Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/M5o0_28IIB4fh_HfH17jIMQCgfw.roa
File: M5o0_28IIB4fh_HfH17jIMQCgfw.roa (raw, json)
Hash identifier: JtDTELbo5UDwkjPCiOAARI797yWyEStP0GWzvVeokCI=
Subject key identifier: 33:9A:34:FF:6F:08:20:1E:1F:87:F1:DF:1F:5E:E3:20:C4:02:81:FC
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 01879ACFCA07CAAB98BA4E6D78AF28FE9BB7
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/M5o0_28IIB4fh_HfH17jIMQCgfw.roa
Signing time: Wed 19 Apr 2023 18:38:41 +0000
ROA not before: Wed 19 Apr 2023 18:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211380
IP address blocks: 2a0c:5707:ff04::/48 maxlen: 48
2a0c:5707:ff01::/48 maxlen: 48
2a0c:5707:ff00::/40 maxlen: 48
2a0c:5707:ff00::/48 maxlen: 48
2a0c:5707:ff02::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:cf:ca:07:ca:ab:98:ba:4e:6d:78:af:28:fe:9b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Apr 19 18:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339a34ff6f08201e1f87f1df1f5ee320c40281fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:16:13:05:78:38:6c:74:0d:4a:25:95:0a:56:
8f:75:39:99:ad:21:be:00:4f:92:fe:8a:67:e3:a6:
df:55:d0:7e:69:6a:37:ea:d4:6f:66:d0:1e:87:bc:
ec:8b:9e:e8:09:1e:de:b5:e5:b1:a1:f5:66:4f:15:
af:93:93:96:c4:3f:5c:ab:a4:d5:1b:81:eb:f1:ce:
8b:45:00:f8:7d:e2:2d:0e:70:93:bc:0f:83:b5:83:
56:58:a0:1a:8f:d9:73:e6:8a:1b:43:f5:8d:7d:62:
5a:83:fc:6b:13:03:63:01:b2:4d:dc:ac:49:a7:ea:
4e:7d:30:71:ea:53:6b:07:71:2a:3b:fc:85:1c:46:
fa:db:01:82:6c:cc:2f:0e:79:7b:4e:74:b5:e6:5c:
eb:e0:94:7c:2f:44:3c:ea:de:98:e9:30:8e:c7:2b:
20:c4:6d:c4:78:4c:8b:74:d6:61:e5:3a:ce:d2:a8:
28:ca:97:c2:1c:45:3d:4a:d9:04:74:12:ea:c1:7a:
a1:95:e2:fe:8e:ca:d4:1a:cb:a3:72:9c:f8:dc:c0:
c5:64:a8:39:b8:74:d4:24:04:3f:a4:17:11:20:64:
77:17:b7:2c:f4:68:52:f1:69:4e:1e:97:e7:4e:3b:
d1:b4:0d:64:97:db:4b:ba:2a:01:7f:c1:fe:dd:42:
8c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9A:34:FF:6F:08:20:1E:1F:87:F1:DF:1F:5E:E3:20:C4:02:81:FC
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/M5o0_28IIB4fh_HfH17jIMQCgfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:5707:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
36:60:fb:cc:e2:ad:16:b7:fc:4a:68:60:6b:5f:e4:ae:ff:95:
8a:32:b6:8b:5d:b9:63:12:11:6b:8c:bc:66:1e:a5:ab:99:10:
77:3a:38:ce:20:6e:99:6a:94:d7:b8:42:0d:21:4d:d2:74:64:
55:2b:df:1b:e7:e3:83:2a:12:d3:cd:6a:9c:a6:4d:1f:06:67:
c3:dc:59:a7:34:91:28:40:1e:4d:97:cc:98:71:67:6b:98:4b:
d2:18:1e:4b:89:bc:7c:42:ad:e2:36:22:b2:ea:f9:97:ac:d2:
c5:3b:93:66:4a:46:45:e5:f3:d5:6b:c7:ad:bd:89:71:45:56:
18:d9:1e:a4:4f:65:78:7a:ab:5f:c9:05:a2:14:4b:2f:f9:2c:
ad:da:bb:e0:5b:19:35:ef:8d:21:59:99:66:99:cf:c0:df:bf:
0d:de:71:71:44:a7:08:17:64:95:d4:fb:17:9b:ba:ea:10:74:
1d:15:40:b2:35:bb:ab:c6:85:08:f1:37:15:cd:9a:34:04:b1:
fe:37:d7:95:91:e0:8f:35:48:2a:ba:53:f5:02:4f:08:7c:3d:
bd:ef:96:43:35:e0:53:98:e3:27:21:be:65:69:22:89:54:1b:
f9:53:7f:8e:f6:b5:3c:9c:db:d6:35:c6:3c:bb:ac:41:36:b7:
c5:06:5c:a8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYeaz8oHyquYuk5teK8o/pu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjMwNDE5MTgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlhMzRmZjZmMDgyMDFlMWY4N2YxZGYxZjVlZTMyMGM0MDI4MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRYTBXg4bHQNSiWVClaPdTmZrSG+
AE+S/opn46bfVdB+aWo36tRvZtAeh7zsi57oCR7eteWxofVmTxWvk5OWxD9cq6TV
G4Hr8c6LRQD4feItDnCTvA+DtYNWWKAaj9lz5oobQ/WNfWJag/xrEwNjAbJN3KxJ
p+pOfTBx6lNrB3EqO/yFHEb62wGCbMwvDnl7TnS15lzr4JR8L0Q86t6Y6TCOxysg
xG3EeEyLdNZh5TrO0qgoypfCHEU9StkEdBLqwXqhleL+jsrUGsujcpz43MDFZKg5
uHTUJAQ/pBcRIGR3F7cs9GhS8WlOHpfnTjvRtA1kl9tLuioBf8H+3UKMAwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDOaNP9vCCAeH4fx3x9e4yDEAoH8MB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvTTVvMF8yOElJQjRmaF9IZkgxN2pJTVFDZ2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgxXB/8w
DQYJKoZIhvcNAQELBQADggEBADZg+8zirRa3/EpoYGtf5K7/lYoytotduWMSEWuM
vGYepauZEHc6OM4gbplqlNe4Qg0hTdJ0ZFUr3xvn44MqEtPNapymTR8GZ8PcWac0
kShAHk2XzJhxZ2uYS9IYHkuJvHxCreI2IrLq+Zes0sU7k2ZKRkXl89Vrx629iXFF
VhjZHqRPZXh6q1/JBaIUSy/5LK3au+BbGTXvjSFZmWaZz8Dfvw3ecXFEpwgXZJXU
+xebuuoQdB0VQLI1u6vGhQjxNxXNmjQEsf4315WR4I81SCq6U/UCTwh8Pb3vlkM1
4FOY4ychvmVpIolUG/lTf472tTyc29Y1xjy7rEE2t8UGXKg=
-----END CERTIFICATE-----
Generated at Sat May 10 13:17:08 2025 by rpki-client