Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/yS1iSgchc4PFYOCw_0OzB2wblD8.roa
File: yS1iSgchc4PFYOCw_0OzB2wblD8.roa (raw, json)
Hash identifier: 3Dunly2xLHBjxpX8TbKdVKI91o9OldPEoxp4Thv5ODk=
Subject key identifier: C9:2D:62:4A:07:21:73:83:C5:60:E0:B0:FF:43:B3:07:6C:1B:94:3F
Certificate issuer: /CN=f28c69da94c85edd48d9c1fd8e332ae3bee66004
Certificate serial: 01857127663CB99D91CD3FF4AC42D2CE32B4
Authority key identifier: F2:8C:69:DA:94:C8:5E:DD:48:D9:C1:FD:8E:33:2A:E3:BE:E6:60:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8oxp2pTIXt1I2cH9jjMq477mYAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/yS1iSgchc4PFYOCw_0OzB2wblD8.roa
Signing time: Mon 02 Jan 2023 06:24:45 +0000
ROA not before: Mon 02 Jan 2023 06:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211523
IP address blocks: 2001:678:f28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:66:3c:b9:9d:91:cd:3f:f4:ac:42:d2:ce:32:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28c69da94c85edd48d9c1fd8e332ae3bee66004
Validity
Not Before: Jan 2 06:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92d624a07217383c560e0b0ff43b3076c1b943f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7d:7b:df:35:9d:b9:50:3b:1b:12:7a:e7:82:
03:62:cd:ec:01:1b:3a:68:48:b3:e1:e9:32:06:5c:
80:7b:e6:b2:b1:bd:d8:a5:9e:30:e1:44:31:d2:22:
e1:4b:f5:8a:d8:89:f9:ea:29:e1:da:01:70:c9:d2:
6a:ac:54:ad:c2:ef:3f:77:94:70:22:94:80:91:76:
c7:1d:2b:27:51:c7:2f:7f:aa:ef:d7:fb:08:60:8f:
b7:9c:d7:1f:dc:b2:48:4a:f5:b4:cb:de:73:43:14:
82:11:5b:35:2d:f8:ac:bc:db:55:e4:27:6b:80:08:
ae:dc:c7:95:0b:56:76:5f:21:46:fc:eb:ee:f3:cb:
9a:a0:2d:7e:d1:0d:cf:ef:ab:5e:d8:dd:bc:8a:ec:
44:ae:ee:42:34:bf:4a:9f:8e:65:be:ef:b4:24:b0:
97:fd:19:9f:e3:20:c5:0d:7e:f5:9d:37:f6:4e:f6:
4c:81:a4:06:81:f5:37:c5:27:53:60:a8:d4:71:d7:
01:2d:a9:14:8a:d1:ea:85:af:53:9b:46:02:85:59:
b3:28:81:79:30:4e:4a:17:39:c8:af:f9:12:53:04:
11:fd:a9:c4:40:50:01:8a:b1:a6:6f:09:e7:93:a3:
10:ee:60:f3:08:59:c4:42:cf:e7:3f:9b:81:19:13:
1e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2D:62:4A:07:21:73:83:C5:60:E0:B0:FF:43:B3:07:6C:1B:94:3F
X509v3 Authority Key Identifier:
keyid:F2:8C:69:DA:94:C8:5E:DD:48:D9:C1:FD:8E:33:2A:E3:BE:E6:60:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8oxp2pTIXt1I2cH9jjMq477mYAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/yS1iSgchc4PFYOCw_0OzB2wblD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0dcd96-0ae3-4f5c-8d21-a902b0096b99/1/8oxp2pTIXt1I2cH9jjMq477mYAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f28::/48
