Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/09274f-baeb-461e-bca7-ab01c5f2ed7d/1/1-d6oDxjmR7GS2YP5i1gGEoied4Y.roa
File: 1-d6oDxjmR7GS2YP5i1gGEoied4Y.roa (raw, json)
Hash identifier: KZmB3YqL296p6y+TfUtpxkJ66mVN1E2qkJJ+vhtgOmo=
Subject key identifier: F9:DE:A8:0F:18:E6:47:B1:92:D9:83:F9:8B:58:06:12:88:9E:77:86
Certificate issuer: /CN=54e73f21fecf8f8c505892f7064de1a0a4cf8e7f
Certificate serial: 01856CAEFB7AE8A1F9EC318D1D748B67634F
Authority key identifier: 54:E7:3F:21:FE:CF:8F:8C:50:58:92:F7:06:4D:E1:A0:A4:CF:8E:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VOc_If7Pj4xQWJL3Bk3hoKTPjn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/09274f-baeb-461e-bca7-ab01c5f2ed7d/1/1-d6oDxjmR7GS2YP5i1gGEoied4Y.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62430
IP address blocks: 2001:67c:9ec::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fb:7a:e8:a1:f9:ec:31:8d:1d:74:8b:67:63:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54e73f21fecf8f8c505892f7064de1a0a4cf8e7f
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9dea80f18e647b192d983f98b580612889e7786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:74:cd:53:62:1f:61:75:2d:88:4a:06:6f:
7d:d7:62:23:a6:66:0c:f0:d0:c7:19:85:75:94:a4:
9b:e8:56:a9:8f:b8:09:78:db:98:91:d9:a2:97:49:
92:43:9c:c0:a1:7f:2d:f2:01:bf:d3:8c:63:25:90:
59:f3:86:a2:21:a2:dc:f7:b9:01:d7:c8:31:c0:6e:
91:5b:ce:4c:d5:a6:3e:8f:2a:6a:19:52:ca:be:7b:
9b:e1:05:5d:5c:96:aa:a4:e4:29:1c:97:6b:2f:e3:
9d:dd:1e:80:66:98:fd:6e:b0:6b:43:58:a0:f4:5b:
10:e7:03:55:9c:c0:8a:a6:48:46:3d:43:2d:82:6e:
a8:f4:38:c3:9e:51:1b:ed:5a:10:28:d7:25:a5:12:
52:6a:20:d4:b1:63:35:0e:07:c9:1f:0e:78:74:b8:
5a:cb:f5:f7:58:48:63:fa:9d:41:54:34:6b:da:1e:
26:f7:3d:b3:60:07:6a:97:bb:e9:be:99:c0:2d:b4:
8d:16:69:ff:00:a7:3e:dc:ce:32:37:41:55:d8:1c:
2b:8d:9b:b7:a5:fc:e7:7e:47:d7:41:30:85:c1:93:
2b:98:9d:31:05:bd:70:57:c9:3b:0b:08:b0:37:7a:
9f:b1:0c:64:88:8d:e3:f9:85:e8:d0:37:7e:d1:7c:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DE:A8:0F:18:E6:47:B1:92:D9:83:F9:8B:58:06:12:88:9E:77:86
X509v3 Authority Key Identifier:
keyid:54:E7:3F:21:FE:CF:8F:8C:50:58:92:F7:06:4D:E1:A0:A4:CF:8E:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VOc_If7Pj4xQWJL3Bk3hoKTPjn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/09274f-baeb-461e-bca7-ab01c5f2ed7d/1/1-d6oDxjmR7GS2YP5i1gGEoied4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/09274f-baeb-461e-bca7-ab01c5f2ed7d/1/VOc_If7Pj4xQWJL3Bk3hoKTPjn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9ec::/48
