Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0d6655-c0eb-4626-96d5-e63c91adce7f/1/a1CIiFQb7qhk80QyUfynZxwWCnM.roa
File: a1CIiFQb7qhk80QyUfynZxwWCnM.roa (raw, json)
Hash identifier: arpJBWCw7obgbVQc0XaHkYYYsbxIm8/tYKS/9XeAA20=
Subject key identifier: 6B:50:88:88:54:1B:EE:A8:64:F3:44:32:51:FC:A7:67:1C:16:0A:73
Certificate issuer: /CN=5485c8ef037cb897c8e94cf621c5a37d651c5ea5
Certificate serial: 018571F0FCABC7DF53FF19BBB4A255386297
Authority key identifier: 54:85:C8:EF:03:7C:B8:97:C8:E9:4C:F6:21:C5:A3:7D:65:1C:5E:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VIXI7wN8uJfI6Uz2IcWjfWUcXqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0d6655-c0eb-4626-96d5-e63c91adce7f/1/a1CIiFQb7qhk80QyUfynZxwWCnM.roa
Signing time: Mon 02 Jan 2023 10:04:56 +0000
ROA not before: Mon 02 Jan 2023 10:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199086
IP address blocks: 2001:678:4cc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fc:ab:c7:df:53:ff:19:bb:b4:a2:55:38:62:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5485c8ef037cb897c8e94cf621c5a37d651c5ea5
Validity
Not Before: Jan 2 10:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b508888541beea864f3443251fca7671c160a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:1f:e5:ae:30:9d:cb:7d:d0:a6:16:5f:61:
61:61:66:71:cd:3c:60:8d:25:32:16:20:4b:b3:29:
a7:f7:05:32:0c:dc:be:51:4a:26:23:40:97:a5:86:
a3:1a:a1:fd:53:dc:18:a9:a4:78:05:3c:fd:97:06:
6d:08:99:52:97:57:c6:c7:2d:36:32:cb:ed:0e:4f:
cd:f1:f2:a9:4d:55:04:f3:46:1f:37:22:3f:c2:97:
fe:8a:b5:f8:72:19:b8:7f:d5:8c:8b:81:8f:b4:d1:
f7:b6:1c:d8:43:b6:50:78:20:58:b9:15:85:9d:ae:
75:1c:5b:78:36:45:f9:d5:ec:1b:fd:2b:c0:de:18:
4d:91:61:4d:2a:1b:65:1f:04:09:af:41:b9:53:df:
a5:6f:7b:98:5d:f5:b8:81:44:66:66:cf:25:af:7a:
09:03:a5:26:02:09:13:5f:4e:ee:e8:d9:da:b8:1d:
4e:74:9a:ba:c8:a8:e8:7b:e8:03:cd:ac:cf:c2:19:
fb:7f:34:0f:34:09:0c:23:e5:d1:bd:7a:ed:58:cd:
c6:47:68:51:30:7f:c4:10:71:e2:0b:6f:fc:a4:8c:
b2:0b:be:ac:1e:93:2d:cd:7b:c7:b3:64:ba:58:8b:
f3:03:75:59:d3:37:57:05:ab:dd:28:84:c3:53:c2:
6d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:50:88:88:54:1B:EE:A8:64:F3:44:32:51:FC:A7:67:1C:16:0A:73
X509v3 Authority Key Identifier:
keyid:54:85:C8:EF:03:7C:B8:97:C8:E9:4C:F6:21:C5:A3:7D:65:1C:5E:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VIXI7wN8uJfI6Uz2IcWjfWUcXqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0d6655-c0eb-4626-96d5-e63c91adce7f/1/a1CIiFQb7qhk80QyUfynZxwWCnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0d6655-c0eb-4626-96d5-e63c91adce7f/1/VIXI7wN8uJfI6Uz2IcWjfWUcXqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4cc::/48
