Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/1L5UubJqsZNHFznbfdDTCcDOCDA.roa
File: 1L5UubJqsZNHFznbfdDTCcDOCDA.roa (raw, json)
Hash identifier: uXjU7loYjpI359Z04KPRH8HqjtV/rcYbPoj7UePSTMs=
Subject key identifier: D4:BE:54:B9:B2:6A:B1:93:47:17:39:DB:7D:D0:D3:09:C0:CE:08:30
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F46711305716D2AAE7A189B181B417F
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/1L5UubJqsZNHFznbfdDTCcDOCDA.roa
Signing time: Fri 17 Feb 2023 12:08:17 +0000
ROA not before: Fri 17 Feb 2023 12:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207021
IP address blocks: 2a02:850:ffe2::/48 maxlen: 48
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:46:71:13:05:71:6d:2a:ae:7a:18:9b:18:1b:41:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 12:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4be54b9b26ab193471739db7dd0d309c0ce0830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:60:27:a9:a7:1a:3b:a5:4d:56:db:fb:df:ec:
d5:56:5d:9c:aa:d6:27:23:cb:26:83:bc:7d:ef:53:
23:e4:f1:26:a3:02:a8:a7:a8:09:69:fb:13:4e:51:
2e:a3:ce:b7:1a:81:72:74:b1:49:b0:d8:d8:03:75:
39:6a:97:2f:ad:36:c1:77:43:8e:dd:60:52:75:25:
f9:7c:0a:b8:ae:bc:0b:28:88:05:8e:11:bb:b4:a4:
72:26:5f:df:3d:ea:33:92:b6:53:dc:86:8d:72:7f:
07:3b:b4:94:2d:a4:fc:a0:ab:76:dc:86:12:8d:eb:
82:9a:f6:61:6d:5e:c7:ff:7f:62:92:6e:c3:40:fb:
b1:d6:b8:24:e8:d4:16:b7:8f:e8:ba:16:ee:51:f3:
27:55:17:9f:45:17:98:ec:8f:00:86:57:f4:69:c0:
3a:f3:14:2c:86:79:14:7b:6b:b2:a6:a2:c4:1d:90:
74:7b:74:02:ec:30:af:1a:6c:64:09:7e:52:5a:07:
ff:bb:bd:b5:13:b7:57:05:3a:b2:98:11:85:b8:7d:
0f:4e:a2:b2:a5:fa:96:95:c1:07:60:7a:4d:90:f9:
de:0c:23:82:a0:20:cf:df:ad:fe:c8:41:c4:f8:28:
e4:d9:f1:1c:cb:d1:88:34:d9:ed:48:a3:8e:66:28:
05:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BE:54:B9:B2:6A:B1:93:47:17:39:DB:7D:D0:D3:09:C0:CE:08:30
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/1L5UubJqsZNHFznbfdDTCcDOCDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
a0:e6:ae:1d:70:1c:92:e2:c7:80:01:b0:24:d8:38:fe:11:3f:
0b:30:e2:4e:47:f2:92:46:c4:e9:d1:cc:ff:d2:42:f6:3e:f6:
6b:6e:92:b2:20:96:10:3a:ef:6b:ed:d6:5e:aa:3d:9a:a8:90:
3a:f5:cf:aa:71:cb:70:af:51:b7:37:88:3c:18:69:90:4c:53:
ab:1c:34:f2:01:95:ce:72:18:27:70:bd:9d:73:b1:f6:90:ed:
69:aa:42:89:e7:e4:5b:15:f5:5c:23:55:ed:65:c7:26:81:98:
76:6a:18:ba:e4:d3:4d:ac:2b:7c:b0:e8:0f:54:2d:00:17:04:
05:bc:14:81:5e:14:b5:83:d5:73:b7:a3:d6:09:85:5f:0c:84:
c3:e5:d6:b8:b8:41:1d:44:3d:ac:69:e2:85:0f:d6:29:00:ea:
fd:b3:ec:18:0b:5f:53:d8:df:ad:58:d1:62:1d:b3:e6:c5:5f:
f1:a7:8a:9d:86:94:71:71:40:f3:a6:59:24:bc:1c:63:61:bf:
97:54:23:9d:17:ef:47:85:dc:0e:42:8f:36:2b:a6:62:1f:a7:
32:d0:50:5e:c8:e4:39:e4:94:cb:e1:14:f4:f2:c2:e9:07:e8:
26:51:e9:22:56:27:1b:e4:e4:65:33:dd:52:d7:d0:64:f2:26:
c1:99:00:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZfRnETBXFtKq56GJsYG0F/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTIwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGJlNTRiOWIyNmFiMTkzNDcxNzM5ZGI3ZGQwZDMwOWMwY2UwODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGAnqacaO6VNVtv73+zVVl2cqtYn
I8smg7x971Mj5PEmowKop6gJafsTTlEuo863GoFydLFJsNjYA3U5apcvrTbBd0OO
3WBSdSX5fAq4rrwLKIgFjhG7tKRyJl/fPeozkrZT3IaNcn8HO7SULaT8oKt23IYS
jeuCmvZhbV7H/39ikm7DQPux1rgk6NQWt4/ouhbuUfMnVRefRReY7I8Ahlf0acA6
8xQshnkUe2uypqLEHZB0e3QC7DCvGmxkCX5SWgf/u721E7dXBTqymBGFuH0PTqKy
pfqWlcEHYHpNkPneDCOCoCDP363+yEHE+Cjk2fEcy9GINNntSKOOZigFgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNS+VLmyarGTRxc5233Q0wnAzggwMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvMUw1VXViSnFzWk5IRnpuYmZkRFRDY0RPQ0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeAAg
AwcAIAEGfAG8AwcDKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQCg5q4dcByS4seA
AbAk2Dj+ET8LMOJOR/KSRsTp0cz/0kL2PvZrbpKyIJYQOu9r7dZeqj2aqJA69c+q
cctwr1G3N4g8GGmQTFOrHDTyAZXOchgncL2dc7H2kO1pqkKJ5+RbFfVcI1XtZccm
gZh2ahi65NNNrCt8sOgPVC0AFwQFvBSBXhS1g9Vzt6PWCYVfDITD5da4uEEdRD2s
aeKFD9YpAOr9s+wYC19T2N+tWNFiHbPmxV/xp4qdhpRxcUDzplkkvBxjYb+XVCOd
F+9HhdwOQo82K6ZiH6cy0FBeyOQ55JTL4RT08sLpB+gmUekiVicb5ORlM91S19Bk
8ibBmQCJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:01:24 2025 by rpki-client