Signature Algorithm: sha256WithRSAEncryption
71:ea:cf:bf:ba:33:bd:13:c2:4e:e1:d8:1e:75:82:68:22:c6:
e7:ae:82:e1:68:67:f2:43:de:a1:7c:6c:15:73:41:12:49:5d:
9f:3d:21:5a:d3:a9:e0:06:bd:8f:de:60:3f:3f:0f:89:65:08:
ff:6d:f0:cb:dd:b4:f9:29:9e:b3:78:f5:56:3d:39:71:00:1f:
8f:8e:c4:6e:50:20:70:3d:5e:ad:c2:a1:bf:8c:78:1c:af:50:
ef:4b:1a:2e:2c:1f:90:49:f9:cf:91:c6:9c:e5:60:fc:ae:83:
7d:65:40:3b:8f:75:14:87:8d:f3:45:27:54:7c:cf:79:2d:2c:
66:d0:93:d8:15:13:2c:9e:16:3e:c1:97:69:fd:c5:fe:7f:d2:
cd:b3:d3:0e:f3:e6:54:c9:82:89:34:05:eb:9a:52:1e:a8:1d:
8c:5f:f6:73:68:63:ee:53:d7:54:61:e5:c0:06:07:04:56:ec:
76:04:0b:dd:2d:77:16:e1:b7:b5:9c:d4:3c:1a:d8:45:d3:a7:
ec:96:23:1f:9e:56:f4:14:ac:a0:c6:41:0d:bc:67:65:00:d7:
bb:1c:ee:9b:b6:fa:5a:80:3e:7c:9f:5b:e4:8a:0b:5a:8c:f0:
a9:4b:79:a1:ae:e6:ff:b4:07:27:35:3c:2d:0d:a1:e0:fb:c8:
d6:d7:48:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxJ2Y8uZ2RzT/0rELSzjK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGM2OWRhOTRjODVlZGQ0OGQ5YzFmZDhlMzMyYWUzYmVl
NjYwMDQwHhcNMjMwMTAyMDYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkNjI0YTA3MjE3MzgzYzU2MGUwYjBmZjQzYjMwNzZjMWI5NDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX173zWduVA7GxJ654IDYs3sARs6
aEiz4ekyBlyAe+aysb3YpZ4w4UQx0iLhS/WK2In56inh2gFwydJqrFStwu8/d5Rw
IpSAkXbHHSsnUccvf6rv1/sIYI+3nNcf3LJISvW0y95zQxSCEVs1LfisvNtV5Cdr
gAiu3MeVC1Z2XyFG/Ovu88uaoC1+0Q3P76te2N28iuxEru5CNL9Kn45lvu+0JLCX
/Rmf4yDFDX71nTf2TvZMgaQGgfU3xSdTYKjUcdcBLakUitHqha9Tm0YChVmzKIF5
ME5KFznIr/kSUwQR/anEQFABirGmbwnnk6MQ7mDzCFnEQs/nP5uBGRMenQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMktYkoHIXODxWDgsP9DswdsG5Q/MB8GA1UdIwQY
MBaAFPKMadqUyF7dSNnB/Y4zKuO+5mAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG94cDJwVElYdDFJMmNIOWpqTXE0NzdtWUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8wZGNkOTYtMGFlMy00ZjVjLThkMjEt
YTkwMmIwMDk2Yjk5LzEveVMxaVNnY2hjNFBGWU9Dd18wT3pCMndibEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8wZGNkOTYtMGFlMy00ZjVjLThkMjEtYTkwMmIwMDk2Yjk5
LzEvOG94cDJwVElYdDFJMmNIOWpqTXE0NzdtWUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA8o
MA0GCSqGSIb3DQEBCwUAA4IBAQBx6s+/ujO9E8JO4dgedYJoIsbnroLhaGfyQ96h
fGwVc0ESSV2fPSFa06ngBr2P3mA/Pw+JZQj/bfDL3bT5KZ6zePVWPTlxAB+PjsRu
UCBwPV6twqG/jHgcr1DvSxouLB+QSfnPkcac5WD8roN9ZUA7j3UUh43zRSdUfM95
LSxm0JPYFRMsnhY+wZdp/cX+f9LNs9MO8+ZUyYKJNAXrmlIeqB2MX/ZzaGPuU9dU
YeXABgcEVux2BAvdLXcW4be1nNQ8GthF06fsliMfnlb0FKygxkENvGdlANe7HO6b
tvpagD58n1vkigtajPCpS3mhrub/tAcnNTwtDaHg+8jW10jL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:29 2025 by rpki-client