Signature Algorithm: sha256WithRSAEncryption
6b:10:7a:cb:1f:11:12:1a:71:d7:74:34:c5:6a:04:94:db:68:
1e:4b:af:89:b3:6c:46:96:39:7c:40:c9:36:43:3e:68:7a:b9:
5a:b2:f1:79:ca:40:43:d6:f6:5a:31:52:09:d7:b5:65:e9:d8:
50:5f:b5:6c:15:5e:c2:57:d9:c3:d5:4f:59:16:a6:b6:0d:a9:
17:91:f5:1a:f2:31:99:81:c6:fe:7f:ef:e6:f2:88:55:88:8a:
0a:9c:02:d3:45:3f:7f:c5:f5:3d:e6:ac:75:d5:38:42:75:46:
32:47:48:25:75:3e:cd:d4:f4:bc:13:63:9e:3f:9f:77:1c:4b:
35:db:e5:74:87:80:5a:ba:53:1d:df:75:4e:79:b7:83:29:79:
9a:84:cc:eb:ac:f1:d5:bd:a8:52:60:7e:09:32:91:ab:81:fd:
fd:d8:e3:dc:6e:23:3e:d4:9f:c9:21:30:f9:e2:35:83:7f:1f:
39:bc:8b:2e:fb:58:77:47:b4:91:3a:22:c8:3b:69:f3:d1:fe:
76:c0:89:2f:61:9d:55:06:0c:7d:04:25:c0:4a:f7:20:f5:45:
8a:dd:73:d0:f1:ff:de:23:ed:4b:f4:10:09:76:a0:df:58:04:
5e:2c:64:82:a7:9b:67:c5:eb:88:ab:d2:c4:d0:e2:c6:07:57:
6f:43:e0:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx8Pyrx99T/xm7tKJVOGKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ODVjOGVmMDM3Y2I4OTdjOGU5NGNmNjIxYzVhMzdkNjUx
YzVlYTUwHhcNMjMwMTAyMTAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUwODg4ODU0MWJlZWE4NjRmMzQ0MzI1MWZjYTc2NzFjMTYwYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphUf5a4wnct90KYWX2FhYWZxzTxg
jSUyFiBLsymn9wUyDNy+UUomI0CXpYajGqH9U9wYqaR4BTz9lwZtCJlSl1fGxy02
MsvtDk/N8fKpTVUE80YfNyI/wpf+irX4chm4f9WMi4GPtNH3thzYQ7ZQeCBYuRWF
na51HFt4NkX51ewb/SvA3hhNkWFNKhtlHwQJr0G5U9+lb3uYXfW4gURmZs8lr3oJ
A6UmAgkTX07u6NnauB1OdJq6yKjoe+gDzazPwhn7fzQPNAkMI+XRvXrtWM3GR2hR
MH/EEHHiC2/8pIyyC76sHpMtzXvHs2S6WIvzA3VZ0zdXBavdKITDU8JtQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGtQiIhUG+6oZPNEMlH8p2ccFgpzMB8GA1UdIwQY
MBaAFFSFyO8DfLiXyOlM9iHFo31lHF6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVklYSTd3Tjh1SmZJNlV6MkljV2pmV1VjWHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wZDY2NTUtYzBlYi00NjI2LTk2ZDUt
ZTYzYzkxYWRjZTdmLzEvYTFDSWlGUWI3cWhrODBReVVmeW5aeHdXQ25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wZDY2NTUtYzBlYi00NjI2LTk2ZDUtZTYzYzkxYWRjZTdm
LzEvVklYSTd3Tjh1SmZJNlV6MkljV2pmV1VjWHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeATM
MA0GCSqGSIb3DQEBCwUAA4IBAQBrEHrLHxESGnHXdDTFagSU22geS6+Js2xGljl8
QMk2Qz5oerlasvF5ykBD1vZaMVIJ17Vl6dhQX7VsFV7CV9nD1U9ZFqa2DakXkfUa
8jGZgcb+f+/m8ohViIoKnALTRT9/xfU95qx11ThCdUYyR0gldT7N1PS8E2OeP593
HEs12+V0h4BaulMd33VOebeDKXmahMzrrPHVvahSYH4JMpGrgf392OPcbiM+1J/J
ITD54jWDfx85vIsu+1h3R7SROiLIO2nz0f52wIkvYZ1VBgx9BCXASvcg9UWK3XPQ
8f/eI+1L9BAJdqDfWAReLGSCp5tnxeuIq9LE0OLGB1dvQ+Cq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:54 2025 by rpki-client