Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/dRhZYt9-rzegEWTK3Th38vLjKRU.roa
File: dRhZYt9-rzegEWTK3Th38vLjKRU.roa (raw, json)
Hash identifier: RNlmb17HM7pbrtDkWzmRZoKVygNls/bHbRLgUjMuoMo=
Subject key identifier: 75:18:59:62:DF:7E:AF:37:A0:11:64:CA:DD:38:77:F2:F2:E3:29:15
Certificate issuer: /CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Certificate serial: 01857039952EA354A538F96C630CD110F0A7
Authority key identifier: AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/dRhZYt9-rzegEWTK3Th38vLjKRU.roa
Signing time: Mon 02 Jan 2023 02:04:59 +0000
ROA not before: Mon 02 Jan 2023 02:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41562
IP address blocks: 2a03:2040:ff00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:95:2e:a3:54:a5:38:f9:6c:63:0c:d1:10:f0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Validity
Not Before: Jan 2 02:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75185962df7eaf37a01164cadd3877f2f2e32915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3e:04:db:69:84:3c:5e:0d:d2:7c:eb:bf:1e:
63:4f:c6:b8:03:1f:3b:30:9f:5a:4c:11:87:2c:03:
7b:ff:8a:a4:2e:a6:8a:a0:37:13:7d:25:46:ac:70:
2b:d0:f8:62:b1:fd:50:63:04:49:51:38:2e:77:01:
ab:e9:23:5f:e2:e9:43:58:45:8a:5e:bb:27:59:26:
82:6b:62:0b:0c:f6:3c:57:56:2b:82:6d:21:e2:e0:
ca:99:f1:d9:09:be:e0:3b:93:3f:03:c8:76:89:4f:
58:18:94:87:f3:2c:69:78:0b:98:b9:73:ec:c1:d7:
48:0e:40:fa:53:e6:79:56:11:e0:43:b4:74:bc:ab:
0b:71:87:1f:6f:a9:12:fe:97:d1:70:f5:7a:ff:7f:
c4:52:ac:c1:b4:a6:b0:ee:0b:5d:f1:a3:53:5a:b2:
4e:fd:dc:56:d8:7c:18:cb:80:e2:9b:40:07:73:64:
92:79:ef:d9:04:a6:52:4b:d0:69:7c:49:b0:1d:3b:
b6:e6:88:1f:8a:0b:1e:f5:75:74:78:d3:36:22:0e:
0e:2e:49:67:db:11:b1:3e:8f:4b:d1:53:ed:43:d9:
7e:0e:3e:80:cc:0c:22:aa:ba:ee:f8:78:08:41:0a:
51:05:45:8b:76:5c:26:bf:7a:92:fa:77:5f:5d:3f:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:18:59:62:DF:7E:AF:37:A0:11:64:CA:DD:38:77:F2:F2:E3:29:15
X509v3 Authority Key Identifier:
keyid:AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/dRhZYt9-rzegEWTK3Th38vLjKRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/r-xPShbMUb1RYhARU5zrV0rBXQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
93:b5:da:0f:98:03:e9:e3:77:dc:a5:75:d3:bd:34:87:e8:1e:
3f:83:38:60:8f:10:bb:ee:7a:bd:9b:8a:7a:5c:f1:54:bb:b5:
c5:8a:75:06:dc:19:0f:0e:79:ea:96:a3:55:33:23:10:f4:ac:
8c:3b:2f:16:7d:ce:7a:ad:a8:ed:7d:6c:fe:1c:ec:de:fb:41:
e6:f4:3c:71:d2:a1:16:5b:a8:3d:ad:40:30:65:f4:c5:09:c5:
a8:e0:23:9e:09:da:cb:cd:b5:68:4a:2c:21:11:8f:fd:56:d5:
a8:29:93:6f:ac:46:62:4c:42:09:cd:d9:4b:08:d3:be:60:13:
68:04:e0:45:45:fc:cc:8a:b6:0f:85:bd:95:41:b8:19:d9:50:
df:50:b1:a3:0c:87:62:00:33:e0:4f:64:de:3a:f3:a3:d6:cd:
7e:ec:1e:5a:f6:90:cc:9b:82:b1:41:72:3b:c6:ba:42:c7:03:
1b:e5:bd:bc:6f:e9:11:ba:3b:ec:bd:fe:f9:8d:ee:a8:6e:94:
69:76:b3:5d:63:87:d5:d6:21:22:50:45:8b:b6:6e:cd:11:9a:
ef:33:83:c0:90:28:b5:59:6c:0c:49:34:66:6b:51:7f:83:c4:
aa:af:40:f8:92:bb:46:15:ec:25:55:8f:ad:e9:66:d8:7e:98:
0f:bb:cd:88
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwOZUuo1SlOPlsYwzREPCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWM0ZjRhMTZjYzUxYmQ1MTYyMTAxMTUzOWNlYjU3NGFj
MTVkMDIwHhcNMjMwMTAyMDIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE4NTk2MmRmN2VhZjM3YTAxMTY0Y2FkZDM4NzdmMmYyZTMyOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT4E22mEPF4N0nzrvx5jT8a4Ax87
MJ9aTBGHLAN7/4qkLqaKoDcTfSVGrHAr0Phisf1QYwRJUTgudwGr6SNf4ulDWEWK
XrsnWSaCa2ILDPY8V1Yrgm0h4uDKmfHZCb7gO5M/A8h2iU9YGJSH8yxpeAuYuXPs
wddIDkD6U+Z5VhHgQ7R0vKsLcYcfb6kS/pfRcPV6/3/EUqzBtKaw7gtd8aNTWrJO
/dxW2HwYy4Dim0AHc2SSee/ZBKZSS9BpfEmwHTu25ogfigse9XV0eNM2Ig4OLkln
2xGxPo9L0VPtQ9l+Dj6AzAwiqrru+HgIQQpRBUWLdlwmv3qS+ndfXT9LzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHUYWWLffq83oBFkyt04d/Ly4ykVMB8GA1UdIwQY
MBaAFK/sT0oWzFG9UWIQEVOc61dKwV0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0Nzgt
MjdlZmMxM2FmZjFlLzEvZFJoWll0OS1yemVnRVdUSzNUaDM4dkxqS1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0NzgtMjdlZmMxM2FmZjFl
LzEvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgMgQP8w
DQYJKoZIhvcNAQELBQADggEBAJO12g+YA+njd9ylddO9NIfoHj+DOGCPELvuer2b
inpc8VS7tcWKdQbcGQ8OeeqWo1UzIxD0rIw7LxZ9znqtqO19bP4c7N77Qeb0PHHS
oRZbqD2tQDBl9MUJxajgI54J2svNtWhKLCERj/1W1agpk2+sRmJMQgnN2UsI075g
E2gE4EVF/MyKtg+FvZVBuBnZUN9QsaMMh2IAM+BPZN4686PWzX7sHlr2kMybgrFB
cjvGukLHAxvlvbxv6RG6O+y9/vmN7qhulGl2s11jh9XWISJQRYu2bs0Rmu8zg8CQ
KLVZbAxJNGZrUX+DxKqvQPiSu0YV7CVVj63pZth+mA+7zYg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:21:41 2025 by rpki-client