Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3e62d8-9e41-4f86-9313-615cb372e077/1/3nz0YVAUSYDtEaoFpsiGH1LMyP8.roa
File: 3nz0YVAUSYDtEaoFpsiGH1LMyP8.roa (raw, json)
Hash identifier: Kur4jgpaUq539VpIgFj8/CHjdo51z7ItwfTI4nPo0Kg=
Subject key identifier: DE:7C:F4:61:50:14:49:80:ED:11:AA:05:A6:C8:86:1F:52:CC:C8:FF
Certificate issuer: /CN=1d3b64d95f6131682b9905c440a785a60a8ac8b8
Certificate serial: 018A9907A6B7DA27DAD1B485E055B172D065
Authority key identifier: 1D:3B:64:D9:5F:61:31:68:2B:99:05:C4:40:A7:85:A6:0A:8A:C8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HTtk2V9hMWgrmQXEQKeFpgqKyLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/3e62d8-9e41-4f86-9313-615cb372e077/1/3nz0YVAUSYDtEaoFpsiGH1LMyP8.roa
Signing time: Fri 15 Sep 2023 13:28:50 +0000
ROA not before: Fri 15 Sep 2023 13:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216295
IP address blocks: 2001:67c:d28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:99:07:a6:b7:da:27:da:d1:b4:85:e0:55:b1:72:d0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d3b64d95f6131682b9905c440a785a60a8ac8b8
Validity
Not Before: Sep 15 13:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de7cf46150144980ed11aa05a6c8861f52ccc8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1b:35:ef:bd:da:d6:f0:b3:e0:81:66:f9:50:
67:0a:3e:63:40:13:16:1f:32:79:43:95:f7:cd:96:
94:4f:d9:1e:12:2a:2c:e4:1c:32:15:0f:c1:13:b5:
7c:19:57:1a:a8:65:ab:3a:86:5a:83:6b:21:f6:2e:
65:6a:88:9a:9d:f7:d8:42:8f:bd:b7:09:e1:25:61:
fe:18:16:b2:02:c9:5c:d0:fc:89:2f:38:c3:a4:ab:
20:66:5e:1e:cd:32:07:24:7e:3a:ac:43:7d:23:12:
2d:76:74:a1:3b:92:45:dd:9d:45:10:28:bb:00:5a:
21:c4:fd:05:ac:dd:11:e7:d7:c2:6f:a9:58:db:d3:
0f:e4:e6:5b:64:e0:57:39:61:d2:f3:90:8b:25:10:
52:2a:a0:d1:fb:05:c1:cd:59:21:64:bb:bd:76:42:
1f:d6:6b:84:5d:2e:2a:63:39:1b:2f:10:ee:65:bd:
55:8d:a8:4b:2e:c8:34:45:21:4e:a4:e0:35:74:21:
8b:d5:a2:cd:c2:11:b4:a6:fb:fe:8c:da:36:20:c5:
a2:63:95:a1:ef:ee:22:a4:8d:86:3e:c5:d4:e0:70:
9d:5a:13:84:61:3a:ce:44:4e:fa:8b:43:87:e7:e2:
8e:36:9a:1f:aa:4e:d6:8e:25:d9:6b:2b:30:ac:72:
e0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7C:F4:61:50:14:49:80:ED:11:AA:05:A6:C8:86:1F:52:CC:C8:FF
X509v3 Authority Key Identifier:
keyid:1D:3B:64:D9:5F:61:31:68:2B:99:05:C4:40:A7:85:A6:0A:8A:C8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HTtk2V9hMWgrmQXEQKeFpgqKyLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3e62d8-9e41-4f86-9313-615cb372e077/1/3nz0YVAUSYDtEaoFpsiGH1LMyP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3e62d8-9e41-4f86-9313-615cb372e077/1/HTtk2V9hMWgrmQXEQKeFpgqKyLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d28::/48
