Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/4aaBGqUJPPRc5QfhhcgqMm9nR1g.roa
File: 4aaBGqUJPPRc5QfhhcgqMm9nR1g.roa (raw, json)
Hash identifier: 96FZlkKRIWjYSGZpFBlx5y9oUF83nNgCvCuxSZ5yqFs=
Subject key identifier: E1:A6:81:1A:A5:09:3C:F4:5C:E5:07:E1:85:C8:2A:32:6F:67:47:58
Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial: 0187464FE73CBAFE0672E2C5C4DD749E8A38
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/4aaBGqUJPPRc5QfhhcgqMm9nR1g.roa
Signing time: Mon 03 Apr 2023 08:50:54 +0000
ROA not before: Mon 03 Apr 2023 08:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209437
IP address blocks: 2a0a:56c4:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:4f:e7:3c:ba:fe:06:72:e2:c5:c4:dd:74:9e:8a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Validity
Not Before: Apr 3 08:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a6811aa5093cf45ce507e185c82a326f674758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9e:22:f2:65:7b:9d:69:12:cb:05:b1:ae:d3:
70:41:07:d1:68:ca:12:a9:a8:d0:41:14:1b:16:6e:
39:5d:34:6a:28:b0:af:42:1d:a4:9d:6c:6b:4d:49:
a9:29:df:11:3e:14:53:6a:a0:55:ef:47:18:53:3e:
53:b7:cf:6f:14:38:c3:0b:ac:0b:45:23:b4:2f:02:
02:a0:67:d9:7c:18:01:b9:0d:ae:18:f4:93:fa:01:
fc:f4:aa:dc:ff:80:bb:56:d3:62:c1:52:6b:a5:8c:
b1:ba:5b:60:19:89:15:5f:f8:bd:98:14:26:fa:45:
07:9f:36:28:23:cf:6e:33:ee:8a:18:08:ad:92:99:
78:d1:87:2f:42:d7:4a:f2:fd:a1:a8:d4:c9:3a:e3:
e3:d9:0f:2a:7a:c0:fc:8f:d6:16:20:a7:3c:e0:e7:
6d:61:b8:5d:c3:b1:b2:8b:55:74:5c:c1:46:84:37:
bf:b6:fb:55:16:d6:1c:c6:89:97:51:12:51:1f:c8:
d0:1a:84:c8:f4:30:d2:7e:44:b4:4d:89:fe:fe:44:
45:de:10:13:ea:23:29:bd:64:28:87:1a:da:3c:71:
4e:75:c0:88:db:da:c1:2b:81:3b:6c:d2:70:21:c1:
7a:31:16:a6:2a:83:23:07:d3:81:2d:76:22:36:e3:
82:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A6:81:1A:A5:09:3C:F4:5C:E5:07:E1:85:C8:2A:32:6F:67:47:58
X509v3 Authority Key Identifier:
keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/4aaBGqUJPPRc5QfhhcgqMm9nR1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:56c4:3::/48
Signature Algorithm: sha256WithRSAEncryption
6b:9f:e9:ae:bc:30:8f:dd:38:e4:79:9b:ab:c6:24:6d:c6:f6:
31:3c:07:2f:bd:62:3d:37:2b:7a:b2:e1:78:97:a8:e6:12:34:
83:6d:c4:9a:65:a6:f4:38:c7:a7:f5:fa:3d:62:2b:4f:c1:a0:
2e:43:06:a1:7d:1d:29:37:4a:85:41:f5:e0:f3:fc:cf:f6:d5:
28:3e:ba:f0:e4:36:e0:5e:d1:24:2f:11:10:0a:0a:66:2a:c3:
bf:4e:c7:70:bc:b7:d7:d3:fd:90:92:90:66:0f:c8:d7:a8:50:
50:b7:60:29:af:0c:3c:ae:2d:90:1c:e9:03:11:b3:1a:80:1f:
de:c2:da:01:9e:45:f1:fa:e9:bc:0a:de:3e:60:20:6f:24:b6:
68:49:35:c7:e8:53:83:67:94:59:8e:5f:86:f5:4a:fd:89:c3:
31:13:fe:6a:10:c5:8b:92:0d:36:d5:f2:bb:18:37:11:80:c2:
9f:79:20:64:26:13:f7:c1:9b:69:d7:c1:95:06:c1:11:54:5b:
9f:25:67:a9:6a:5d:07:9b:4c:02:ea:c5:bd:0c:a0:1c:ca:fa:
ca:a8:e6:82:97:4c:b1:c5:19:f6:42:b9:e5:00:8d:a7:61:b4:
1f:10:eb:76:52:33:76:d7:6b:20:de:a7:a0:79:98:7f:cf:39:
04:01:9b:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYdGT+c8uv4GcuLFxN10noo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjMwNDAzMDg1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE2ODExYWE1MDkzY2Y0NWNlNTA3ZTE4NWM4MmEzMjZmNjc0NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ4i8mV7nWkSywWxrtNwQQfRaMoS
qajQQRQbFm45XTRqKLCvQh2knWxrTUmpKd8RPhRTaqBV70cYUz5Tt89vFDjDC6wL
RSO0LwICoGfZfBgBuQ2uGPST+gH89Krc/4C7VtNiwVJrpYyxultgGYkVX/i9mBQm
+kUHnzYoI89uM+6KGAitkpl40YcvQtdK8v2hqNTJOuPj2Q8qesD8j9YWIKc84Odt
Ybhdw7Gyi1V0XMFGhDe/tvtVFtYcxomXURJRH8jQGoTI9DDSfkS0TYn+/kRF3hAT
6iMpvWQohxraPHFOdcCI29rBK4E7bNJwIcF6MRamKoMjB9OBLXYiNuOC1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOGmgRqlCTz0XOUH4YXIKjJvZ0dYMB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvNGFhQkdxVUpQUFJjNVFmaGhjZ3FNbTluUjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpWxAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBrn+muvDCP3TjkeZurxiRtxvYxPAcvvWI9Nyt6
suF4l6jmEjSDbcSaZab0OMen9fo9YitPwaAuQwahfR0pN0qFQfXg8/zP9tUoPrrw
5DbgXtEkLxEQCgpmKsO/TsdwvLfX0/2QkpBmD8jXqFBQt2Aprww8ri2QHOkDEbMa
gB/ewtoBnkXx+um8Ct4+YCBvJLZoSTXH6FODZ5RZjl+G9Ur9icMxE/5qEMWLkg02
1fK7GDcRgMKfeSBkJhP3wZtp18GVBsERVFufJWepal0Hm0wC6sW9DKAcyvrKqOaC
l0yxxRn2QrnlAI2nYbQfEOt2UjN212sg3qegeZh/zzkEAZsD
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:57 2025 by rpki-client