTQ3YWY2NzJjMGMzNGI0MjRjYjRiMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTp+TNuiLh0T9zXpBkf7VtyYgUjM
CQPilIEoa5y2ChZXvk70H2WKhAxO9y+P8gulnuH4f34vQFqfGSgbMrneMiYIfPfI
5pTbtw9QbMn/Hv9ohqpQEz10z0PhbAD1kdUYVbElVDb91jST7ldSSJ4+mAWAwIrq
laCtVZsx6/U8yyCd8vNin5sMfkKBCHahpyvg6OmGUo9o7Gp7C0kBn5yaz9rHeevx
Df/Gf//EFNaxXsOb8CkGIsuHwXy0p0e5jqKE5Sowd+Zks06JV22oUyZnElOuygCY
vd9txfdzetSwwXQ3lSQg4x23Cy4Q7/Ivzqgd/mQ5i2AjiLrIPMTj4toJrwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFGe5lY+JpSKhlHr2csDDS0JMtLIIMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvWjdtVmo0bWxJcUdVZXZaeXdNTkxRa3kwc2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKhM/gAMG
ACoTP4MAMA0GCSqGSIb3DQEBCwUAA4IBAQAO3D68lIDI8s2XH8wi0Rl/V8l6kZIv
dFbOcABfYcvYxCRjYi3YFCK6pIg5HPKgYRaGC4qUJclPmH6qD6eqk/iytvgi9MpX
zilh0E4ASnWndEKavM37+kikwnyDbTeVFWTjWYP4gA6N9jlK9HRAfZ+yHBE4lbZv
I4BGAr1A2MWsYhuEfpEi+q87Eyn6/Kp0l+Wi4kiRVRfUuIUwvrOKWd86AgYXVZY0
jpKQVd3t1Ddsfib5cLDEYh+gEkQO53F+swu7TmNVID4ha/k62O+apE8FjqG+vqtM
c9RcCsnStRGYb677h0nl2rktssuTkNjYvwJ/XxD6Y706cSiIVMpiCTCg
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:39 2025 by rpki-client