Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/kFcAGCyPssYUenHxyVaJkuqTrq0.roa
File: kFcAGCyPssYUenHxyVaJkuqTrq0.roa (raw, json)
Hash identifier: 7NNjsr4YUXD5kKJeufKXAnCgbqG8SdtqAxr5zVvpap4=
Subject key identifier: 90:57:00:18:2C:8F:B2:C6:14:7A:71:F1:C9:56:89:92:EA:93:AE:AD
Certificate issuer: /CN=b31938bc720282444babd3b26b3492b456adb397
Certificate serial: 0187059E84D0BEDF3B1ED5F58074CB332491
Authority key identifier: B3:19:38:BC:72:02:82:44:4B:AB:D3:B2:6B:34:92:B4:56:AD:B3:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxk4vHICgkRLq9OyazSStFats5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/kFcAGCyPssYUenHxyVaJkuqTrq0.roa
Signing time: Tue 21 Mar 2023 19:21:27 +0000
ROA not before: Tue 21 Mar 2023 19:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199568
IP address blocks: 2001:678:7b0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:9e:84:d0:be:df:3b:1e:d5:f5:80:74:cb:33:24:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31938bc720282444babd3b26b3492b456adb397
Validity
Not Before: Mar 21 19:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=905700182c8fb2c6147a71f1c9568992ea93aead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:70:63:c7:e3:8d:0f:a8:bf:31:e1:50:1a:a6:
00:a4:d6:ea:f4:25:a3:01:8e:75:01:18:35:2e:71:
0f:42:16:a1:78:53:2e:22:89:0c:c1:93:2f:79:6b:
b7:fb:be:18:14:20:bb:c7:46:57:a5:9c:9d:a0:f9:
02:02:3a:39:83:80:d9:54:b7:2f:b3:e5:79:7f:f4:
13:93:bf:64:ce:e3:c1:f4:f0:e2:ec:c4:c5:e6:8f:
7b:e9:9e:d5:09:88:fc:9c:be:ba:46:2a:ff:76:98:
d3:13:7c:0e:51:31:c3:8e:02:65:84:cc:2b:c7:6e:
a5:8d:85:b8:a0:3c:35:ee:49:81:df:71:69:a3:9b:
37:69:8d:a8:55:bd:b4:72:c6:12:9b:13:75:df:5e:
bb:b2:6e:6e:b5:fc:12:bf:2a:16:3d:e5:5f:e0:b6:
39:9b:9d:40:ce:bc:ab:10:19:47:bf:71:6e:e6:99:
51:0f:ad:ae:58:20:69:3b:36:6f:d0:0e:b3:9a:49:
3a:37:8f:a4:70:6b:53:51:5f:44:73:ea:f3:d5:7d:
5a:66:6b:73:98:a5:d7:51:0b:57:92:34:7b:9f:98:
dc:04:4c:0f:47:0f:25:f5:6b:3f:2a:96:b9:d2:ad:
b1:8e:35:32:0f:3f:af:3d:1c:0d:fe:de:02:72:8b:
92:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:57:00:18:2C:8F:B2:C6:14:7A:71:F1:C9:56:89:92:EA:93:AE:AD
X509v3 Authority Key Identifier:
keyid:B3:19:38:BC:72:02:82:44:4B:AB:D3:B2:6B:34:92:B4:56:AD:B3:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxk4vHICgkRLq9OyazSStFats5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/kFcAGCyPssYUenHxyVaJkuqTrq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:7b0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:b3:88:16:6c:7a:c8:4a:6b:35:ba:e9:aa:aa:63:a5:1e:f9:
