Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/1gH0ALbggM1g9mpbans4k76FLfE.roa
File: 1gH0ALbggM1g9mpbans4k76FLfE.roa (raw, json)
Hash identifier: cOPWi5Lc1fo56DK14Mndk2zttNfcgiX4l3pCtyb/tX4=
Subject key identifier: D6:01:F4:00:B6:E0:80:CD:60:F6:6A:5B:6A:7B:38:93:BE:85:2D:F1
Certificate issuer: /CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Certificate serial: 018572DF12A1EB0DFEC2526CC0C60CACFAB9
Authority key identifier: 42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/1gH0ALbggM1g9mpbans4k76FLfE.roa
Signing time: Mon 02 Jan 2023 14:24:59 +0000
ROA not before: Mon 02 Jan 2023 14:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43595
IP address blocks: 2a06:4180:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:12:a1:eb:0d:fe:c2:52:6c:c0:c6:0c:ac:fa:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Validity
Not Before: Jan 2 14:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d601f400b6e080cd60f66a5b6a7b3893be852df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:66:0a:4b:9f:02:bf:21:db:01:b2:8b:d0:
ae:68:c5:59:f9:d6:c4:00:57:82:42:8f:70:19:eb:
7a:2a:75:46:c4:1e:cb:46:0d:4e:09:14:96:d6:da:
bf:7a:5b:bd:60:d2:23:bf:f5:78:99:a9:3a:30:ed:
2a:de:c4:28:3d:12:92:00:0b:b6:3d:4e:da:13:80:
45:95:aa:4a:5f:db:f6:a7:2f:e9:a5:ee:9c:ea:e0:
47:f4:98:62:ce:4f:5c:7b:69:ab:71:34:60:e9:9e:
a9:70:6a:21:20:5f:67:37:8b:b7:32:e1:d6:14:75:
70:31:f5:34:1c:ff:a2:03:1c:3d:46:8f:42:9f:d7:
00:7c:b2:8b:78:14:19:5d:f5:be:d4:32:05:b6:bb:
aa:9a:5f:67:a4:cf:9c:fc:d9:44:11:60:23:c1:f0:
80:81:e0:83:b2:7e:b1:9b:eb:2d:23:60:0a:13:06:
ae:bd:7b:1c:e5:ac:a5:03:9f:3d:7a:95:4f:23:62:
1c:64:75:1d:14:0b:54:d2:16:51:97:0e:e1:b3:dd:
6d:00:74:6f:44:5d:31:34:ca:12:3b:08:41:1e:b4:
c2:8b:62:6b:c6:11:eb:0e:90:03:e2:1c:7f:d9:67:
6d:76:53:a2:fe:a6:ad:08:36:60:c7:a4:12:34:fd:
78:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:01:F4:00:B6:E0:80:CD:60:F6:6A:5B:6A:7B:38:93:BE:85:2D:F1
X509v3 Authority Key Identifier:
keyid:42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/1gH0ALbggM1g9mpbans4k76FLfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/QrTHmiKj_ph-8xkIzUT_gemxrPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4180:1::/48
Signature Algorithm: sha256WithRSAEncryption
75:27:ff:d3:5e:68:67:6b:f8:dc:2b:af:14:33:43:5e:40:ec:
f9:96:37:d1:ba:49:dc:55:3b:32:c0:a4:ab:7f:ab:b9:b0:06:
1b:15:dc:43:73:ef:4d:cc:e1:1e:ff:bd:3f:43:14:70:0b:fd:
b8:a5:d7:10:63:4b:a2:f6:30:c8:97:1f:fa:49:bb:66:24:18:
f5:8f:f8:70:88:bf:38:b7:76:87:1b:28:bb:14:fe:6e:5e:1c:
7c:21:2b:36:ab:d2:41:89:a5:86:e7:7e:5a:50:17:15:91:04:
13:09:81:15:67:33:09:de:b4:6b:c8:7c:a8:5a:5b:a8:fd:76:
4a:fc:e6:07:c4:51:b0:77:64:34:50:16:ce:d0:cd:b6:80:9e:
e3:27:fb:71:af:fc:4d:62:20:cd:aa:88:7b:f1:d4:92:a9:6e:
69:c6:2d:13:8b:c5:55:52:cd:f9:88:42:ba:07:93:11:9a:ee:
78:29:41:68:ca:12:14:0f:b6:e0:aa:3c:31:27:24:e9:15:c7:
1e:8e:df:f0:5a:6d:d7:c7:05:4e:2e:09:be:29:b3:61:fc:c5:
3b:c6:1e:2f:89:1e:22:04:ea:61:8e:cc:c3:ae:0c:8a:9e:b3:
b7:ba:1d:f6:a2:9d:13:24:d3:81:12:49:9c:7f:08:20:05:8e:
9d:f6:6e:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVy3xKh6w3+wlJswMYMrPq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYjRjNzlhMjJhM2ZlOTg3ZWYzMTkwOGNkNDRmZjgxZTli
MWFjZjQwHhcNMjMwMTAyMTQyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjAxZjQwMGI2ZTA4MGNkNjBmNjZhNWI2YTdiMzg5M2JlODUyZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5JmCkufAr8h2wGyi9CuaMVZ+dbE
AFeCQo9wGet6KnVGxB7LRg1OCRSW1tq/elu9YNIjv/V4mak6MO0q3sQoPRKSAAu2
PU7aE4BFlapKX9v2py/ppe6c6uBH9Jhizk9ce2mrcTRg6Z6pcGohIF9nN4u3MuHW
FHVwMfU0HP+iAxw9Ro9Cn9cAfLKLeBQZXfW+1DIFtruqml9npM+c/NlEEWAjwfCA
geCDsn6xm+stI2AKEwauvXsc5aylA589epVPI2IcZHUdFAtU0hZRlw7hs91tAHRv
RF0xNMoSOwhBHrTCi2JrxhHrDpAD4hx/2WdtdlOi/qatCDZgx6QSNP14iwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNYB9AC24IDNYPZqW2p7OJO+hS3xMB8GA1UdIwQY
MBaAFEK0x5oio/6YfvMZCM1E/4Hpsaz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQt
ZjI4ODEzN2NiNTAwLzEvMWdIMEFMYmdnTTFnOW1wYmFuczRrNzZGTGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQtZjI4ODEzN2NiNTAw
LzEvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgZBgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB1J//TXmhna/jcK68UM0NeQOz5ljfRukncVTsy
wKSrf6u5sAYbFdxDc+9NzOEe/70/QxRwC/24pdcQY0ui9jDIlx/6SbtmJBj1j/hw
iL84t3aHGyi7FP5uXhx8ISs2q9JBiaWG535aUBcVkQQTCYEVZzMJ3rRryHyoWluo
/XZK/OYHxFGwd2Q0UBbO0M22gJ7jJ/txr/xNYiDNqoh78dSSqW5pxi0Ti8VVUs35
iEK6B5MRmu54KUFoyhIUD7bgqjwxJyTpFccejt/wWm3XxwVOLgm+KbNh/MU7xh4v
iR4iBOphjszDrgyKnrO3uh32op0TJNOBEkmcfwggBY6d9m6e
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:56:49 2025 by rpki-client