Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/25cIH2JeHpDZFeQ9M1WZCa8iy60.roa
File: 25cIH2JeHpDZFeQ9M1WZCa8iy60.roa (raw, json)
Hash identifier: Ws2zNr32uhhitUI5RbyXS/1vn5tIn1sJcTslWLLRlio=
Subject key identifier: DB:97:08:1F:62:5E:1E:90:D9:15:E4:3D:33:55:99:09:AF:22:CB:AD
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 018B6BC7286FE602004EC8233F5DACE08733
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/25cIH2JeHpDZFeQ9M1WZCa8iy60.roa
Signing time: Thu 26 Oct 2023 11:38:15 +0000
ROA not before: Thu 26 Oct 2023 11:38:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 2001:67c:2350::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:c7:28:6f:e6:02:00:4e:c8:23:3f:5d:ac:e0:87:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Oct 26 11:38:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db97081f625e1e90d915e43d33559909af22cbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:82:28:eb:43:07:ed:6d:bd:5a:61:04:58:
e6:44:5a:af:18:44:89:6b:ec:42:7b:54:e2:c2:48:
7a:be:02:94:ee:9a:bb:5d:e6:a6:52:e6:f7:9a:0c:
a4:06:d6:2a:f4:38:1f:4c:da:7b:2d:f7:5c:31:97:
65:3f:fb:75:03:9f:aa:55:88:e6:4f:c5:3e:17:c8:
f7:e8:97:ac:28:ac:bd:c6:c2:1a:36:45:3e:37:39:
15:bc:7b:1d:11:c5:07:bf:2d:b1:80:a1:0e:9e:9e:
3f:ea:b4:99:44:b0:72:8f:b5:cf:59:b8:73:6f:37:
9c:7d:d0:01:92:85:27:42:30:65:09:c4:14:a6:a1:
00:e5:77:d1:c8:47:25:5b:14:e6:ec:dc:ec:46:58:
98:37:fa:b1:7b:a7:46:15:32:51:78:4b:a6:ec:74:
89:df:6d:15:8c:27:f4:ea:e0:3e:ab:05:34:c9:07:
ef:22:12:9f:4c:04:c4:5d:8e:38:00:b5:04:31:fa:
87:84:40:c3:1e:ea:21:18:4d:27:f9:ff:42:56:71:
07:cd:95:fd:6e:28:34:47:29:a6:69:6f:96:09:99:
09:32:ec:39:fe:88:b0:fd:03:6f:04:9b:20:19:b2:
b4:09:43:f3:7f:c0:87:e6:2e:d7:fc:6f:c6:84:e2:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:97:08:1F:62:5E:1E:90:D9:15:E4:3D:33:55:99:09:AF:22:CB:AD
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/25cIH2JeHpDZFeQ9M1WZCa8iy60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2350::/48
Signature Algorithm: sha256WithRSAEncryption
a1:3d:01:e5:c0:78:3c:f5:47:cf:7c:d5:02:2e:ee:73:58:51:
56:e5:ca:ef:71:d0:65:c4:4a:1c:b5:e0:b8:cd:15:7b:f7:c2:
bd:5d:a9:32:8b:b7:ca:3b:f8:e5:5e:85:6f:6b:77:92:61:91:
16:1c:b8:44:87:15:85:c9:64:44:01:2c:87:44:fc:c5:48:6a:
93:24:cc:9c:1e:55:45:96:bb:d9:f5:49:bf:6a:53:9b:78:05:
37:7f:ce:89:64:a9:da:0c:81:44:84:92:29:89:b0:8b:ab:f6:
3e:4a:42:05:b8:3a:1d:af:84:ee:c7:d7:d9:2c:39:f5:d6:3f:
31:e1:cb:80:9b:72:06:56:00:2a:e5:46:35:44:89:c3:d6:c1:
8a:1c:48:7c:5f:b6:c1:bd:77:22:a3:06:15:1a:47:73:be:18:
00:94:a4:8a:87:06:50:e2:32:83:2f:ba:2c:68:48:4d:2b:13:
a3:20:16:30:e1:ad:46:1d:39:66:18:51:47:16:65:f4:6f:d8:
20:db:5b:48:7d:bc:8e:a0:81:82:9c:8d:58:3a:f2:33:48:65:
76:2c:cd:5e:8c:d6:fc:1c:e7:b8:9a:b3:fd:8f:19:30:ce:17:
6a:c9:47:92:0f:9e:ee:c6:57:48:44:74:55:ca:34:e0:07:c6:
af:07:aa:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtrxyhv5gIATsgjP12s4IczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjMxMDI2MTEzODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk3MDgxZjYyNWUxZTkwZDkxNWU0M2QzMzU1OTkwOWFmMjJjYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAyCKOtDB+1tvVphBFjmRFqvGESJ
a+xCe1Tiwkh6vgKU7pq7XeamUub3mgykBtYq9DgfTNp7LfdcMZdlP/t1A5+qVYjm
T8U+F8j36JesKKy9xsIaNkU+NzkVvHsdEcUHvy2xgKEOnp4/6rSZRLByj7XPWbhz
bzecfdABkoUnQjBlCcQUpqEA5XfRyEclWxTm7NzsRliYN/qxe6dGFTJReEum7HSJ
320VjCf06uA+qwU0yQfvIhKfTATEXY44ALUEMfqHhEDDHuohGE0n+f9CVnEHzZX9
big0RymmaW+WCZkJMuw5/oiw/QNvBJsgGbK0CUPzf8CH5i7X/G/GhOL4swIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNuXCB9iXh6Q2RXkPTNVmQmvIsutMB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvMjVjSUgySmVIcERaRmVROU0xV1pDYThpeTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCNQ
MA0GCSqGSIb3DQEBCwUAA4IBAQChPQHlwHg89UfPfNUCLu5zWFFW5crvcdBlxEoc
teC4zRV798K9Xakyi7fKO/jlXoVva3eSYZEWHLhEhxWFyWREASyHRPzFSGqTJMyc
HlVFlrvZ9Um/alObeAU3f86JZKnaDIFEhJIpibCLq/Y+SkIFuDodr4Tux9fZLDn1
1j8x4cuAm3IGVgAq5UY1RInD1sGKHEh8X7bBvXciowYVGkdzvhgAlKSKhwZQ4jKD
L7osaEhNKxOjIBYw4a1GHTlmGFFHFmX0b9gg21tIfbyOoIGCnI1YOvIzSGV2LM1e
jNb8HOe4mrP9jxkwzhdqyUeSD57uxldIRHRVyjTgB8avB6qF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:12 2025 by rpki-client