Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/AFPCyXGXhba3lrEzLOf17gyTkQE.roa
File: AFPCyXGXhba3lrEzLOf17gyTkQE.roa (raw, json)
Hash identifier: 782zlUdZWnTEM/kcUvsye83i2OqKNFGkTRwodxmIxgs=
Subject key identifier: 00:53:C2:C9:71:97:85:B6:B7:96:B1:33:2C:E7:F5:EE:0C:93:91:01
Certificate issuer: /CN=176eb71bd55576f45763badeb676ed59990d396a
Certificate serial: 0249C0
Authority key identifier: 17:6E:B7:1B:D5:55:76:F4:57:63:BA:DE:B6:76:ED:59:99:0D:39:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F263G9VVdvRXY7retnbtWZkNOWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/AFPCyXGXhba3lrEzLOf17gyTkQE.roa
Signing time: Wed 13 Apr 2022 05:58:55 +0000
ROA not before: Wed 13 Apr 2022 05:58:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206020
IP address blocks: 2001:67c:9b4::/48 maxlen: 48
2001:67c:9b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149952 (0x249c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=176eb71bd55576f45763badeb676ed59990d396a
Validity
Not Before: Apr 13 05:58:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0053c2c9719785b6b796b1332ce7f5ee0c939101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:38:dc:34:c0:6e:2c:0a:d3:84:a1:87:3e:
4b:6f:2d:73:2e:36:e5:fd:56:d1:04:1f:88:36:1b:
be:92:86:ba:e0:33:b2:21:a7:2f:7e:a6:d5:71:f6:
6c:15:2e:22:4f:96:2d:60:a2:43:1e:e8:d0:52:bf:
c0:66:17:c0:ca:30:78:3a:d0:21:1d:69:9f:fb:3f:
4e:66:5e:57:e3:8e:6a:a9:ad:05:ce:22:b1:7a:d9:
b2:a0:3b:00:2a:33:22:7a:bf:8f:a6:46:ec:8b:5d:
e5:52:9f:3f:6f:63:d3:ac:5c:65:36:b5:c6:1f:71:
dd:73:19:a4:d2:ca:f0:22:0f:36:77:22:df:14:f9:
10:b9:47:e0:80:95:2d:8f:b5:5f:d9:79:64:cb:b7:
fb:96:c3:64:c7:03:c4:f0:7e:79:03:cb:39:f0:5d:
e3:86:c5:26:d8:83:db:fe:ea:83:10:e4:2c:15:1a:
e3:98:0d:2b:1c:b6:6a:1a:f7:df:15:3d:26:0b:69:
b9:76:0e:a4:d5:ac:5b:51:8e:48:b3:46:2a:83:a5:
ab:85:8b:9c:23:2d:9c:95:8c:5c:3a:88:82:71:c2:
ab:e4:ab:c9:68:08:82:24:90:04:3f:6a:a6:ca:ee:
5e:c5:f9:52:c2:22:96:49:96:5f:9b:21:65:08:4d:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:C2:C9:71:97:85:B6:B7:96:B1:33:2C:E7:F5:EE:0C:93:91:01
X509v3 Authority Key Identifier:
keyid:17:6E:B7:1B:D5:55:76:F4:57:63:BA:DE:B6:76:ED:59:99:0D:39:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F263G9VVdvRXY7retnbtWZkNOWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/AFPCyXGXhba3lrEzLOf17gyTkQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/35f9c4-7b96-4fcb-bca2-9dd3d21907a3/1/F263G9VVdvRXY7retnbtWZkNOWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9b4::/48
2001:67c:9b8::/48
