Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/RPHmKXoEnvCuOvabRikqGpb9QKw.roa
File: RPHmKXoEnvCuOvabRikqGpb9QKw.roa (raw, json)
Hash identifier: nsj5ejxiZUPRu2QK9DVDRsOxTCr/G9hxPEACUX6hlKI=
Subject key identifier: 44:F1:E6:29:7A:04:9E:F0:AE:3A:F6:9B:46:29:2A:1A:96:FD:40:AC
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 0B221AF3
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/RPHmKXoEnvCuOvabRikqGpb9QKw.roa
Signing time: Sat 01 Jan 2022 08:00:35 +0000
ROA not before: Sat 01 Jan 2022 08:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206754
IP address blocks: 2a04:5d00:80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186784499 (0xb221af3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 1 08:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44f1e6297a049ef0ae3af69b46292a1a96fd40ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2d:1d:8a:62:ff:83:57:9e:63:cc:83:f7:4a:
ff:71:8a:26:89:f7:f0:74:56:92:46:ab:df:f3:66:
eb:ff:a6:ca:7b:73:1d:3c:2f:cf:18:9e:d2:30:fa:
cf:11:69:c7:bc:9c:ec:9a:52:1b:f0:1f:06:8b:94:
c4:3c:5f:50:ff:f0:ea:78:25:e4:76:0a:46:c7:e5:
87:76:5f:32:76:23:14:a7:c4:59:42:49:6c:2b:32:
8e:6d:6d:2c:f1:e4:5a:3c:25:c6:2c:8a:a0:66:4e:
02:0b:87:c2:6c:04:31:e9:28:ff:af:a6:7c:bc:bc:
62:11:c9:b5:52:04:19:f7:3f:20:57:c2:42:37:92:
db:3c:cd:85:97:40:d5:d4:85:7a:c3:4d:81:de:73:
9b:ce:59:84:09:51:97:d1:ec:c5:06:0c:a0:c6:34:
6c:30:63:1d:e8:5c:6e:a0:3f:3a:61:42:b5:23:4a:
0f:5b:b6:36:87:ec:1e:2c:30:23:94:ec:ce:fd:77:
15:d8:20:59:94:93:d1:78:1c:2c:b9:82:e7:63:ce:
d4:3c:ee:3d:9b:63:79:24:73:fd:c3:9b:00:68:f9:
96:ff:09:45:60:53:5f:85:90:a0:14:7d:29:ea:6a:
bf:a8:df:e6:87:e2:9a:bb:ed:bb:c5:0c:92:86:8a:
fa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F1:E6:29:7A:04:9E:F0:AE:3A:F6:9B:46:29:2A:1A:96:FD:40:AC
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/RPHmKXoEnvCuOvabRikqGpb9QKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5d00:80::/48
Signature Algorithm: sha256WithRSAEncryption
9b:94:28:b5:6b:15:c5:35:80:c1:e8:48:a1:01:6d:f1:e9:3a:
c4:65:c5:92:c2:72:a6:e7:7e:47:80:37:7d:5a:bf:35:ad:af:
09:dc:e7:0a:1f:07:06:6d:1e:a4:f2:bb:1a:6c:7b:7a:91:12:
aa:f2:fd:4d:46:f9:07:23:26:52:f6:81:2e:cb:c4:82:8d:06:
76:62:88:cd:db:ee:89:63:1d:04:61:92:b3:ae:67:cb:bf:05:
fe:7f:8a:d9:89:7e:5c:71:9a:a1:59:ec:37:8c:06:d1:68:ee:
73:d9:da:d5:1b:79:69:2a:9d:a9:6e:ba:0f:cc:6d:1d:34:68:
17:5a:b5:71:d9:b9:70:c0:92:e4:9a:ca:2f:56:d2:b8:82:72:
37:26:5c:92:17:0e:5f:aa:23:88:11:eb:9f:46:a7:39:14:f0:
fb:cc:bd:d9:a8:d8:c0:a3:58:12:c1:f6:8a:b3:2e:72:5d:4e:
19:ff:5f:25:05:ea:20:0b:25:1a:7f:5e:bb:8d:c3:3c:ce:96:
3a:8d:00:7d:df:aa:82:e8:38:34:80:80:44:12:f3:96:b6:53:
d3:b3:7b:6f:f1:43:1e:31:7c:c0:0a:e7:d7:9a:b2:65:6b:a8:
b1:67:72:c0:bd:30:32:52:a2:ac:f0:2e:8d:69:98:01:8b:0e:
3e:a0:91:ea
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECyIa8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTFmMGI3M2U2N2Q2M2M1YTRjOTA0NjgxNDE2NmE5ZTIxNjI1ZjI4MB4XDTIyMDEw
MTA4MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRmMWU2Mjk3YTA0
OWVmMGFlM2FmNjliNDYyOTJhMWE5NmZkNDBhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgtHYpi/4NXnmPMg/dK/3GKJon38HRWkkar3/Nm6/+myntz
HTwvzxie0jD6zxFpx7yc7JpSG/AfBouUxDxfUP/w6ngl5HYKRsflh3ZfMnYjFKfE
WUJJbCsyjm1tLPHkWjwlxiyKoGZOAguHwmwEMeko/6+mfLy8YhHJtVIEGfc/IFfC
QjeS2zzNhZdA1dSFesNNgd5zm85ZhAlRl9HsxQYMoMY0bDBjHehcbqA/OmFCtSNK
D1u2NofsHiwwI5Tszv13FdggWZST0XgcLLmC52PO1DzuPZtjeSRz/cObAGj5lv8J
RWBTX4WQoBR9Kepqv6jf5ofimrvtu8UMkoaK+mMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRE8eYpegSe8K469ptGKSoalv1ArDAfBgNVHSMEGDAWgBQpHwtz5n1jxaTJ
BGgUFmqeIWJfKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSOExjLVo5WThXa3lRUm9GQlpxbmlGaVh5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8x
L1JQSG1LWG9FbnZDdU92YWJSaWtxR3BiOVFLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8xL0tSOExjLVo5WThX
a3lRUm9GQlpxbmlGaVh5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEXQAAgDANBgkqhkiG9w0BAQsF
AAOCAQEAm5QotWsVxTWAwehIoQFt8ek6xGXFksJypud+R4A3fVq/Na2vCdznCh8H
Bm0epPK7Gmx7epESqvL9TUb5ByMmUvaBLsvEgo0GdmKIzdvuiWMdBGGSs65ny78F
/n+K2Yl+XHGaoVnsN4wG0Wjuc9na1Rt5aSqdqW66D8xtHTRoF1q1cdm5cMCS5JrK
L1bSuIJyNyZckhcOX6ojiBHrn0anORTw+8y92ajYwKNYEsH2irMucl1OGf9fJQXq
IAslGn9eu43DPM6WOo0Afd+qgug4NICARBLzlrZT07N7b/FDHjF8wArn15qyZWuo
sWdywL0wMlKirPAujWmYAYsOPqCR6g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:34 2025 by rpki-client