Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CWgT4qcW0pbnGRwq8lZgh5NDsyI.roa
File: CWgT4qcW0pbnGRwq8lZgh5NDsyI.roa (raw, json)
Hash identifier: sl6Trc9sgt2rYmJnixxLQlvp5yeSrAEepbA9FsCFxCo=
Subject key identifier: 09:68:13:E2:A7:16:D2:96:E7:19:1C:2A:F2:56:60:87:93:43:B3:22
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0186DA502F9574EA0997DF016DB00E687A1A
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CWgT4qcW0pbnGRwq8lZgh5NDsyI.roa
Signing time: Mon 13 Mar 2023 09:32:13 +0000
ROA not before: Mon 13 Mar 2023 09:32:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a06:c3c0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:50:2f:95:74:ea:09:97:df:01:6d:b0:0e:68:7a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 13 09:32:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=096813e2a716d296e7191c2af25660879343b322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:97:19:2e:ef:91:e8:17:0e:21:6a:20:95:84:
df:f9:bc:68:42:34:1a:f3:e1:e2:67:a1:70:ef:34:
db:52:43:a5:7c:94:8b:4c:47:e6:b5:72:68:5f:f0:
3a:1d:7f:74:ee:ee:e4:86:91:b3:eb:02:e8:4b:2f:
a3:7e:7b:4d:c1:79:10:0f:22:b6:96:85:d1:28:d7:
18:8d:f7:01:c4:22:b8:3d:90:68:1b:c1:40:60:0c:
43:f8:b1:15:2f:43:92:79:09:0b:2b:e5:2d:0d:05:
d1:23:d1:2a:77:a7:87:c9:40:af:a9:19:99:a5:1c:
3a:7b:71:e2:89:22:7b:ba:98:4f:5e:e6:a1:4c:92:
3b:eb:27:3e:51:69:b8:49:4a:20:e0:42:ef:0f:d9:
4c:b5:f4:17:56:19:fd:86:a2:40:20:99:9a:69:f5:
1c:0c:da:8f:1e:c9:6b:e0:27:6c:5a:32:e3:dc:77:
c2:0d:64:71:7b:5a:82:6a:9d:99:c7:ca:9e:97:10:
06:05:ba:1d:b5:33:3e:09:b8:2d:98:a3:0e:13:45:
58:5f:48:b7:4a:32:4e:5c:2d:87:02:5d:af:ab:f5:
a8:70:d5:68:4a:0d:68:21:52:51:eb:38:80:04:b6:
f8:00:25:a6:01:eb:bc:c2:67:89:2e:94:28:3e:76:
6d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:68:13:E2:A7:16:D2:96:E7:19:1C:2A:F2:56:60:87:93:43:B3:22
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CWgT4qcW0pbnGRwq8lZgh5NDsyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:c3c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
77:1b:8e:ae:6e:cd:2c:53:07:f7:c5:38:c6:ed:03:dd:db:64:
b0:a3:82:96:44:c2:ca:53:ea:92:43:fa:e0:30:63:72:22:6d:
b7:d1:11:52:15:6b:e1:40:40:41:a1:b2:eb:59:5b:ec:29:7d:
8b:b4:cd:f4:9d:26:d1:ce:9a:35:26:15:8e:c6:f1:17:d0:08:
87:1d:ce:dd:44:13:0a:53:4d:24:a0:f9:6c:1b:c7:44:54:46:
78:6a:43:70:53:b6:4b:3f:41:e6:97:b1:de:df:de:77:80:db:
ae:2e:a2:2c:24:79:73:3c:99:06:88:09:c1:6e:06:45:e2:c9:
8c:4e:ed:89:31:55:22:bf:f5:7b:34:40:3c:60:c0:2b:2d:34:
fc:fa:78:38:76:0c:7f:52:55:42:3a:cc:92:1f:2e:01:33:61:
54:2f:4f:c2:98:bd:53:c9:49:a1:3a:6e:b5:86:34:b0:df:39:
31:8b:52:ae:64:67:ed:c5:9c:bd:76:86:fc:f0:c3:ca:e9:de:
6a:c5:07:42:58:5a:6e:ad:97:e4:08:a6:a4:da:18:70:21:6d:
56:5f:1a:75:d4:a4:07:97:fc:7a:b5:b9:d2:17:2e:7e:12:e3:
d8:82:e5:eb:8b:49:f7:e8:84:fe:23:99:3f:d2:ab:26:73:7f:
a5:c4:eb:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbaUC+VdOoJl98BbbAOaHoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMzEzMDkzMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTY4MTNlMmE3MTZkMjk2ZTcxOTFjMmFmMjU2NjA4NzkzNDNiMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5cZLu+R6BcOIWoglYTf+bxoQjQa
8+HiZ6Fw7zTbUkOlfJSLTEfmtXJoX/A6HX907u7khpGz6wLoSy+jfntNwXkQDyK2
loXRKNcYjfcBxCK4PZBoG8FAYAxD+LEVL0OSeQkLK+UtDQXRI9Eqd6eHyUCvqRmZ
pRw6e3HiiSJ7uphPXuahTJI76yc+UWm4SUog4ELvD9lMtfQXVhn9hqJAIJmaafUc
DNqPHslr4CdsWjLj3HfCDWRxe1qCap2Zx8qelxAGBbodtTM+CbgtmKMOE0VYX0i3
SjJOXC2HAl2vq/WocNVoSg1oIVJR6ziABLb4ACWmAeu8wmeJLpQoPnZtzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAloE+KnFtKW5xkcKvJWYIeTQ7MiMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvQ1dnVDRxY1cwcGJuR1J3cThsWmdoNU5Ec3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbDwAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQB3G46ubs0sUwf3xTjG7QPd22Swo4KWRMLKU+qS
Q/rgMGNyIm230RFSFWvhQEBBobLrWVvsKX2LtM30nSbRzpo1JhWOxvEX0AiHHc7d
RBMKU00koPlsG8dEVEZ4akNwU7ZLP0Hml7He3953gNuuLqIsJHlzPJkGiAnBbgZF
4smMTu2JMVUiv/V7NEA8YMArLTT8+ng4dgx/UlVCOsySHy4BM2FUL0/CmL1TyUmh
Om61hjSw3zkxi1KuZGftxZy9dob88MPK6d5qxQdCWFpurZfkCKak2hhwIW1WXxp1
1KQHl/x6tbnSFy5+EuPYguXri0n36IT+I5k/0qsmc3+lxOvL
-----END CERTIFICATE-----
Generated at Fri May 16 06:08:49 2025 by rpki-client