Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/28c2b7-667e-4def-b415-7b4adeb7a4b5/1/TUr0d7sEr7qcf-EcITqaiH1zAU4.roa
File: TUr0d7sEr7qcf-EcITqaiH1zAU4.roa (raw, json)
Hash identifier: 8NV2/QeocKU240OVzZcnw65QdtAPp+NTIrfDK/SB5ug=
Subject key identifier: 4D:4A:F4:77:BB:04:AF:BA:9C:7F:E1:1C:21:3A:9A:88:7D:73:01:4E
Certificate issuer: /CN=bd3bcb8628bdbeadb194a235ac4b8c8b711e37d1
Certificate serial: 018457E03A4EAE1C78EDA4CAAD22262E848A
Authority key identifier: BD:3B:CB:86:28:BD:BE:AD:B1:94:A2:35:AC:4B:8C:8B:71:1E:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTvLhii9vq2xlKI1rEuMi3EeN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/28c2b7-667e-4def-b415-7b4adeb7a4b5/1/TUr0d7sEr7qcf-EcITqaiH1zAU4.roa
Signing time: Tue 08 Nov 2022 15:33:43 +0000
ROA not before: Tue 08 Nov 2022 15:33:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62309
IP address blocks: 2001:67c:af0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:e0:3a:4e:ae:1c:78:ed:a4:ca:ad:22:26:2e:84:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3bcb8628bdbeadb194a235ac4b8c8b711e37d1
Validity
Not Before: Nov 8 15:33:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d4af477bb04afba9c7fe11c213a9a887d73014e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:b1:00:df:d2:d5:03:b3:11:7c:25:08:ac:
e8:91:70:7d:49:5a:85:a0:25:6a:78:b8:37:92:c6:
8f:69:40:4f:2c:19:ff:4e:a7:a6:5b:de:ca:7f:1e:
2b:2d:6c:7f:cc:35:e4:d6:d8:01:da:96:6a:f1:63:
af:24:4b:cd:85:ff:6a:9d:aa:2e:6f:77:89:cc:c7:
ae:d2:60:b5:21:6e:dd:4f:d6:5c:dc:8a:81:42:c6:
48:81:c6:53:1b:de:f6:d2:19:6d:5f:c7:86:d0:c4:
53:03:60:01:53:f5:fb:42:87:11:93:7a:0a:4e:24:
c3:51:18:25:38:0c:45:7d:59:05:29:63:52:d1:f2:
6e:b2:4e:eb:16:d0:b4:01:6f:c6:79:a1:51:6f:2b:
cb:22:3d:a0:3a:0a:0f:00:bb:03:20:2f:61:12:eb:
33:19:61:5a:d6:85:f9:d5:f8:45:aa:b0:f1:34:2f:
5d:0b:01:1d:01:8f:63:01:ba:2e:be:7e:c3:c9:4e:
69:60:eb:da:b3:e3:3b:9f:c1:96:e6:9a:54:95:74:
d1:22:4d:1b:fb:7d:75:1f:3a:f5:4f:b9:f5:6d:b5:
e9:70:21:7a:a2:ca:42:90:75:9e:38:b7:9c:f9:24:
f1:f9:aa:73:01:08:ea:f4:b9:88:b8:67:0b:cc:0b:
f8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4A:F4:77:BB:04:AF:BA:9C:7F:E1:1C:21:3A:9A:88:7D:73:01:4E
X509v3 Authority Key Identifier:
keyid:BD:3B:CB:86:28:BD:BE:AD:B1:94:A2:35:AC:4B:8C:8B:71:1E:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTvLhii9vq2xlKI1rEuMi3EeN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/28c2b7-667e-4def-b415-7b4adeb7a4b5/1/TUr0d7sEr7qcf-EcITqaiH1zAU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/28c2b7-667e-4def-b415-7b4adeb7a4b5/1/vTvLhii9vq2xlKI1rEuMi3EeN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:af0::/48
