Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/w2XIw3_Ud61OO_Q9Dpz-mXRrDag.roa
File: w2XIw3_Ud61OO_Q9Dpz-mXRrDag.roa (raw, json)
Hash identifier: wt450zrThsfL3mxPZgrxa2QJOE3T11iQsnYpCpUV5Ak=
Subject key identifier: C3:65:C8:C3:7F:D4:77:AD:4E:3B:F4:3D:0E:9C:FE:99:74:6B:0D:A8
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0188961B9C42696189BE9733C92869CB5914
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/w2XIw3_Ud61OO_Q9Dpz-mXRrDag.roa
Signing time: Wed 07 Jun 2023 13:46:11 +0000
ROA not before: Wed 07 Jun 2023 13:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 375
IP address blocks: 2a03:9b80::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:1b:9c:42:69:61:89:be:97:33:c9:28:69:cb:59:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Jun 7 13:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c365c8c37fd477ad4e3bf43d0e9cfe99746b0da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:2a:21:e1:ec:1e:f6:21:f5:7e:9e:bf:44:
e6:9c:b3:3b:f2:f5:4f:eb:2e:c5:c7:e0:34:61:fb:
f5:61:88:f4:0f:13:80:46:76:1f:dc:b2:27:40:df:
7f:d9:01:27:db:3c:56:cd:f7:94:36:b9:1b:15:fb:
52:44:87:30:b4:2f:38:ef:56:a5:70:1d:69:02:27:
ee:fe:32:b8:8f:97:7e:95:00:f6:b8:41:ea:6c:8d:
e4:fb:96:58:53:a5:9f:d1:bd:08:6a:7c:65:ae:e5:
b9:56:31:0e:9e:f2:37:a8:3b:e4:39:f6:1b:b8:dd:
d0:03:ae:ce:43:69:d1:ef:8e:3a:c0:fa:75:06:03:
4d:9e:28:54:c5:42:13:5d:e4:37:84:9f:47:a4:d6:
9b:05:3f:8a:9a:a3:b0:df:e1:b8:2f:be:c6:11:3f:
66:10:e6:d5:86:84:43:57:f2:96:36:18:60:3c:52:
1a:53:cc:b1:00:35:37:55:1b:e2:09:38:4e:e4:64:
5f:98:ff:c8:ad:e9:e7:f8:66:18:c3:88:20:a1:37:
9c:f3:fe:29:3d:77:6a:44:23:8a:6a:0f:6a:49:37:
92:f4:90:b7:eb:34:ba:ef:00:4f:7c:6d:d0:bf:07:
83:1e:8f:1c:2a:f8:53:83:85:9d:36:71:03:93:b2:
2c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:65:C8:C3:7F:D4:77:AD:4E:3B:F4:3D:0E:9C:FE:99:74:6B:0D:A8
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/w2XIw3_Ud61OO_Q9Dpz-mXRrDag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9b80::/34
Signature Algorithm: sha256WithRSAEncryption
0f:21:61:94:31:a0:6c:8a:9a:72:e0:36:2b:3b:e9:af:bf:7f:
e1:27:1a:04:e8:cc:16:b6:8a:9b:cd:19:bb:23:f9:67:14:2a:
f4:2f:14:aa:63:d4:fd:5d:23:5e:37:82:96:2f:81:2a:14:44:
3e:e8:c5:b3:29:16:a7:f9:6c:8f:a9:86:2e:c0:99:36:93:17:
b0:97:62:a7:35:94:5b:1d:8e:d6:49:b6:19:35:db:a2:63:52:
a1:bc:9e:4c:cc:13:a9:78:0f:6f:ed:41:4e:28:9c:a1:a6:aa:
51:30:36:35:4a:d3:e6:11:fe:6f:0d:92:b0:14:25:fc:78:79:
94:05:63:e4:c3:07:f8:f4:20:a2:75:db:a7:97:79:36:66:36:
26:98:22:e1:c8:7e:2b:1e:55:01:f8:3a:51:37:05:68:b4:9f:
07:3f:62:41:ea:cc:f2:ae:1e:8a:3d:86:7c:46:76:74:7e:6f:
d9:f6:ea:9a:b8:3e:e3:8f:53:84:a6:5b:e2:66:11:4b:5f:0f:
12:fd:d7:02:0c:9b:66:41:13:e8:42:30:6b:28:22:6e:55:d7:
32:7f:44:a6:fc:c9:bd:d2:1f:91:58:9b:7c:72:8b:d5:b8:21:
96:d0:d2:71:ef:63:28:ba:86:0f:c2:13:75:b1:6b:ea:fa:d2:
04:83:3f:ac
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYiWG5xCaWGJvpczyShpy1kUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjMwNjA3MTM0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY1YzhjMzdmZDQ3N2FkNGUzYmY0M2QwZTljZmU5OTc0NmIwZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+0qIeHsHvYh9X6ev0TmnLM78vVP
6y7Fx+A0Yfv1YYj0DxOARnYf3LInQN9/2QEn2zxWzfeUNrkbFftSRIcwtC8471al
cB1pAifu/jK4j5d+lQD2uEHqbI3k+5ZYU6Wf0b0IanxlruW5VjEOnvI3qDvkOfYb
uN3QA67OQ2nR7446wPp1BgNNnihUxUITXeQ3hJ9HpNabBT+KmqOw3+G4L77GET9m
EObVhoRDV/KWNhhgPFIaU8yxADU3VRviCThO5GRfmP/Irenn+GYYw4ggoTec8/4p
PXdqRCOKag9qSTeS9JC36zS67wBPfG3QvweDHo8cKvhTg4WdNnEDk7IsYwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMNlyMN/1HetTjv0PQ6c/pl0aw2oMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvdzJYSXczX1VkNjFPT19ROURwei1tWFJyRGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgObgAAw
DQYJKoZIhvcNAQELBQADggEBAA8hYZQxoGyKmnLgNis76a+/f+EnGgTozBa2ipvN
Gbsj+WcUKvQvFKpj1P1dI143gpYvgSoURD7oxbMpFqf5bI+phi7AmTaTF7CXYqc1
lFsdjtZJthk126JjUqG8nkzME6l4D2/tQU4onKGmqlEwNjVK0+YR/m8NkrAUJfx4
eZQFY+TDB/j0IKJ126eXeTZmNiaYIuHIfiseVQH4OlE3BWi0nwc/YkHqzPKuHoo9
hnxGdnR+b9n26pq4PuOPU4SmW+JmEUtfDxL91wIMm2ZBE+hCMGsoIm5V1zJ/RKb8
yb3SH5FYm3xyi9W4IZbQ0nHvYyi6hg/CE3Wxa+r60gSDP6w=
-----END CERTIFICATE-----
Generated at Sun May 11 20:14:20 2025 by rpki-client