Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/fO2Px9zLQa1O38WzG1t5s6Lgq6w.roa
File: fO2Px9zLQa1O38WzG1t5s6Lgq6w.roa (raw, json)
Hash identifier: rZN9JzR+JX59VZEx8n7eq/w2v7FnlFp0dFAxAV0tH/g=
Subject key identifier: 7C:ED:8F:C7:DC:CB:41:AD:4E:DF:C5:B3:1B:5B:79:B3:A2:E0:AB:AC
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 0B1FD33B
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/fO2Px9zLQa1O38WzG1t5s6Lgq6w.roa
Signing time: Sat 01 Jan 2022 08:00:33 +0000
ROA not before: Sat 01 Jan 2022 08:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200898
IP address blocks: 2a04:5d04::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186635067 (0xb1fd33b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 1 08:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ced8fc7dccb41ad4edfc5b31b5b79b3a2e0abac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d9:95:ad:20:14:9f:df:fe:ce:04:f2:5a:b3:
fa:43:87:2b:e9:b5:d4:83:02:0b:73:21:67:af:df:
34:26:46:a0:51:0e:37:04:0d:21:45:c2:1a:2e:01:
cd:f2:99:21:b0:c5:9b:45:a8:fc:ba:1c:09:b7:4a:
46:67:3a:76:73:de:5e:6b:eb:97:f3:49:6c:63:50:
8d:d9:21:7b:b8:d4:df:34:aa:81:a6:d0:82:e4:88:
ef:74:27:4b:63:cf:24:cb:ec:f9:f8:90:71:2a:b1:
ff:80:5f:be:73:c6:65:3f:aa:28:59:b5:c0:6e:5a:
a0:8a:a8:e8:30:4d:57:69:d4:30:5c:fd:02:c3:85:
0a:07:2d:9c:9d:9f:2a:96:de:62:6a:a8:10:da:a4:
d8:aa:c9:bd:e0:64:ba:24:13:d5:9a:f9:f2:45:76:
38:ea:0c:f8:8a:ac:86:16:e1:81:f2:c6:81:77:95:
8b:3d:ac:47:b3:1a:ee:1a:55:cb:e8:6e:41:3b:36:
b4:33:80:b8:fa:6a:06:09:d1:2e:a9:1b:e4:57:45:
ea:61:c4:1c:06:bf:2c:49:b5:a8:11:07:78:75:be:
7e:80:ba:8f:ca:c7:ba:8a:b1:c9:37:ad:a5:dc:3a:
bd:db:d0:cf:5c:f9:49:84:f2:47:fb:68:fa:1f:dd:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:ED:8F:C7:DC:CB:41:AD:4E:DF:C5:B3:1B:5B:79:B3:A2:E0:AB:AC
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/fO2Px9zLQa1O38WzG1t5s6Lgq6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5d04::/32
Signature Algorithm: sha256WithRSAEncryption
0e:a0:c7:a8:cb:30:4a:0d:23:4f:b4:94:10:b8:66:f4:dd:ce:
ec:4e:d0:62:1c:14:80:e7:2b:59:72:04:69:f2:3a:b6:a8:46:
0a:44:bc:81:64:af:ab:f0:77:d2:cf:5d:b6:4d:0f:a7:8d:23:
dc:84:33:54:c5:3c:ea:0c:65:10:89:16:72:b2:d4:96:79:20:
c5:fd:3e:89:83:17:0b:31:24:c6:ac:92:c5:2f:71:b2:4d:6e:
82:85:38:44:18:7a:ba:be:12:91:a9:d6:89:f9:89:4d:c6:42:
cc:95:c8:22:1f:e6:37:00:0e:03:d0:96:aa:c6:3e:dd:dd:82:
af:43:bd:f8:be:67:e6:b5:5f:54:00:86:c4:1f:c2:a9:38:dc:
bc:e5:1b:81:a2:55:5b:bc:49:6d:51:32:7f:cc:7d:f3:b8:30:
65:0c:cf:04:18:82:46:6d:90:e4:45:87:32:fe:9e:d9:24:af:
0c:4a:bd:24:76:93:7a:2b:95:49:62:1b:a3:39:6b:7e:28:30:
96:43:bd:2a:d2:64:a1:6d:f5:b8:85:5c:31:e5:34:93:d4:2e:
01:5e:9c:20:df:c5:21:35:a4:03:59:36:54:f8:e5:65:06:88:
5b:e7:ea:3a:3b:aa:15:65:0a:3b:8b:94:a8:16:7d:3f:bf:4e:
74:bf:90:e2
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECx/TOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTFmMGI3M2U2N2Q2M2M1YTRjOTA0NjgxNDE2NmE5ZTIxNjI1ZjI4MB4XDTIyMDEw
MTA4MDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2NlZDhmYzdkY2Ni
NDFhZDRlZGZjNWIzMWI1Yjc5YjNhMmUwYWJhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTZla0gFJ/f/s4E8lqz+kOHK+m11IMCC3MhZ6/fNCZGoFEO
NwQNIUXCGi4BzfKZIbDFm0Wo/LocCbdKRmc6dnPeXmvrl/NJbGNQjdkhe7jU3zSq
gabQguSI73QnS2PPJMvs+fiQcSqx/4BfvnPGZT+qKFm1wG5aoIqo6DBNV2nUMFz9
AsOFCgctnJ2fKpbeYmqoENqk2KrJveBkuiQT1Zr58kV2OOoM+IqshhbhgfLGgXeV
iz2sR7Ma7hpVy+huQTs2tDOAuPpqBgnRLqkb5FdF6mHEHAa/LEm1qBEHeHW+foC6
j8rHuoqxyTetpdw6vdvQz1z5SYTyR/to+h/dT3cCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR87Y/H3MtBrU7fxbMbW3mzouCrrDAfBgNVHSMEGDAWgBQpHwtz5n1jxaTJ
BGgUFmqeIWJfKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSOExjLVo5WThXa3lRUm9GQlpxbmlGaVh5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8x
L2ZPMlB4OXpMUWExTzM4V3pHMXQ1czZMZ3E2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8xL0tSOExjLVo5WThX
a3lRUm9GQlpxbmlGaVh5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEXQQwDQYJKoZIhvcNAQELBQAD
ggEBAA6gx6jLMEoNI0+0lBC4ZvTdzuxO0GIcFIDnK1lyBGnyOraoRgpEvIFkr6vw
d9LPXbZND6eNI9yEM1TFPOoMZRCJFnKy1JZ5IMX9PomDFwsxJMasksUvcbJNboKF
OEQYerq+EpGp1on5iU3GQsyVyCIf5jcADgPQlqrGPt3dgq9Dvfi+Z+a1X1QAhsQf
wqk43LzlG4GiVVu8SW1RMn/MffO4MGUMzwQYgkZtkORFhzL+ntkkrwxKvSR2k3or
lUliG6M5a34oMJZDvSrSZKFt9biFXDHlNJPULgFenCDfxSE1pANZNlT45WUGiFvn
6jo7qhVlCjuLlKgWfT+/TnS/kOI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:40 2025 by rpki-client