Signature Algorithm: sha256WithRSAEncryption
97:25:f5:dc:a6:78:47:b1:63:c2:0c:79:a7:64:fc:cd:1b:92:
75:87:3a:e2:b7:a3:58:92:0b:00:78:95:80:7b:d3:de:08:55:
9f:3e:f9:7f:21:03:42:f8:4e:25:dd:75:2d:af:7e:25:86:5a:
e3:57:93:6f:4d:8c:73:5c:9c:d8:9a:d4:93:4b:c0:4f:b7:fe:
4a:d6:f3:f1:47:b2:a7:a0:23:6a:77:81:ce:0b:53:95:9c:12:
1e:32:7d:1b:0f:4e:a0:4e:c5:d5:a1:6f:d3:aa:72:92:f9:e3:
4e:83:1c:fe:7e:64:4f:07:59:2c:ea:64:b2:f4:34:08:86:65:
72:4e:0b:1b:6d:80:a5:88:3e:fa:38:f7:39:b2:77:ff:ee:43:
2c:dd:71:31:52:47:43:1b:d8:01:9f:39:3e:54:26:40:46:84:
dc:83:0b:a9:f6:36:30:f9:92:b2:7b:36:33:27:a0:51:9b:e3:
4a:91:a2:a7:f4:3a:8a:0d:e0:71:ee:da:b0:b7:92:04:ed:63:
36:fa:04:56:fa:53:72:22:62:3f:9d:13:b4:50:80:6d:7a:5f:
96:8a:41:b6:55:96:8a:3e:12:48:41:6b:c2:d7:ec:c2:16:4b:
0a:d2:2f:8c:c4:62:cd:81:5d:8e:0a:ed:5e:4f:8f:33:e0:55:
d9:50:6c:4a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVsrvt66KH57DGNHXSLZ2NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZTczZjIxZmVjZjhmOGM1MDU4OTJmNzA2NGRlMWEwYTRj
ZjhlN2YwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRlYTgwZjE4ZTY0N2IxOTJkOTgzZjk4YjU4MDYxMjg4OWU3Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06B0zVNiH2F1LYhKBm9912IjpmYM
8NDHGYV1lKSb6Fapj7gJeNuYkdmil0mSQ5zAoX8t8gG/04xjJZBZ84aiIaLc97kB
18gxwG6RW85M1aY+jypqGVLKvnub4QVdXJaqpOQpHJdrL+Od3R6AZpj9brBrQ1ig
9FsQ5wNVnMCKpkhGPUMtgm6o9DjDnlEb7VoQKNclpRJSaiDUsWM1DgfJHw54dLha
y/X3WEhj+p1BVDRr2h4m9z2zYAdql7vpvpnALbSNFmn/AKc+3M4yN0FV2BwrjZu3
pfznfkfXQTCFwZMrmJ0xBb1wV8k7CwiwN3qfsQxkiI3j+YXo0Dd+0Xxz6QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPneqA8Y5kexktmD+YtYBhKInneGMB8GA1UdIwQY
MBaAFFTnPyH+z4+MUFiS9wZN4aCkz45/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk9jX0lmN1BqNHhRV0pMM0JrM2hvS1RQam44LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8wOTI3NGYtYmFlYi00NjFlLWJjYTct
YWIwMWM1ZjJlZDdkLzEvMS1kNm9EeGptUjdHUzJZUDVpMWdHRW9pZWQ0WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvMDkyNzRmLWJhZWItNDYxZS1iY2E3LWFiMDFjNWYyZWQ3
ZC8xL1ZPY19JZjdQajR4UVdKTDNCazNob0tUUGpuOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwJ
7DANBgkqhkiG9w0BAQsFAAOCAQEAlyX13KZ4R7Fjwgx5p2T8zRuSdYc64rejWJIL
AHiVgHvT3ghVnz75fyEDQvhOJd11La9+JYZa41eTb02Mc1yc2JrUk0vAT7f+Stbz
8Ueyp6AjaneBzgtTlZwSHjJ9Gw9OoE7F1aFv06pykvnjToMc/n5kTwdZLOpksvQ0
CIZlck4LG22ApYg++jj3ObJ3/+5DLN1xMVJHQxvYAZ85PlQmQEaE3IMLqfY2MPmS
sns2MyegUZvjSpGip/Q6ig3gce7asLeSBO1jNvoEVvpTciJiP50TtFCAbXpflopB
tlWWij4SSEFrwtfswhZLCtIvjMRizYFdjgrtXk+PM+BV2VBsSg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:22 2025 by rpki-client