Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/1d09e6-ae7b-434c-99ec-738c7492f768/1/ctRODrOsHk8qtRVa1wQeVi4JnTc.roa
File: ctRODrOsHk8qtRVa1wQeVi4JnTc.roa (raw, json)
Hash identifier: 4hJYJLxe6ekCJepjco2CwvWjUJh5eCybU5HZQ2KgENg=
Subject key identifier: 72:D4:4E:0E:B3:AC:1E:4F:2A:B5:15:5A:D7:04:1E:56:2E:09:9D:37
Certificate issuer: /CN=f5314c1f9e1193c2025cb672b523573978d254d9
Certificate serial: 018682B4D338865B554E165F797DE17139FE
Authority key identifier: F5:31:4C:1F:9E:11:93:C2:02:5C:B6:72:B5:23:57:39:78:D2:54:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TFMH54Rk8ICXLZytSNXOXjSVNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/1d09e6-ae7b-434c-99ec-738c7492f768/1/ctRODrOsHk8qtRVa1wQeVi4JnTc.roa
Signing time: Fri 24 Feb 2023 09:15:33 +0000
ROA not before: Fri 24 Feb 2023 09:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20626
IP address blocks: 2001:67c:2524::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:b4:d3:38:86:5b:55:4e:16:5f:79:7d:e1:71:39:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5314c1f9e1193c2025cb672b523573978d254d9
Validity
Not Before: Feb 24 09:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d44e0eb3ac1e4f2ab5155ad7041e562e099d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f0:60:20:53:94:8e:0e:ad:de:e9:59:66:0a:
45:ce:03:cd:93:1a:ae:66:aa:62:d7:ce:bd:de:e4:
49:f0:32:ab:00:8c:9d:85:37:b8:4a:4e:42:60:5e:
8a:98:dd:5e:b0:0b:cb:63:ba:76:f1:86:ad:f4:63:
99:a3:88:dd:41:f7:16:bf:39:c9:e2:73:38:7c:bb:
51:09:5c:77:95:f1:e2:80:ea:8a:77:21:b4:7d:96:
f9:f1:e7:42:a7:dc:72:8f:20:29:e5:05:c1:77:80:
e9:8f:2a:d7:f3:be:28:56:83:b1:5c:19:f7:1f:e3:
5b:fe:6b:54:91:13:48:08:64:01:7e:a6:c2:f9:85:
c2:dc:e6:fb:02:17:a6:5f:76:15:9a:bd:6e:f9:a4:
d6:91:9a:0d:ab:02:98:2a:b3:c2:ea:13:6a:cc:72:
c0:35:fd:32:cf:33:ea:5b:a2:29:c2:63:51:76:b3:
99:61:59:7f:2d:62:37:6b:d1:cc:8f:c3:fa:65:4d:
3c:36:d1:52:98:d7:42:6a:8d:07:48:23:25:b2:2f:
a8:26:4f:a2:ea:0f:e8:34:91:52:68:f6:20:69:25:
58:52:c3:2f:62:91:6b:fd:6c:7a:48:62:f3:f6:b1:
07:42:2a:a9:56:f4:ed:23:ce:53:f7:14:ee:42:99:
f5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D4:4E:0E:B3:AC:1E:4F:2A:B5:15:5A:D7:04:1E:56:2E:09:9D:37
X509v3 Authority Key Identifier:
keyid:F5:31:4C:1F:9E:11:93:C2:02:5C:B6:72:B5:23:57:39:78:D2:54:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TFMH54Rk8ICXLZytSNXOXjSVNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/1d09e6-ae7b-434c-99ec-738c7492f768/1/ctRODrOsHk8qtRVa1wQeVi4JnTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/1d09e6-ae7b-434c-99ec-738c7492f768/1/9TFMH54Rk8ICXLZytSNXOXjSVNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2524::/48
