Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/4Bl95ANR5Z9eWwvlHW8qYmCczPU.roa
File: 4Bl95ANR5Z9eWwvlHW8qYmCczPU.roa (raw, json)
Hash identifier: X7mR5L+vL6JKbp/Z8zzVmPX1UNzItK1SGuhlsz2YXRM=
Subject key identifier: E0:19:7D:E4:03:51:E5:9F:5E:5B:0B:E5:1D:6F:2A:62:60:9C:CC:F5
Certificate issuer: /CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Certificate serial: 01877B4B3EE4BF08B6B3DC43DE265FBE43EF
Authority key identifier: AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/4Bl95ANR5Z9eWwvlHW8qYmCczPU.roa
Signing time: Thu 13 Apr 2023 15:45:41 +0000
ROA not before: Thu 13 Apr 2023 15:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199471
IP address blocks: 2a13:fc80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:4b:3e:e4:bf:08:b6:b3:dc:43:de:26:5f:be:43:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Validity
Not Before: Apr 13 15:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0197de40351e59f5e5b0be51d6f2a62609cccf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5f:b5:74:f8:5f:73:69:78:3e:03:64:a9:1c:
bd:84:e5:7b:35:79:ff:a3:89:e8:5f:59:41:62:ce:
39:c1:e7:98:99:26:c6:e6:8e:93:c6:41:cf:6f:17:
44:ae:aa:b8:f3:39:a4:92:eb:19:e8:c4:bd:13:12:
75:cc:a2:7f:d6:36:6d:3c:13:27:7a:0f:36:b1:fd:
fc:75:6f:13:73:c3:5e:56:ca:10:1e:10:4b:79:9e:
25:0e:ab:a1:94:a6:78:00:a0:80:da:87:17:10:e5:
41:5e:9c:4b:94:cb:e3:37:0a:a6:ba:1b:9e:ab:cb:
5a:a0:b1:18:f4:03:c5:1b:0e:02:4f:f8:d2:83:82:
00:2a:91:40:8a:66:d6:9f:ae:1c:9d:f6:07:9f:53:
02:d7:70:40:83:62:9b:27:b9:a6:23:44:ce:5c:c7:
ef:89:fa:81:cd:b2:59:71:20:53:0a:a5:de:a6:23:
b4:29:ba:7c:83:1b:18:af:a7:66:5b:a8:e2:69:c2:
95:b9:1a:a0:f8:dd:54:4b:bc:4d:7f:cc:4e:5d:4e:
b7:a5:a9:e0:4a:68:9b:41:36:ae:85:1e:4a:2e:26:
90:52:2b:06:60:55:c8:23:37:5b:ca:9a:79:c2:d9:
48:f7:b4:d3:d3:6f:ac:32:7b:8c:36:51:be:af:d3:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:19:7D:E4:03:51:E5:9F:5E:5B:0B:E5:1D:6F:2A:62:60:9C:CC:F5
X509v3 Authority Key Identifier:
keyid:AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/4Bl95ANR5Z9eWwvlHW8qYmCczPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
7e:02:10:65:08:99:b5:5c:74:4c:a5:6d:4c:03:88:a0:55:66:
28:b4:b2:04:34:33:6f:dc:02:1b:3c:0c:b6:3b:58:4d:10:55:
2f:48:b7:5b:ee:54:4d:64:d6:4b:6e:0c:18:9f:9f:2f:95:8d:
73:97:b7:26:81:81:31:8c:98:1a:4f:c4:7d:80:5d:3e:b4:87:
c9:b6:cb:6c:c9:f1:1b:aa:14:dd:2f:42:81:ac:b1:ac:11:7d:
77:cd:3b:94:cc:c9:90:9d:1e:78:15:b5:ba:e4:2f:51:d3:75:
46:78:82:c6:fc:f6:22:03:9c:24:7f:85:2f:f9:51:f6:0a:c4:
50:53:c4:12:98:c0:29:81:07:e5:ac:f4:66:21:42:3d:00:28:
56:8f:4d:b6:fb:4f:9b:f4:a4:dd:bf:65:ef:8a:3a:1e:30:51:
92:d6:5b:3b:01:85:8a:45:65:ed:67:50:43:6f:75:ac:c9:ae:
10:6f:ed:5f:6f:f2:7b:0d:c4:2e:a6:a3:8c:75:4e:6a:29:80:
c0:bf:f7:81:26:79:b4:d6:fa:69:17:6e:aa:f3:09:15:d5:02:
05:c8:fe:34:a0:b1:63:bf:c7:24:c2:bc:c9:3b:fc:b6:b8:ef:
af:38:0e:bf:5b:32:11:c9:5a:81:92:a4:78:c5:6a:77:92:5e:
7c:03:04:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYd7Sz7kvwi2s9xD3iZfvkPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjdhYjNmMWE5M2U3MTRmMzA3NGEwNWQ4NmZjY2UyMjA2
MzA1YTgwHhcNMjMwNDEzMTU0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDE5N2RlNDAzNTFlNTlmNWU1YjBiZTUxZDZmMmE2MjYwOWNjY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV+1dPhfc2l4PgNkqRy9hOV7NXn/
o4noX1lBYs45weeYmSbG5o6TxkHPbxdErqq48zmkkusZ6MS9ExJ1zKJ/1jZtPBMn
eg82sf38dW8Tc8NeVsoQHhBLeZ4lDquhlKZ4AKCA2ocXEOVBXpxLlMvjNwqmuhue
q8taoLEY9APFGw4CT/jSg4IAKpFAimbWn64cnfYHn1MC13BAg2KbJ7mmI0TOXMfv
ifqBzbJZcSBTCqXepiO0Kbp8gxsYr6dmW6jiacKVuRqg+N1US7xNf8xOXU63pang
SmibQTauhR5KLiaQUisGYFXIIzdbypp5wtlI97TT02+sMnuMNlG+r9NQJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOAZfeQDUeWfXlsL5R1vKmJgnMz1MB8GA1UdIwQY
MBaAFKz3qz8ak+cU8wdKBdhvzOIgYwWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMt
YWQ0M2NjZDdhYWU4LzEvNEJsOTVBTlI1WjllV3d2bEhXOHFZbUNjelBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMtYWQ0M2NjZDdhYWU4
LzEvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhP8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAfgIQZQiZtVx0TKVtTAOIoFVmKLSyBDQzb9wCGzwM
tjtYTRBVL0i3W+5UTWTWS24MGJ+fL5WNc5e3JoGBMYyYGk/EfYBdPrSHybbLbMnx
G6oU3S9CgayxrBF9d807lMzJkJ0eeBW1uuQvUdN1RniCxvz2IgOcJH+FL/lR9grE
UFPEEpjAKYEH5az0ZiFCPQAoVo9NtvtPm/Sk3b9l74o6HjBRktZbOwGFikVl7WdQ
Q291rMmuEG/tX2/yew3ELqajjHVOaimAwL/3gSZ5tNb6aRduqvMJFdUCBcj+NKCx
Y7/HJMK8yTv8trjvrzgOv1syEclagZKkeMVqd5JefAME5Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:31 2025 by rpki-client