Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/S9K2fCIrG4vF-gHxzB9L7zJ6Jao.roa
File: S9K2fCIrG4vF-gHxzB9L7zJ6Jao.roa (raw, json)
Hash identifier: U/fwqztDmUuHr13hahDOw1o/AE1g5xUf0L5q8l3APjc=
Subject key identifier: 4B:D2:B6:7C:22:2B:1B:8B:C5:FA:01:F1:CC:1F:4B:EF:32:7A:25:AA
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA7EE68FF48EC9EEA59C456E59A302
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/S9K2fCIrG4vF-gHxzB9L7zJ6Jao.roa
Signing time: Mon 02 Jan 2023 13:45:02 +0000
ROA not before: Mon 02 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51373
IP address blocks: 2001:1a68:14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7e:e6:8f:f4:8e:c9:ee:a5:9c:45:6e:59:a3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bd2b67c222b1b8bc5fa01f1cc1f4bef327a25aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:8b:1d:d5:d7:29:40:ca:45:37:4f:cf:ed:
9f:ba:fa:24:74:af:d0:0e:01:04:c7:cf:af:14:5c:
af:31:6e:89:df:78:a4:7e:1e:ef:ad:5c:bf:b3:d1:
21:c1:a2:a9:e9:66:36:ab:27:b0:ba:46:26:8a:29:
cc:34:e9:e7:10:ee:14:69:4f:f0:d9:c5:0b:0e:18:
3d:ec:1c:5b:fa:e2:44:dc:53:bd:f1:67:06:d6:b2:
84:2b:7c:ac:90:4e:54:54:02:96:cc:c4:44:28:b7:
47:47:b8:2a:a6:6c:e8:f8:c0:6f:0a:14:65:bb:94:
14:a3:fa:fe:c5:31:6b:df:58:7a:5e:7a:d9:5e:85:
75:7d:99:4e:4b:a2:2d:f2:f1:e7:cc:e7:b4:d6:f5:
e3:57:1b:3d:4b:de:65:be:18:56:3b:dd:f7:a2:5b:
b8:5c:ca:31:54:c6:b9:df:4a:a2:64:1a:06:27:e1:
86:00:a3:ec:75:ab:84:ac:27:da:b7:ff:31:de:59:
31:89:7f:8f:9e:c6:54:4a:3a:1f:6d:e1:9e:19:3c:
7b:e8:e2:8e:ac:7a:e0:49:12:5c:39:65:8a:81:93:
23:66:fb:38:7f:9d:89:0e:38:d2:3e:67:62:b0:e7:
fb:59:20:8e:e5:90:5b:f2:e1:49:16:4f:ca:84:3f:
cd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D2:B6:7C:22:2B:1B:8B:C5:FA:01:F1:CC:1F:4B:EF:32:7A:25:AA
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/S9K2fCIrG4vF-gHxzB9L7zJ6Jao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1a68:14::/48
Signature Algorithm: sha256WithRSAEncryption
6a:c4:62:f3:5d:c8:41:3c:9f:59:8f:dc:0b:00:53:70:8d:16:
f6:bf:53:f3:d1:b9:f2:bb:29:e6:87:59:13:bd:54:fd:70:3e:
40:5a:18:2d:b8:af:8e:53:ca:b1:5b:ac:72:a8:31:0b:30:d5:
52:57:2f:69:37:4b:fa:ac:4f:3f:23:91:52:f7:ec:f9:ed:ff:
20:9d:4f:14:f1:d2:6c:be:be:f8:83:e1:ec:58:54:dd:58:7f:
71:8b:31:e1:cb:9c:a7:82:37:b7:a4:ca:d2:2d:46:a0:d7:42:
db:d2:97:57:a5:32:f4:67:a9:26:16:27:82:e3:fd:65:46:c2:
16:53:a5:82:f4:e8:d1:4f:d4:84:71:64:74:08:29:4f:aa:b1:
47:60:94:53:3e:cf:6f:ac:93:24:fa:74:cc:ad:b2:98:73:15:
7a:c7:43:15:fc:3c:fd:4a:c3:3a:0d:40:96:3b:8c:60:46:9e:
38:67:61:af:b0:d7:59:97:22:4a:c4:b2:6f:82:0a:de:34:d1:
27:44:01:b2:f5:50:19:62:0d:0d:06:b4:9e:bb:b0:15:de:f7:
56:2b:29:a5:ca:61:34:78:e5:21:20:14:16:5f:e2:f3:a3:14:
a1:7b:ad:cd:4d:d9:8b:19:83:29:18:2c:5f:e2:93:87:71:5a:
c9:00:c3:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyun7mj/SOye6lnEVuWaMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQyYjY3YzIyMmIxYjhiYzVmYTAxZjFjYzFmNGJlZjMyN2EyNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb+LHdXXKUDKRTdPz+2fuvokdK/Q
DgEEx8+vFFyvMW6J33ikfh7vrVy/s9EhwaKp6WY2qyewukYmiinMNOnnEO4UaU/w
2cULDhg97Bxb+uJE3FO98WcG1rKEK3yskE5UVAKWzMREKLdHR7gqpmzo+MBvChRl
u5QUo/r+xTFr31h6XnrZXoV1fZlOS6It8vHnzOe01vXjVxs9S95lvhhWO933olu4
XMoxVMa530qiZBoGJ+GGAKPsdauErCfat/8x3lkxiX+PnsZUSjofbeGeGTx76OKO
rHrgSRJcOWWKgZMjZvs4f52JDjjSPmdisOf7WSCO5ZBb8uFJFk/KhD/NqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEvStnwiKxuLxfoB8cwfS+8yeiWqMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvUzlLMmZDSXJHNHZGLWdIeHpCOUw3eko2SmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEaaAAU
MA0GCSqGSIb3DQEBCwUAA4IBAQBqxGLzXchBPJ9Zj9wLAFNwjRb2v1Pz0bnyuynm
h1kTvVT9cD5AWhgtuK+OU8qxW6xyqDELMNVSVy9pN0v6rE8/I5FS9+z57f8gnU8U
8dJsvr74g+HsWFTdWH9xizHhy5yngje3pMrSLUag10Lb0pdXpTL0Z6kmFieC4/1l
RsIWU6WC9OjRT9SEcWR0CClPqrFHYJRTPs9vrJMk+nTMrbKYcxV6x0MV/Dz9SsM6
DUCWO4xgRp44Z2GvsNdZlyJKxLJvggreNNEnRAGy9VAZYg0NBrSeu7AV3vdWKyml
ymE0eOUhIBQWX+LzoxShe63NTdmLGYMpGCxf4pOHcVrJAMO/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:03 2025 by rpki-client