67:2b:3e:8d:f0:ec:8d:05:f4:06:53:ff:93:25:76:ee:7a:db:
02:a3:5a:ae:29:d8:55:ac:f3:68:43:16:04:22:ae:a3:38:af:
73:e4:12:5c:a9:43:1f:84:7b:ce:b1:ac:3d:fa:29:0e:32:46:
cf:ec:8b:51:67:c9:f2:a1:4b:82:5f:e7:1a:34:a3:05:6e:29:
22:98:dd:fb:a8:6e:69:97:16:b6:a1:71:4f:64:2a:3c:bc:32:
74:bb:f2:38:4a:b6:92:8b:85:87:11:ee:ac:74:d9:8e:b4:b8:
78:23:b1:bf:76:f3:83:1e:a7:82:57:67:45:3b:c6:85:c7:1b:
60:56:cc:23:d8:ac:34:e8:68:ec:53:7a:56:11:99:e1:a8:a9:
9c:7a:a3:b4:88:f9:09:4b:92:5f:24:d6:24:6e:3b:93:77:61:
5e:17:aa:25:91:13:f2:86:cb:51:64:c0:63:61:ed:4d:e7:e2:
b3:a7:42:e9:31:2b:43:2d:6d:b8:4c:bd:52:1d:3b:0a:d1:bd:
a5:34:60:e4:5e:71:57:0d:6a:58:35:44:d9:7f:9b:e4:9b:dd:
4b:4a:f5:77:2a:72:03:da:e9:27:84:fe:1b:31:4b:15:2f:04:
d7:ac:4d:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYcFnoTQvt87HtX1gHTLMySRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTkzOGJjNzIwMjgyNDQ0YmFiZDNiMjZiMzQ5MmI0NTZh
ZGIzOTcwHhcNMjMwMzIxMTkyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDU3MDAxODJjOGZiMmM2MTQ3YTcxZjFjOTU2ODk5MmVhOTNhZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXBjx+OND6i/MeFQGqYApNbq9CWj
AY51ARg1LnEPQhaheFMuIokMwZMveWu3+74YFCC7x0ZXpZydoPkCAjo5g4DZVLcv
s+V5f/QTk79kzuPB9PDi7MTF5o976Z7VCYj8nL66Rir/dpjTE3wOUTHDjgJlhMwr
x26ljYW4oDw17kmB33Fpo5s3aY2oVb20csYSmxN13167sm5utfwSvyoWPeVf4LY5
m51AzryrEBlHv3Fu5plRD62uWCBpOzZv0A6zmkk6N4+kcGtTUV9Ec+rz1X1aZmtz
mKXXUQtXkjR7n5jcBEwPRw8l9Ws/Kpa50q2xjjUyDz+vPRwN/t4CcouS8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJBXABgsj7LGFHpx8clWiZLqk66tMB8GA1UdIwQY
MBaAFLMZOLxyAoJES6vTsms0krRWrbOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hrNHZISUNna1JMcTlPeWF6U1N0RmF0czVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83NWRlZGUtNTQ0OS00ZDQ3LTliNTEt
OWI1ZGY4NWMxMTQwLzEva0ZjQUdDeVBzc1lVZW5IeHlWYUprdXFUcnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83NWRlZGUtNTQ0OS00ZDQ3LTliNTEtOWI1ZGY4NWMxMTQw
LzEvc3hrNHZISUNna1JMcTlPeWF6U1N0RmF0czVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAew
MA0GCSqGSIb3DQEBCwUAA4IBAQB7s4gWbHrISms1uumqqmOlHvlnKz6N8OyNBfQG
U/+TJXbuetsCo1quKdhVrPNoQxYEIq6jOK9z5BJcqUMfhHvOsaw9+ikOMkbP7ItR
Z8nyoUuCX+caNKMFbikimN37qG5plxa2oXFPZCo8vDJ0u/I4SraSi4WHEe6sdNmO
tLh4I7G/dvODHqeCV2dFO8aFxxtgVswj2Kw06GjsU3pWEZnhqKmceqO0iPkJS5Jf
JNYkbjuTd2FeF6olkRPyhstRZMBjYe1N5+Kzp0LpMStDLW24TL1SHTsK0b2lNGDk
XnFXDWpYNUTZf5vkm91LSvV3KnID2uknhP4bMUsVLwTXrE2Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:53 2025 by rpki-client