Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/4dmhTDhunDY2PcEN3DwbV98SDzk.roa
File: 4dmhTDhunDY2PcEN3DwbV98SDzk.roa (raw, json)
Hash identifier: BQOWvWJXsMMwk1xmM6Zi0zKjiCpBpkhyyCm1pAsonfc=
Subject key identifier: E1:D9:A1:4C:38:6E:9C:36:36:3D:C1:0D:DC:3C:1B:57:DF:12:0F:39
Certificate issuer: /CN=176eb71bd55576f45763badeb676ed59990d396a
Certificate serial: 0185704BE34CC5B6B459FE716F69EA34FF0E
Authority key identifier: 17:6E:B7:1B:D5:55:76:F4:57:63:BA:DE:B6:76:ED:59:99:0D:39:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F263G9VVdvRXY7retnbtWZkNOWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/4dmhTDhunDY2PcEN3DwbV98SDzk.roa
Signing time: Mon 02 Jan 2023 02:24:59 +0000
ROA not before: Mon 02 Jan 2023 02:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206020
IP address blocks: 2001:67c:9b4::/48 maxlen: 48
2001:67c:9b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e3:4c:c5:b6:b4:59:fe:71:6f:69:ea:34:ff:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=176eb71bd55576f45763badeb676ed59990d396a
Validity
Not Before: Jan 2 02:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1d9a14c386e9c36363dc10ddc3c1b57df120f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5f:76:4a:b9:4d:08:37:cd:f6:91:7d:e5:74:
8a:f5:23:73:e1:de:b0:41:d8:bf:cd:a0:fb:dd:26:
7d:9b:8a:2e:fc:8d:52:fb:98:df:9f:1d:d4:da:0f:
b1:65:02:2d:a9:e1:c7:d4:a5:8a:d8:fb:fd:96:6c:
a1:da:42:97:f3:90:20:34:17:c5:f0:9a:d3:bd:d5:
8d:7b:1e:2e:76:36:f5:8f:22:19:23:d0:f7:78:48:
66:34:33:24:f4:10:9f:0b:ab:6b:3f:a2:1b:01:97:
4a:8e:28:dd:05:5e:5e:de:dd:1c:b6:b9:ce:35:8e:
25:b4:cc:0f:7c:fd:8e:d5:78:a1:fb:d2:24:61:03:
1f:e3:24:33:bc:86:ca:ce:28:0c:8b:3f:b6:74:59:
c4:46:ec:dd:7a:bc:e7:4d:9e:9e:24:40:b9:d9:f1:
50:3e:76:da:a8:60:d6:07:4b:12:01:a8:55:6d:f8:
af:ec:34:da:05:ee:45:49:00:aa:8a:4e:f3:5f:0a:
b3:b3:86:c0:bf:3d:7a:0f:1b:c8:c7:3f:cc:92:cc:
bf:97:54:c5:29:cd:97:00:a1:22:90:1f:ab:cf:ff:
a9:f6:6e:e8:c0:cd:33:30:22:0f:1b:e4:63:05:14:
3f:d5:97:7d:ce:c8:61:fd:aa:5a:1d:fd:23:cf:35:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D9:A1:4C:38:6E:9C:36:36:3D:C1:0D:DC:3C:1B:57:DF:12:0F:39
X509v3 Authority Key Identifier:
keyid:17:6E:B7:1B:D5:55:76:F4:57:63:BA:DE:B6:76:ED:59:99:0D:39:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F263G9VVdvRXY7retnbtWZkNOWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/4dmhTDhunDY2PcEN3DwbV98SDzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/F263G9VVdvRXY7retnbtWZkNOWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9b4::/48
2001:67c:9b8::/48
