Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Dw69btZeosE2C0MF9ZKaL9ZpIGo.roa
File: Dw69btZeosE2C0MF9ZKaL9ZpIGo.roa (raw, json)
Hash identifier: XjAsjAxro4MxTSYZPDExeltBKCKGwFSahjZC1Rl4rcE=
Subject key identifier: 0F:0E:BD:6E:D6:5E:A2:C1:36:0B:43:05:F5:92:9A:2F:D6:69:20:6A
Certificate issuer: /CN=435c3f1a97903e796292a2ac7a78d41b1c21db85
Certificate serial: FC520F
Authority key identifier: 43:5C:3F:1A:97:90:3E:79:62:92:A2:AC:7A:78:D4:1B:1C:21:DB:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1w_GpeQPnlikqKsenjUGxwh24U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Dw69btZeosE2C0MF9ZKaL9ZpIGo.roa
Signing time: Wed 02 Feb 2022 01:24:39 +0000
ROA not before: Wed 02 Feb 2022 01:24:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62256
IP address blocks: 2001:67c:920::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16536079 (0xfc520f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435c3f1a97903e796292a2ac7a78d41b1c21db85
Validity
Not Before: Feb 2 01:24:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f0ebd6ed65ea2c1360b4305f5929a2fd669206a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5e:a6:f2:1c:ee:74:8c:fe:85:9b:77:ec:9f:
c9:3b:f7:e8:f1:ff:a6:50:77:19:75:bf:ad:d7:d8:
70:f0:d9:d0:58:95:0e:f3:82:b3:1f:0c:ef:58:8c:
b7:93:3b:4f:c1:89:c9:96:dc:45:83:9a:dd:6d:19:
10:73:cb:97:db:1c:d5:f5:68:21:c0:42:e6:d4:5c:
5f:99:b6:38:5f:9b:f7:ff:27:03:a3:ca:55:6e:27:
36:b3:af:27:a3:64:e0:45:95:55:eb:de:0e:83:ab:
10:7e:88:8b:d7:d4:86:3b:49:d3:23:76:9f:57:8a:
c6:3e:62:00:f5:bd:51:a1:07:00:95:cc:c6:ad:6a:
81:0d:ab:ac:42:ba:a3:1f:27:e8:89:68:a8:2e:48:
7b:e0:70:6a:03:b5:c5:02:57:48:a0:2a:2d:e5:71:
4f:3e:98:c8:d6:66:78:27:ec:bc:b6:69:c8:ca:97:
43:b0:95:7e:dd:37:b6:93:77:37:6d:c8:79:56:de:
a3:22:f5:ed:e9:11:48:a0:b6:e5:e3:c6:20:2b:88:
c4:e3:bd:d3:4f:96:e5:04:62:6d:2b:a4:18:b8:40:
02:66:1e:26:51:77:e0:40:d0:31:a1:b9:6c:53:4b:
f9:ae:7d:b3:77:99:be:eb:00:7f:f5:02:23:54:c4:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:0E:BD:6E:D6:5E:A2:C1:36:0B:43:05:F5:92:9A:2F:D6:69:20:6A
X509v3 Authority Key Identifier:
keyid:43:5C:3F:1A:97:90:3E:79:62:92:A2:AC:7A:78:D4:1B:1C:21:DB:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1w_GpeQPnlikqKsenjUGxwh24U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Dw69btZeosE2C0MF9ZKaL9ZpIGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d8adbe-dcbe-4c27-9671-dbdeb3d5360b/1/Q1w_GpeQPnlikqKsenjUGxwh24U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:920::/48
Signature Algorithm: sha256WithRSAEncryption