Signature Algorithm: sha256WithRSAEncryption
22:d5:bb:fb:bc:62:e9:81:75:a1:e8:0b:cf:07:02:65:5f:14:
6c:be:73:fc:d2:02:5f:50:a2:d0:0e:0e:98:7b:2c:5a:fc:de:
b0:75:50:de:0c:64:c2:9c:ed:5b:ca:68:fc:37:8e:ef:df:db:
8c:e7:1c:8c:3c:73:9d:24:7e:45:b6:b2:14:27:fa:59:28:44:
62:56:ff:c0:27:86:fb:4c:f2:3e:82:d8:08:c8:68:94:47:ef:
03:da:2a:16:3d:37:1a:a6:5f:ae:0b:c0:ee:8b:28:ca:34:5e:
9d:4c:ca:b9:f0:d9:85:6d:a7:c1:f2:ac:cd:d1:99:06:6c:bf:
9c:8c:1d:1c:f9:b5:b7:1f:42:fb:68:e1:e4:0a:f3:a8:cd:78:
64:e6:21:bb:e8:a4:7e:b1:d7:6b:8e:e3:42:45:85:d6:c9:63:
bc:56:ba:12:a7:22:45:96:ce:cc:56:a5:03:21:5c:2d:59:ce:
14:ca:33:90:3f:48:94:0f:e0:51:f6:ba:93:a2:d7:60:e2:1d:
31:ef:b5:9e:a7:8b:23:70:80:13:b3:e8:b3:41:1a:02:c4:27:
14:04:3a:fd:2d:93:91:71:2c:c5:94:ff:70:c8:7a:72:40:f6:
8d:3a:e6:5f:32:c2:15:bd:e1:99:63:41:d7:b0:a3:d4:80:55:
41:4a:32:6c
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDAknAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE3
NmViNzFiZDU1NTc2ZjQ1NzYzYmFkZWI2NzZlZDU5OTkwZDM5NmEwHhcNMjIwNDEz
MDU1ODU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMDUzYzJjOTcxOTc4
NWI2Yjc5NmIxMzMyY2U3ZjVlZTBjOTM5MTAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3aw43DTAbiwK04Shhz5Lby1zLjbl/VbRBB+INhu+koa64DOy
IacvfqbVcfZsFS4iT5YtYKJDHujQUr/AZhfAyjB4OtAhHWmf+z9OZl5X445qqa0F
ziKxetmyoDsAKjMier+Ppkbsi13lUp8/b2PTrFxlNrXGH3Hdcxmk0srwIg82dyLf
FPkQuUfggJUtj7Vf2Xlky7f7lsNkxwPE8H55A8s58F3jhsUm2IPb/uqDEOQsFRrj
mA0rHLZqGvffFT0mC2m5dg6k1axbUY5Is0Yqg6WrhYucIy2clYxcOoiCccKr5KvJ
aAiCJJAEP2qmyu5exflSwiKWSZZfmyFlCE2zYwIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFABTwslxl4W2t5axMyzn9e4Mk5EBMB8GA1UdIwQYMBaAFBdutxvVVXb0V2O6
3rZ27VmZDTlqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RjI2M0c5VlZkdlJYWTdyZXRuYnRXWmtOT1dvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNi8zNWY5YzQtN2I5Ni00ZmNiLWJjYTItOWRkM2QyMTkwN2EzLzEv
QUZQQ3lYR1hoYmEzbHJFekxPZjE3Z3lUa1FFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8z
NWY5YzQtN2I5Ni00ZmNiLWJjYTItOWRkM2QyMTkwN2EzLzEvRjI2M0c5VlZkdlJY
WTdyZXRuYnRXWmtOT1dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAm0AwcAIAEGfAm4MA0GCSqG
SIb3DQEBCwUAA4IBAQAi1bv7vGLpgXWh6AvPBwJlXxRsvnP80gJfUKLQDg6Yeyxa
/N6wdVDeDGTCnO1bymj8N47v39uM5xyMPHOdJH5FtrIUJ/pZKERiVv/AJ4b7TPI+
gtgIyGiUR+8D2ioWPTcapl+uC8DuiyjKNF6dTMq58NmFbafB8qzN0ZkGbL+cjB0c
+bW3H0L7aOHkCvOozXhk5iG76KR+sddrjuNCRYXWyWO8VroSpyJFls7MVqUDIVwt
Wc4UyjOQP0iUD+BR9rqTotdg4h0x77Wep4sjcIATs+izQRoCxCcUBDr9LZORcSzF
lP9wyHpyQPaNOuZfMsIVveGZY0HXsKPUgFVBSjJs
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:06:34 2025 by rpki-client