Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/d4d12a-ab4e-4dba-95de-bc637130de6e/1/hytNX_QF7csFURrapAPKwHko-q8.roa
File: hytNX_QF7csFURrapAPKwHko-q8.roa (raw, json)
Hash identifier: cFxl7iGySdclBU5N557TcobXNw7i8TR/KqHSgqgJHgg=
Subject key identifier: 87:2B:4D:5F:F4:05:ED:CB:05:51:1A:DA:A4:03:CA:C0:79:28:FA:AF
Certificate issuer: /CN=7fb43de237fd0b6a287389230921d25a2c2ed1a8
Certificate serial: 01856CE61AED6290E173566E942BD9CDD2B1
Authority key identifier: 7F:B4:3D:E2:37:FD:0B:6A:28:73:89:23:09:21:D2:5A:2C:2E:D1:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f7Q94jf9C2ooc4kjCSHSWiwu0ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/d4d12a-ab4e-4dba-95de-bc637130de6e/1/hytNX_QF7csFURrapAPKwHko-q8.roa
Signing time: Sun 01 Jan 2023 10:34:57 +0000
ROA not before: Sun 01 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200924
IP address blocks: 2001:678:66c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:1a:ed:62:90:e1:73:56:6e:94:2b:d9:cd:d2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fb43de237fd0b6a287389230921d25a2c2ed1a8
Validity
Not Before: Jan 1 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=872b4d5ff405edcb05511adaa403cac07928faaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:34:90:8b:2e:82:ca:fe:9b:39:84:34:47:f6:
5a:32:6a:38:12:84:01:57:74:42:59:01:2a:52:2b:
ff:2f:2e:ed:de:3e:e9:23:31:04:eb:be:47:3c:f5:
40:a3:a1:44:6e:b4:c0:5d:2e:1f:13:27:c9:32:65:
95:8b:4d:ee:4e:6e:88:ec:06:02:4f:6f:c1:60:15:
7d:83:57:11:e9:fd:1a:00:70:13:c8:1f:07:1f:51:
47:68:37:0a:af:6f:ed:fb:ca:c2:6d:91:f4:ba:12:
ef:82:23:a4:0b:d5:7b:94:d8:c7:55:1c:58:10:20:
b7:cd:5a:96:62:cb:b5:a0:eb:e1:25:2d:ff:12:db:
0e:fe:4c:53:fa:e9:3c:34:18:3c:d2:9c:81:75:a3:
df:dc:b3:af:3d:bc:7f:ff:13:48:45:f2:8d:42:2e:
f5:39:c0:1a:03:08:5a:8c:a6:b5:ac:07:45:69:d9:
34:e3:6c:a2:04:28:b9:ab:d1:0a:b1:ab:ae:e8:07:
84:3f:ce:0c:8c:36:41:d7:3e:b4:ea:40:82:bf:7b:
60:02:4d:a1:ae:07:91:c2:00:fb:1d:f6:a9:0d:fc:
c6:de:eb:49:7e:bf:4b:2e:f5:2d:b8:dd:7a:0e:e9:
c6:f4:23:94:35:a0:eb:32:ec:96:5d:7a:54:ca:61:
83:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2B:4D:5F:F4:05:ED:CB:05:51:1A:DA:A4:03:CA:C0:79:28:FA:AF
X509v3 Authority Key Identifier:
keyid:7F:B4:3D:E2:37:FD:0B:6A:28:73:89:23:09:21:D2:5A:2C:2E:D1:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7Q94jf9C2ooc4kjCSHSWiwu0ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/d4d12a-ab4e-4dba-95de-bc637130de6e/1/hytNX_QF7csFURrapAPKwHko-q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/d4d12a-ab4e-4dba-95de-bc637130de6e/1/f7Q94jf9C2ooc4kjCSHSWiwu0ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:66c::/48