33:e0:11:9b:b3:4b:a8:9b:df:40:4b:30:2c:76:59:ff:1e:fc:
51:f1:f3:6a:98:3a:cd:65:02:03:6f:4e:a1:d0:cf:80:9a:0c:
67:bd:01:b7:da:65:d4:f5:ac:17:58:45:26:e7:f7:d0:68:bd:
82:27:fe:fa:c1:3a:c4:d2:8b:3a:5d:41:71:f7:94:ee:96:b7:
3e:cc:12:04:34:b7:41:44:33:4a:4a:d7:6e:32:72:39:6f:78:
96:ec:f8:42:36:53:4c:d7:dd:ae:0e:2f:c1:54:1a:7c:c5:91:
8f:c9:85:10:55:82:d1:57:b2:f5:7d:9a:e4:8a:5c:d0:74:ec:
57:c2:84:43:9b:0a:60:dc:cc:91:20:c2:77:5b:24:ec:28:f7:
c7:31:40:18:91:b9:a2:af:d7:3e:c0:c9:7e:43:89:67:e9:54:
6b:18:49:c5:94:d6:ef:a9:a9:fd:22:55:5f:a3:c2:e8:0f:e7:
7c:79:26:30:9a:b8:e1:b2:c5:35:2a:3e:b8:11:29:61:75:6f:
96:fc:e5:40:41:d6:fd:de:d0:26:82:08:f9:03:7f:54:c9:c1:
f7:b4:2a:a9:51:08:0b:20:9b:84:da:50:d3:4a:2c:e7:be:c6:
6f:cc:45:6c:fe:54:28:1d:71:83:9e:ec:1a:88:b1:d0:a7:c8:
54:59:e4:38
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAPxSDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzVjM2YxYTk3OTAzZTc5NjI5MmEyYWM3YTc4ZDQxYjFjMjFkYjg1MB4XDTIyMDIw
MjAxMjQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYwZWJkNmVkNjVl
YTJjMTM2MGI0MzA1ZjU5MjlhMmZkNjY5MjA2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZepvIc7nSM/oWbd+yfyTv36PH/plB3GXW/rdfYcPDZ0FiV
DvOCsx8M71iMt5M7T8GJyZbcRYOa3W0ZEHPLl9sc1fVoIcBC5tRcX5m2OF+b9/8n
A6PKVW4nNrOvJ6Nk4EWVVeveDoOrEH6Ii9fUhjtJ0yN2n1eKxj5iAPW9UaEHAJXM
xq1qgQ2rrEK6ox8n6IloqC5Ie+BwagO1xQJXSKAqLeVxTz6YyNZmeCfsvLZpyMqX
Q7CVft03tpN3N23IeVbeoyL17ekRSKC25ePGICuIxOO900+W5QRibSukGLhAAmYe
JlF34EDQMaG5bFNL+a59s3eZvusAf/UCI1TEoUkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQPDr1u1l6iwTYLQwX1kpov1mkgajAfBgNVHSMEGDAWgBRDXD8al5A+eWKS
oqx6eNQbHCHbhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Exd19HcGVRUG5saWtxS3NlbmpVR3h3aDI0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvZDhhZGJlLWRjYmUtNGMyNy05NjcxLWRiZGViM2Q1MzYwYi8x
L0R3NjlidFplb3NFMkMwTUY5WkthTDlacElHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
ZDhhZGJlLWRjYmUtNGMyNy05NjcxLWRiZGViM2Q1MzYwYi8xL1Exd19HcGVRUG5s
aWtxS3NlbmpVR3h3aDI0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwJIDANBgkqhkiG9w0BAQsF
AAOCAQEAM+ARm7NLqJvfQEswLHZZ/x78UfHzapg6zWUCA29OodDPgJoMZ70Bt9pl
1PWsF1hFJuf30Gi9gif++sE6xNKLOl1BcfeU7pa3PswSBDS3QUQzSkrXbjJyOW94
luz4QjZTTNfdrg4vwVQafMWRj8mFEFWC0Vey9X2a5Ipc0HTsV8KEQ5sKYNzMkSDC
d1sk7Cj3xzFAGJG5oq/XPsDJfkOJZ+lUaxhJxZTW76mp/SJVX6PC6A/nfHkmMJq4
4bLFNSo+uBEpYXVvlvzlQEHW/d7QJoII+QN/VMnB97QqqVEICyCbhNpQ00os577G
b8xFbP5UKB1xg57sGoix0KfIVFnkOA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:46 2025 by rpki-client