Signature Algorithm: sha256WithRSAEncryption
32:4d:db:91:7a:c2:f7:ff:3b:8e:36:1b:ff:f8:ee:49:9d:e0:
aa:d8:27:7e:e1:3b:e3:38:38:58:dd:b2:35:a5:9c:51:bd:3a:
6a:d2:8e:7a:7c:93:24:f9:a1:0a:f0:9e:5f:6f:dd:88:05:78:
f3:de:33:80:21:9d:f6:7b:78:6f:53:e6:9b:6a:f4:ff:6f:2b:
5a:54:bb:19:16:68:d6:59:73:b9:5b:25:fd:8f:0e:44:c9:3f:
45:f4:d4:c8:97:d8:8a:46:11:6a:7f:98:a8:b4:7e:15:19:1e:
f5:86:28:52:31:88:4e:3e:e9:6c:fe:03:30:6f:22:e8:87:26:
49:ef:e1:fb:66:a2:c9:65:b7:75:3c:d7:26:dd:67:02:22:a7:
59:5d:73:55:b7:86:14:7f:33:66:05:02:5d:7d:76:ed:8a:9c:
a5:a1:95:b7:89:70:26:5f:5f:83:96:32:15:45:ba:92:29:91:
9d:e9:01:70:7f:b6:2d:d1:f4:4b:2f:76:23:e5:61:32:e8:cd:
28:db:74:ea:58:3f:3a:56:5c:67:04:59:63:cc:4a:14:4e:68:
f9:32:e1:01:34:73:fe:c5:e3:08:6f:63:f0:b1:df:3a:28:dc:
6f:2f:5a:f4:59:00:52:cd:71:f8:e7:bb:04:72:41:b1:71:e5:
56:3d:0a:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwS+NMxba0Wf5xb2nqNP8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NmViNzFiZDU1NTc2ZjQ1NzYzYmFkZWI2NzZlZDU5OTkw
ZDM5NmEwHhcNMjMwMTAyMDIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ5YTE0YzM4NmU5YzM2MzYzZGMxMGRkYzNjMWI1N2RmMTIwZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi192SrlNCDfN9pF95XSK9SNz4d6w
Qdi/zaD73SZ9m4ou/I1S+5jfnx3U2g+xZQItqeHH1KWK2Pv9lmyh2kKX85AgNBfF
8JrTvdWNex4udjb1jyIZI9D3eEhmNDMk9BCfC6trP6IbAZdKjijdBV5e3t0ctrnO
NY4ltMwPfP2O1Xih+9IkYQMf4yQzvIbKzigMiz+2dFnERuzderznTZ6eJEC52fFQ
PnbaqGDWB0sSAahVbfiv7DTaBe5FSQCqik7zXwqzs4bAvz16DxvIxz/Mksy/l1TF
Kc2XAKEikB+rz/+p9m7owM0zMCIPG+RjBRQ/1Zd9zshh/apaHf0jzzXgQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOHZoUw4bpw2Nj3BDdw8G1ffEg85MB8GA1UdIwQY
MBaAFBdutxvVVXb0V2O63rZ27VmZDTlqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjI2M0c5VlZkdlJYWTdyZXRuYnRXWmtOT1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8zNWY5YzQtN2I5Ni00ZmNiLWJjYTIt
OWRkM2QyMTkwN2EzLzEvNGRtaFREaHVuRFkyUGNFTjNEd2JWOThTRHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8zNWY5YzQtN2I5Ni00ZmNiLWJjYTItOWRkM2QyMTkwN2Ez
LzEvRjI2M0c5VlZkdlJYWTdyZXRuYnRXWmtOT1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAm0
AwcAIAEGfAm4MA0GCSqGSIb3DQEBCwUAA4IBAQAyTduResL3/zuONhv/+O5JneCq
2Cd+4TvjODhY3bI1pZxRvTpq0o56fJMk+aEK8J5fb92IBXjz3jOAIZ32e3hvU+ab
avT/bytaVLsZFmjWWXO5WyX9jw5EyT9F9NTIl9iKRhFqf5iotH4VGR71hihSMYhO
Puls/gMwbyLohyZJ7+H7ZqLJZbd1PNcm3WcCIqdZXXNVt4YUfzNmBQJdfXbtipyl
oZW3iXAmX1+DljIVRbqSKZGd6QFwf7Yt0fRLL3Yj5WEy6M0o23TqWD86VlxnBFlj
zEoUTmj5MuEBNHP+xeMIb2Pwsd86KNxvL1r0WQBSzXH457sEckGxceVWPQqt
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:17:43 2025 by rpki-client