Signature Algorithm: sha256WithRSAEncryption
5b:70:07:8a:1c:72:d3:97:d7:be:05:75:8a:9d:e4:ba:f3:5c:
d1:9b:59:e4:ad:16:8b:4c:b1:96:82:ae:14:38:75:f2:50:ca:
f5:4b:e7:29:85:2b:fa:e4:e7:fd:04:9b:61:5f:36:3f:3a:fb:
7a:8d:60:78:36:f9:60:70:65:6c:3a:01:1a:cf:fd:5a:3d:cd:
89:e7:52:b6:99:d9:a8:a9:1c:2b:fc:54:f5:72:86:23:93:f5:
c9:ad:0e:6e:f3:76:5c:d0:3d:de:df:02:08:78:0f:7f:81:03:
89:a3:dc:b7:d6:cd:0d:68:c5:f2:22:3b:ce:03:c9:82:71:e7:
18:cb:7b:42:b8:cc:08:77:3e:fd:16:1e:b7:5b:ef:bb:4a:b7:
4f:77:0a:ae:c9:f0:a7:6d:74:8a:00:08:de:fc:55:25:2b:39:
0c:24:c9:ae:a8:36:04:5c:aa:37:08:a3:32:b4:e0:39:52:e8:
65:7c:92:3c:bf:1f:19:c5:ff:1a:c4:43:f3:6c:ca:57:20:34:
06:81:7b:6b:db:43:fc:91:b3:16:a3:eb:c3:c4:b9:2e:6a:28:
a2:2b:ce:10:51:5a:2c:de:f4:b0:a5:ef:86:73:f6:03:a2:f9:
1f:f1:cc:04:bf:62:fa:3a:64:be:77:c3:e5:fe:6b:99:47:bb:
12:a4:6d:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaCtNM4hltVThZfeX3hcTn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzE0YzFmOWUxMTkzYzIwMjVjYjY3MmI1MjM1NzM5Nzhk
MjU0ZDkwHhcNMjMwMjI0MDkxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ0NGUwZWIzYWMxZTRmMmFiNTE1NWFkNzA0MWU1NjJlMDk5ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/BgIFOUjg6t3ulZZgpFzgPNkxqu
Zqpi18693uRJ8DKrAIydhTe4Sk5CYF6KmN1esAvLY7p28Yat9GOZo4jdQfcWvznJ
4nM4fLtRCVx3lfHigOqKdyG0fZb58edCp9xyjyAp5QXBd4DpjyrX874oVoOxXBn3
H+Nb/mtUkRNICGQBfqbC+YXC3Ob7AhemX3YVmr1u+aTWkZoNqwKYKrPC6hNqzHLA
Nf0yzzPqW6IpwmNRdrOZYVl/LWI3a9HMj8P6ZU08NtFSmNdCao0HSCMlsi+oJk+i
6g/oNJFSaPYgaSVYUsMvYpFr/Wx6SGLz9rEHQiqpVvTtI85T9xTuQpn1owIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHLUTg6zrB5PKrUVWtcEHlYuCZ03MB8GA1UdIwQY
MBaAFPUxTB+eEZPCAly2crUjVzl40lTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVRGTUg1NFJrOElDWExaeXRTTlhPWGpTVk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8xZDA5ZTYtYWU3Yi00MzRjLTk5ZWMt
NzM4Yzc0OTJmNzY4LzEvY3RST0RyT3NIazhxdFJWYTF3UWVWaTRKblRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8xZDA5ZTYtYWU3Yi00MzRjLTk5ZWMtNzM4Yzc0OTJmNzY4
LzEvOVRGTUg1NFJrOElDWExaeXRTTlhPWGpTVk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCUk
MA0GCSqGSIb3DQEBCwUAA4IBAQBbcAeKHHLTl9e+BXWKneS681zRm1nkrRaLTLGW
gq4UOHXyUMr1S+cphSv65Of9BJthXzY/Ovt6jWB4NvlgcGVsOgEaz/1aPc2J51K2
mdmoqRwr/FT1coYjk/XJrQ5u83Zc0D3e3wIIeA9/gQOJo9y31s0NaMXyIjvOA8mC
cecYy3tCuMwIdz79Fh63W++7SrdPdwquyfCnbXSKAAje/FUlKzkMJMmuqDYEXKo3
CKMytOA5UuhlfJI8vx8Zxf8axEPzbMpXIDQGgXtr20P8kbMWo+vDxLkuaiiiK84Q
UVos3vSwpe+Gc/YDovkf8cwEv2L6OmS+d8Pl/muZR7sSpG0L
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:13 2025 by rpki-client