Signature Algorithm: sha256WithRSAEncryption
a7:fd:97:4f:60:4d:c8:22:71:77:82:4e:bf:61:17:68:b0:57:
93:0d:72:69:51:51:a6:c1:95:bc:53:59:56:d4:16:c7:33:db:
fe:9e:cb:b6:dc:0c:d7:d6:04:50:d3:76:d0:02:65:58:b0:bf:
ba:5e:e4:de:c7:89:91:09:2d:06:ad:c3:07:77:83:d5:4f:2c:
d4:ef:44:5f:e3:3e:c8:40:2e:5a:b7:02:8b:9d:aa:66:32:42:
66:7f:86:95:67:02:16:5e:f5:06:a6:3d:0c:72:a3:d7:b6:70:
ec:f9:c4:b4:e1:73:b2:49:71:1f:d0:3d:69:f9:1f:5c:70:27:
b7:9b:04:92:0e:31:ad:5e:74:30:f5:bd:d3:57:aa:5a:72:e9:
48:79:80:b8:29:a7:89:c9:0e:95:9e:b5:55:6b:69:59:ca:45:
d8:9f:5a:c5:3e:39:08:b7:5e:91:30:df:b7:76:8a:84:eb:fe:
dc:e2:75:68:36:e3:14:ed:1a:90:ea:cd:98:c9:f1:d0:f6:76:
5a:f0:84:be:3c:94:95:6a:69:e6:b3:66:43:83:cd:1a:07:ce:
d3:cd:5a:34:25:8b:ec:36:e9:f6:0a:6d:f1:6d:b1:03:74:f9:
cc:af:af:01:af:b5:3f:16:99:0c:ff:71:a9:02:dc:3e:2f:b9:
be:71:47:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYRX4DpOrhx47aTKrSImLoSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkM2JjYjg2MjhiZGJlYWRiMTk0YTIzNWFjNGI4YzhiNzEx
ZTM3ZDEwHhcNMjIxMTA4MTUzMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRhZjQ3N2JiMDRhZmJhOWM3ZmUxMWMyMTNhOWE4ODdkNzMwMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIuxAN/S1QOzEXwlCKzokXB9SVqF
oCVqeLg3ksaPaUBPLBn/TqemW97Kfx4rLWx/zDXk1tgB2pZq8WOvJEvNhf9qnaou
b3eJzMeu0mC1IW7dT9Zc3IqBQsZIgcZTG9720hltX8eG0MRTA2ABU/X7QocRk3oK
TiTDURglOAxFfVkFKWNS0fJusk7rFtC0AW/GeaFRbyvLIj2gOgoPALsDIC9hEusz
GWFa1oX51fhFqrDxNC9dCwEdAY9jAbouvn7DyU5pYOvas+M7n8GW5ppUlXTRIk0b
+311Hzr1T7n1bbXpcCF6ospCkHWeOLec+STx+apzAQjq9LmIuGcLzAv4hwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE1K9He7BK+6nH/hHCE6moh9cwFOMB8GA1UdIwQY
MBaAFL07y4Yovb6tsZSiNaxLjItxHjfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlR2TGhpaTl2cTJ4bEtJMXJFdU1pM0VlTjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yOGMyYjctNjY3ZS00ZGVmLWI0MTUt
N2I0YWRlYjdhNGI1LzEvVFVyMGQ3c0VyN3FjZi1FY0lUcWFpSDF6QVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yOGMyYjctNjY3ZS00ZGVmLWI0MTUtN2I0YWRlYjdhNGI1
LzEvdlR2TGhpaTl2cTJ4bEtJMXJFdU1pM0VlTjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfArw
MA0GCSqGSIb3DQEBCwUAA4IBAQCn/ZdPYE3IInF3gk6/YRdosFeTDXJpUVGmwZW8
U1lW1BbHM9v+nsu23AzX1gRQ03bQAmVYsL+6XuTex4mRCS0GrcMHd4PVTyzU70Rf
4z7IQC5atwKLnapmMkJmf4aVZwIWXvUGpj0McqPXtnDs+cS04XOySXEf0D1p+R9c
cCe3mwSSDjGtXnQw9b3TV6paculIeYC4KaeJyQ6VnrVVa2lZykXYn1rFPjkIt16R
MN+3doqE6/7c4nVoNuMU7RqQ6s2YyfHQ9nZa8IS+PJSVamnms2ZDg80aB87TzVo0
JYvsNun2Cm3xbbEDdPnMr68Br7U/FpkM/3GpAtw+L7m+cUd6
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:52 2025 by rpki-client