Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/5F0Gys3kxP31rGLSvR0g0YPVbG8.roa
File: 5F0Gys3kxP31rGLSvR0g0YPVbG8.roa (raw, json)
Hash identifier: xPjUa5XGX52t87/F+gsZDaD8r44zb1wM5M31p8f0UbM=
Subject key identifier: E4:5D:06:CA:CD:E4:C4:FD:F5:AC:62:D2:BD:1D:20:D1:83:D5:6C:6F
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 018B38107BF75543E31BE2FEFAE4BC73BF44
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/5F0Gys3kxP31rGLSvR0g0YPVbG8.roa
Signing time: Mon 16 Oct 2023 10:38:06 +0000
ROA not before: Mon 16 Oct 2023 10:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48846
IP address blocks: 2a05:5c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:10:7b:f7:55:43:e3:1b:e2:fe:fa:e4:bc:73:bf:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Oct 16 10:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e45d06cacde4c4fdf5ac62d2bd1d20d183d56c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:4d:bc:5c:c8:ec:ba:59:49:a2:0d:f6:35:
94:2e:d2:16:64:6e:ff:ac:9e:b3:6d:6c:00:e3:65:
6f:69:b4:b6:35:cb:cc:f9:e6:69:9d:ea:95:2a:30:
35:89:33:72:82:25:d6:84:2f:84:a3:a0:1d:13:2f:
ae:97:b0:43:c4:49:2a:85:4d:ca:5b:80:b8:b2:05:
86:4d:4b:13:9d:db:c1:f6:5f:25:2b:4d:19:10:1b:
56:4b:da:e0:c6:92:9f:95:f3:55:d9:75:83:26:39:
70:d2:1a:44:01:a1:2d:c0:92:53:94:3b:e3:9c:ba:
44:29:55:ab:d7:30:ad:e0:a8:c1:b9:1f:40:4e:de:
33:2e:54:95:2f:51:72:47:dd:82:6c:4a:15:17:6f:
3e:3c:17:3c:68:ee:9f:eb:1c:97:d3:83:53:c1:bc:
b7:bf:01:74:ef:9a:36:8c:95:1f:9c:97:93:83:7b:
79:87:06:3c:7f:82:08:ba:d8:70:3a:a6:c2:a1:78:
03:77:a5:96:6f:a0:1c:e3:8e:76:8c:79:6a:fa:a2:
2a:3a:0f:37:63:99:f8:c9:8b:ae:36:5a:35:f1:2d:
8a:c3:1b:54:43:54:1d:92:e5:b9:60:c2:ea:c3:37:
99:0b:11:9f:f9:8d:71:31:2c:79:a0:d2:2e:9c:c3:
22:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:5D:06:CA:CD:E4:C4:FD:F5:AC:62:D2:BD:1D:20:D1:83:D5:6C:6F
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/5F0Gys3kxP31rGLSvR0g0YPVbG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
20:1f:38:64:b7:0b:3f:fd:67:ac:07:9d:6b:fb:c9:53:30:bc:
9a:80:ad:36:29:c5:ba:d1:7b:fd:18:05:44:a6:70:96:ad:00:
d8:55:43:cd:c9:b1:91:8d:c1:3c:27:db:e9:c8:49:6c:24:ea:
47:bb:f8:3e:86:f8:16:55:4c:47:3f:1b:d7:16:6d:eb:84:f1:
b2:5a:46:d1:91:f7:a4:3e:7f:b7:e4:83:f3:72:40:81:f2:e5:
97:84:b0:5b:51:67:4f:4a:02:fd:bb:ac:d1:fc:4a:aa:4f:dd:
aa:d9:39:fa:33:8e:86:a6:5e:c7:e0:59:26:82:d7:89:d5:e4:
b4:a4:27:12:b8:3a:e7:32:ec:d7:c0:73:e5:0e:03:b0:77:ed:
70:20:8b:b4:ca:02:be:88:e2:a1:f3:8e:ed:b0:b9:d5:a0:84:
86:64:6c:69:45:c2:e4:7b:ef:ee:c6:f3:e8:f3:73:82:9e:22:
92:17:9d:d8:05:d7:7e:75:c2:3e:99:4d:ee:10:61:7e:ac:2e:
e6:5a:53:d1:21:fc:68:f8:7e:57:b3:79:7c:e4:8a:23:2a:26:
68:c1:f0:40:d7:03:2a:0c:9b:af:58:b5:db:7c:2c:3e:0f:f3:
23:49:e9:a3:d0:25:6f:37:bd:c6:50:fb:98:c9:73:1f:cc:c2:
f0:b5:8a:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYs4EHv3VUPjG+L++uS8c79EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjMxMDE2MTAzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDVkMDZjYWNkZTRjNGZkZjVhYzYyZDJiZDFkMjBkMTgzZDU2YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotdNvFzI7LpZSaIN9jWULtIWZG7/
rJ6zbWwA42VvabS2NcvM+eZpneqVKjA1iTNygiXWhC+Eo6AdEy+ul7BDxEkqhU3K
W4C4sgWGTUsTndvB9l8lK00ZEBtWS9rgxpKflfNV2XWDJjlw0hpEAaEtwJJTlDvj
nLpEKVWr1zCt4KjBuR9ATt4zLlSVL1FyR92CbEoVF28+PBc8aO6f6xyX04NTwby3
vwF075o2jJUfnJeTg3t5hwY8f4IIuthwOqbCoXgDd6WWb6Ac4452jHlq+qIqOg83
Y5n4yYuuNlo18S2KwxtUQ1QdkuW5YMLqwzeZCxGf+Y1xMSx5oNIunMMiiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFORdBsrN5MT99axi0r0dINGD1WxvMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEvNUYwR3lzM2t4UDMxckdMU3ZSMGcwWVBWYkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIB84ZLcLP/1nrAeda/vJUzC8moCtNinFutF7/RgF
RKZwlq0A2FVDzcmxkY3BPCfb6chJbCTqR7v4Pob4FlVMRz8b1xZt64TxslpG0ZH3
pD5/t+SD83JAgfLll4SwW1FnT0oC/bus0fxKqk/dqtk5+jOOhqZex+BZJoLXidXk
tKQnErg65zLs18Bz5Q4DsHftcCCLtMoCvojiofOO7bC51aCEhmRsaUXC5Hvv7sbz
6PNzgp4ikhed2AXXfnXCPplN7hBhfqwu5lpT0SH8aPh+V7N5fOSKIyomaMHwQNcD
Kgybr1i123wsPg/zI0npo9Albze9xlD7mMlzH8zC8LWKUg==
-----END CERTIFICATE-----
Generated at Mon May 12 00:06:11 2025 by rpki-client