Signature Algorithm: sha256WithRSAEncryption
7c:67:4e:f4:1e:e0:ea:7a:35:ec:da:c4:b2:9f:81:43:05:17:
d4:b3:1e:0a:a8:2f:bd:51:4f:49:48:9c:85:05:0d:76:c6:4e:
5f:e2:0f:2f:a7:4d:6e:0d:28:65:c3:37:d6:1b:49:c2:49:09:
2b:da:de:f1:27:b1:ad:90:c7:81:24:70:ac:10:77:ba:4f:c8:
81:44:a5:9f:46:1d:34:e2:72:77:a6:5d:ba:74:55:a0:90:83:
15:e2:96:85:67:80:9b:99:a2:eb:d1:e8:5a:46:22:90:ca:99:
3c:32:46:4c:80:bf:8e:73:51:e6:40:6d:1d:14:5d:af:56:3a:
5a:55:e2:91:5a:9d:26:b3:3b:d3:e1:c4:9a:a2:18:ef:ab:2e:
3e:95:aa:4e:be:a5:b5:91:82:83:67:bb:85:40:4c:a2:61:2c:
ba:b6:f6:a3:a7:68:db:cc:42:a5:39:cc:34:34:ae:a6:74:9e:
35:f2:03:6e:6c:4e:62:5f:bb:7f:54:89:6c:e8:1b:c0:67:4c:
73:7b:22:4b:34:8b:63:e4:2b:bb:66:57:d0:a6:4c:31:43:93:
c4:33:bc:f9:d3:52:35:1f:e5:a0:da:2e:88:1f:ae:19:30:4f:
90:a0:12:2b:16:80:0d:d0:59:cd:5a:77:1a:f4:51:8c:95:43:
1e:0d:a3:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs5hrtYpDhc1ZulCvZzdKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYjQzZGUyMzdmZDBiNmEyODczODkyMzA5MjFkMjVhMmMy
ZWQxYTgwHhcNMjMwMTAxMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJiNGQ1ZmY0MDVlZGNiMDU1MTFhZGFhNDAzY2FjMDc5MjhmYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljSQiy6Cyv6bOYQ0R/ZaMmo4EoQB
V3RCWQEqUiv/Ly7t3j7pIzEE675HPPVAo6FEbrTAXS4fEyfJMmWVi03uTm6I7AYC
T2/BYBV9g1cR6f0aAHATyB8HH1FHaDcKr2/t+8rCbZH0uhLvgiOkC9V7lNjHVRxY
ECC3zVqWYsu1oOvhJS3/EtsO/kxT+uk8NBg80pyBdaPf3LOvPbx//xNIRfKNQi71
OcAaAwhajKa1rAdFadk042yiBCi5q9EKsauu6AeEP84MjDZB1z606kCCv3tgAk2h
rgeRwgD7HfapDfzG3utJfr9LLvUtuN16DunG9COUNaDrMuyWXXpUymGDEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIcrTV/0Be3LBVEa2qQDysB5KPqvMB8GA1UdIwQY
MBaAFH+0PeI3/QtqKHOJIwkh0losLtGoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjdROTRqZjlDMm9vYzRrakNTSFNXaXd1MGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kNGQxMmEtYWI0ZS00ZGJhLTk1ZGUt
YmM2MzcxMzBkZTZlLzEvaHl0TlhfUUY3Y3NGVVJyYXBBUEt3SGtvLXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kNGQxMmEtYWI0ZS00ZGJhLTk1ZGUtYmM2MzcxMzBkZTZl
LzEvZjdROTRqZjlDMm9vYzRrakNTSFNXaXd1MGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAZs
MA0GCSqGSIb3DQEBCwUAA4IBAQB8Z070HuDqejXs2sSyn4FDBRfUsx4KqC+9UU9J
SJyFBQ12xk5f4g8vp01uDShlwzfWG0nCSQkr2t7xJ7GtkMeBJHCsEHe6T8iBRKWf
Rh004nJ3pl26dFWgkIMV4paFZ4CbmaLr0ehaRiKQypk8MkZMgL+Oc1HmQG0dFF2v
VjpaVeKRWp0mszvT4cSaohjvqy4+lapOvqW1kYKDZ7uFQEyiYSy6tvajp2jbzEKl
Ocw0NK6mdJ418gNubE5iX7t/VIls6BvAZ0xzeyJLNItj5Cu7ZlfQpkwxQ5PEM7z5
01I1H+Wg2i6IH64ZME+QoBIrFoAN0FnNWnca9FGMlUMeDaP1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:59 2025 by rpki-client