Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/RZ9ln9bgb0lOPJaAzB-tpNGLg24.roa
File: RZ9ln9bgb0lOPJaAzB-tpNGLg24.roa (raw, json)
Hash identifier: YjMVA2k2QjvNs9ftgc390w5/UcabDPWxTcBDDenwZ+E=
Subject key identifier: 45:9F:65:9F:D6:E0:6F:49:4E:3C:96:80:CC:1F:AD:A4:D1:8B:83:6E
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2CAA395E
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/RZ9ln9bgb0lOPJaAzB-tpNGLg24.roa
Signing time: Sat 01 Jan 2022 04:59:38 +0000
ROA not before: Sat 01 Jan 2022 04:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57723
IP address blocks: 2001:1a68:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 749353310 (0x2caa395e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=459f659fd6e06f494e3c9680cc1fada4d18b836e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8f:b0:e0:26:fd:1d:37:fb:f6:e0:65:f2:fa:
bb:83:69:b3:db:db:3b:c7:d9:13:c7:5f:ae:69:52:
d2:99:6b:fd:25:f0:1f:1e:89:61:79:20:f5:2c:e2:
99:3d:a2:70:0a:55:5e:63:18:3b:0b:96:4e:9c:c9:
d7:0c:a2:f8:fd:c7:9f:12:3a:f2:92:ca:76:40:51:
96:ad:4c:2f:d8:44:9c:54:2d:64:4c:58:dd:7f:99:
95:35:9f:c4:a2:cb:02:55:0e:ab:13:0a:ea:c1:92:
c8:18:be:8c:de:c3:fc:87:04:60:7e:ff:0f:61:62:
5b:f7:4a:58:5d:cc:33:ac:4e:44:cf:44:43:21:d2:
53:5d:da:1b:07:01:4e:21:d6:9c:81:c7:f1:66:c3:
96:48:f7:ae:87:ec:3a:94:b4:35:9d:47:99:fb:ba:
80:7e:7e:c6:28:7d:f8:c2:b5:bb:d7:07:90:8e:3f:
2f:fc:cc:e7:8e:f2:0c:14:fb:e9:a1:6a:bf:88:4a:
33:e1:2a:bd:af:3c:e2:57:68:66:bd:38:9b:30:c3:
c9:b0:cc:ca:1e:6a:ef:28:12:d4:aa:cf:44:f2:15:
bb:64:f5:2d:65:c7:50:1a:b1:51:03:f6:ac:e3:69:
a2:e6:05:a8:29:df:ca:8b:5a:21:89:c2:f7:1f:e2:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9F:65:9F:D6:E0:6F:49:4E:3C:96:80:CC:1F:AD:A4:D1:8B:83:6E
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/RZ9ln9bgb0lOPJaAzB-tpNGLg24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1a68:21::/48
Signature Algorithm: sha256WithRSAEncryption
9a:6a:1a:3b:ec:94:21:11:b1:15:43:4a:15:f2:db:e1:a6:de:
bd:00:18:6b:f4:66:28:67:28:80:ff:37:2f:74:1c:31:5f:c1:
d8:07:f3:4c:66:e6:17:ff:b7:0d:06:91:e7:2f:d8:97:ce:7d:
38:fd:46:e3:e4:5a:25:19:1c:2a:a0:1b:ca:aa:fd:26:e4:c0:
f7:15:00:73:6d:7a:c1:f9:8d:d8:a5:c5:46:97:6b:bf:18:0f:
f5:aa:5f:75:cf:c9:51:72:81:5f:b6:3a:3e:42:10:0f:0e:c7:
1b:f5:bf:d3:d5:44:5a:07:c7:22:62:8e:18:59:b1:2c:d1:3d:
23:b4:57:f3:3e:47:0e:c3:b0:77:8b:dc:30:5f:03:66:4b:1b:
07:ae:d2:66:30:4c:7b:f6:3c:0b:55:9a:9c:3a:de:c9:f9:cc:
23:7f:a8:21:19:cc:82:04:1e:ad:69:eb:2c:99:a4:62:73:15:
1d:2c:c9:75:c8:00:fc:d1:6f:45:f6:d8:9c:19:ca:56:b7:65:
44:2d:0b:98:e3:05:cf:94:e9:c6:f8:a4:30:9f:f6:0b:54:46:
68:8a:32:ee:a6:f1:c4:03:f7:ab:3d:2e:67:3a:30:ec:f7:ff:
89:ca:dc:69:58:99:10:8c:7e:f7:9f:cc:20:18:90:24:41:fa:
1c:d9:59:be
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIELKo5XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDU5ZjY1OWZkNmUw
NmY0OTRlM2M5NjgwY2MxZmFkYTRkMThiODM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALePsOAm/R03+/bgZfL6u4Nps9vbO8fZE8dfrmlS0plr/SXw
Hx6JYXkg9SzimT2icApVXmMYOwuWTpzJ1wyi+P3HnxI68pLKdkBRlq1ML9hEnFQt
ZExY3X+ZlTWfxKLLAlUOqxMK6sGSyBi+jN7D/IcEYH7/D2FiW/dKWF3MM6xORM9E
QyHSU13aGwcBTiHWnIHH8WbDlkj3rofsOpS0NZ1Hmfu6gH5+xih9+MK1u9cHkI4/
L/zM547yDBT76aFqv4hKM+Eqva884ldoZr04mzDDybDMyh5q7ygS1KrPRPIVu2T1
LWXHUBqxUQP2rONpouYFqCnfyotaIYnC9x/iUiMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRFn2Wf1uBvSU48loDMH62k0YuDbjAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L1JaOWxuOWJnYjBsT1BKYUF6Qi10cE5HTGcyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABGmgAITANBgkqhkiG9w0BAQsF
AAOCAQEAmmoaO+yUIRGxFUNKFfLb4abevQAYa/RmKGcogP83L3QcMV/B2AfzTGbm
F/+3DQaR5y/Yl859OP1G4+RaJRkcKqAbyqr9JuTA9xUAc216wfmN2KXFRpdrvxgP
9apfdc/JUXKBX7Y6PkIQDw7HG/W/09VEWgfHImKOGFmxLNE9I7RX8z5HDsOwd4vc
MF8DZksbB67SZjBMe/Y8C1WanDreyfnMI3+oIRnMggQerWnrLJmkYnMVHSzJdcgA
/NFvRfbYnBnKVrdlRC0LmOMFz5TpxvikMJ/2C1RGaIoy7qbxxAP3qz0uZzow7Pf/
icrcaViZEIx+95/MIBiQJEH6HNlZvg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:28 2025 by rpki-client