Signature Algorithm: sha256WithRSAEncryption
5e:c2:12:f0:2d:aa:23:10:bf:41:3b:29:8b:d5:b6:4e:dc:a5:
70:38:f9:4a:38:d3:9f:bb:05:f5:b2:25:10:04:22:a3:11:ce:
40:6b:0a:e2:53:11:b6:2d:14:33:bb:74:81:22:2d:ab:30:e4:
ef:8e:e0:53:48:4c:99:8d:87:97:e4:16:18:27:f9:37:c5:bc:
b3:e5:16:70:6a:cc:96:7e:76:09:5d:cf:d3:80:75:39:f6:92:
72:b4:51:65:ba:16:7a:9a:77:07:84:32:74:60:1d:d0:bb:9e:
f7:52:52:10:68:0e:58:75:9f:2e:4c:4a:7a:17:ff:64:a1:99:
db:6d:ea:a6:f5:f8:79:80:41:fe:9d:90:fc:34:9b:04:d0:c4:
11:7b:c7:b1:2b:00:c9:9a:ac:1e:88:50:1c:fb:3b:97:d6:66:
7d:4e:39:b9:fd:ff:65:2b:2e:79:5b:b5:44:cf:a5:c8:3a:eb:
b0:be:42:25:2b:f7:db:41:b1:a5:c5:79:9c:ab:dd:37:d1:fd:
fb:91:85:79:14:5d:32:bf:8d:dc:68:1c:76:31:b7:8e:1c:c0:
3c:d9:86:4f:9c:a3:ee:68:52:27:d2:9f:29:43:50:56:f4:ea:
12:54:a8:cb:6e:f7:f7:40:ed:d1:a7:0a:df:70:c0:54:9a:ed:
b1:fc:f2:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqZB6a32ifa0bSF4FWxctBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkM2I2NGQ5NWY2MTMxNjgyYjk5MDVjNDQwYTc4NWE2MGE4
YWM4YjgwHhcNMjMwOTE1MTMyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdjZjQ2MTUwMTQ0OTgwZWQxMWFhMDVhNmM4ODYxZjUyY2NjOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Rs1773a1vCz4IFm+VBnCj5jQBMW
HzJ5Q5X3zZaUT9keEios5BwyFQ/BE7V8GVcaqGWrOoZag2sh9i5laoianffYQo+9
twnhJWH+GBayAslc0PyJLzjDpKsgZl4ezTIHJH46rEN9IxItdnShO5JF3Z1FECi7
AFohxP0FrN0R59fCb6lY29MP5OZbZOBXOWHS85CLJRBSKqDR+wXBzVkhZLu9dkIf
1muEXS4qYzkbLxDuZb1VjahLLsg0RSFOpOA1dCGL1aLNwhG0pvv+jNo2IMWiY5Wh
7+4ipI2GPsXU4HCdWhOEYTrORE76i0OH5+KONpofqk7WjiXZayswrHLgZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN589GFQFEmA7RGqBabIhh9SzMj/MB8GA1UdIwQY
MBaAFB07ZNlfYTFoK5kFxECnhaYKisi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFR0azJWOWhNV2dybVFYRVFLZUZwZ3FLeUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zZTYyZDgtOWU0MS00Zjg2LTkzMTMt
NjE1Y2IzNzJlMDc3LzEvM256MFlWQVVTWUR0RWFvRnBzaUdIMUxNeVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zZTYyZDgtOWU0MS00Zjg2LTkzMTMtNjE1Y2IzNzJlMDc3
LzEvSFR0azJWOWhNV2dybVFYRVFLZUZwZ3FLeUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA0o
MA0GCSqGSIb3DQEBCwUAA4IBAQBewhLwLaojEL9BOymL1bZO3KVwOPlKONOfuwX1
siUQBCKjEc5AawriUxG2LRQzu3SBIi2rMOTvjuBTSEyZjYeX5BYYJ/k3xbyz5RZw
asyWfnYJXc/TgHU59pJytFFluhZ6mncHhDJ0YB3Qu573UlIQaA5YdZ8uTEp6F/9k
oZnbbeqm9fh5gEH+nZD8NJsE0MQRe8exKwDJmqweiFAc+zuX1mZ9Tjm5/f9lKy55
W7VEz6XIOuuwvkIlK/fbQbGlxXmcq9030f37kYV5FF0yv43caBx2MbeOHMA82YZP
nKPuaFIn0p8pQ1BW9OoSVKjLbvf3QO3RpwrfcMBUmu2x/PJ1
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:24 2025 by rpki-client