Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/d6mq4pNRPU1QjSncNwgKYljSkVs.roa
File: d6mq4pNRPU1QjSncNwgKYljSkVs.roa (raw, json)
Hash identifier: LGJ2DYxL/GV1CbYgwBNrM7ZjDtO4/YdA6PZZoEIqHCs=
Subject key identifier: 77:A9:AA:E2:93:51:3D:4D:50:8D:29:DC:37:08:0A:62:58:D2:91:5B
Certificate issuer: /CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Certificate serial: 018571F9EAF33991177665954F116C98B3A4
Authority key identifier: 5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/d6mq4pNRPU1QjSncNwgKYljSkVs.roa
Signing time: Mon 02 Jan 2023 10:14:42 +0000
ROA not before: Mon 02 Jan 2023 10:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210833
IP address blocks: 2001:67c:828::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:ea:f3:39:91:17:76:65:95:4f:11:6c:98:b3:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Validity
Not Before: Jan 2 10:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a9aae293513d4d508d29dc37080a6258d2915b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:98:ef:fc:84:fe:f2:c0:b4:7e:7d:c3:92:
8f:2b:66:3c:b4:eb:29:ba:f9:a0:3d:9f:c5:c3:cf:
09:83:fb:29:0e:8e:e7:09:a8:60:7e:8d:75:31:b0:
a4:8d:d5:42:13:bc:9b:1f:6b:6c:ea:c3:9e:c9:59:
d7:f7:18:37:99:39:b7:df:4e:07:a1:13:04:60:f8:
5c:0f:a7:3c:94:d6:fd:96:4a:c3:c8:bb:11:2a:65:
c0:99:e4:bd:bd:85:af:b4:c4:c8:a9:3b:75:51:fb:
4d:40:22:85:83:64:8c:a9:25:32:83:63:9b:86:9c:
e1:2e:9e:f5:bb:6f:16:f9:75:ec:18:8e:f2:6b:56:
b8:dc:5d:ae:76:a0:35:ee:5b:d5:65:ab:c0:99:ba:
d2:70:2f:33:8f:ff:d9:55:0f:bf:90:da:46:ae:0f:
34:07:e8:1e:8f:5a:18:b7:29:b0:e8:50:58:72:04:
03:de:88:39:7b:b5:73:d0:76:f3:ba:a5:28:5c:a7:
52:c3:f5:bd:a7:8e:61:5a:3c:eb:66:d6:0b:29:4d:
43:1b:35:5a:d1:70:59:f7:e1:b1:4e:2d:6b:58:c5:
45:ad:00:ca:bc:a5:7d:3e:da:a4:e7:4b:49:26:c7:
aa:9e:f4:e5:b2:51:09:6c:38:3e:e6:f2:72:03:d7:
5e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A9:AA:E2:93:51:3D:4D:50:8D:29:DC:37:08:0A:62:58:D2:91:5B
X509v3 Authority Key Identifier:
keyid:5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/d6mq4pNRPU1QjSncNwgKYljSkVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/WqZ_80-Urvw6VNVIfAtItN-6DII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:828::/48
Signature Algorithm: sha256WithRSAEncryption
b0:a8:63:00:29:19:ef:22:00:31:46:11:f1:6d:c6:34:d9:09:
6a:63:34:ce:2e:cf:87:82:a1:85:f6:f5:c7:94:56:38:c3:ed:
45:50:83:70:0d:98:8b:45:c7:10:39:9a:76:ec:ce:01:0c:a9:
29:43:de:bf:fd:9f:32:e8:b4:62:1c:17:b1:b1:14:ce:e9:4b:
90:af:e1:a3:49:f8:94:cd:b6:3b:5b:3b:e6:50:10:fd:15:27:
7d:79:0c:fe:2b:8c:70:29:0a:fd:dd:aa:92:d5:8e:3a:b5:36:
bc:d8:d2:b8:be:a4:d3:46:c9:23:b3:c6:4d:3c:fe:c9:b0:0c:
ef:00:07:cc:68:24:35:c1:de:56:52:a3:c9:04:2b:12:c5:38:
8a:6f:41:3e:a6:d9:f1:c9:a1:52:c3:a5:11:b2:66:ed:f2:0f:
46:44:86:28:bd:1d:c5:4e:09:9c:23:97:91:16:bb:4f:26:64:
33:5f:cb:a2:46:ef:ed:b6:c0:6f:40:6c:b3:cc:83:85:5d:26:
ac:4a:18:1d:d3:44:88:ae:64:61:df:59:fa:1d:0c:d7:a8:9a:
d3:ee:d7:2d:b3:9e:55:5c:1c:e6:8b:05:5f:26:6c:af:0b:58:
e0:1b:cd:0b:c2:72:6a:69:d7:ea:5b:46:a0:40:1c:85:6a:88:
72:4c:72:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx+erzOZEXdmWVTxFsmLOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTY3ZmYzNGY5NGFlZmMzYTU0ZDU0ODdjMGI0OGI0ZGZi
YTBjODIwHhcNMjMwMTAyMTAxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E5YWFlMjkzNTEzZDRkNTA4ZDI5ZGMzNzA4MGE2MjU4ZDI5MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkceY7/yE/vLAtH59w5KPK2Y8tOsp
uvmgPZ/Fw88Jg/spDo7nCahgfo11MbCkjdVCE7ybH2ts6sOeyVnX9xg3mTm3304H
oRMEYPhcD6c8lNb9lkrDyLsRKmXAmeS9vYWvtMTIqTt1UftNQCKFg2SMqSUyg2Ob
hpzhLp71u28W+XXsGI7ya1a43F2udqA17lvVZavAmbrScC8zj//ZVQ+/kNpGrg80
B+gej1oYtymw6FBYcgQD3og5e7Vz0HbzuqUoXKdSw/W9p45hWjzrZtYLKU1DGzVa
0XBZ9+GxTi1rWMVFrQDKvKV9Ptqk50tJJseqnvTlslEJbDg+5vJyA9de4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHepquKTUT1NUI0p3DcICmJY0pFbMB8GA1UdIwQY
MBaAFFqmf/NPlK78OlTVSHwLSLTfugyCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FaXzgwLVVydnc2Vk5WSWZBdEl0Ti02RElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mYWJiYTktZWVhYS00MmUzLTg3NzYt
ODUxYTFmOGJmMTgwLzEvZDZtcTRwTlJQVTFRalNuY053Z0tZbGpTa1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mYWJiYTktZWVhYS00MmUzLTg3NzYtODUxYTFmOGJmMTgw
LzEvV3FaXzgwLVVydnc2Vk5WSWZBdEl0Ti02RElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgo
MA0GCSqGSIb3DQEBCwUAA4IBAQCwqGMAKRnvIgAxRhHxbcY02QlqYzTOLs+HgqGF
9vXHlFY4w+1FUINwDZiLRccQOZp27M4BDKkpQ96//Z8y6LRiHBexsRTO6UuQr+Gj
SfiUzbY7WzvmUBD9FSd9eQz+K4xwKQr93aqS1Y46tTa82NK4vqTTRskjs8ZNPP7J
sAzvAAfMaCQ1wd5WUqPJBCsSxTiKb0E+ptnxyaFSw6URsmbt8g9GRIYovR3FTgmc
I5eRFrtPJmQzX8uiRu/ttsBvQGyzzIOFXSasShgd00SIrmRh31n6HQzXqJrT7tct
s55VXBzmiwVfJmyvC1jgG80LwnJqadfqW0agQByFaohyTHJz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:29 2025 by rpki-client