Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/1DL4tqPxoC4Wd-15NjjCcuud-7U.roa
File: 1DL4tqPxoC4Wd-15NjjCcuud-7U.roa (raw, json)
Hash identifier: DFj5q99itez+ECwaQ2tn27L9Ot7OwiIpnSOeMV7qDrI=
Subject key identifier: D4:32:F8:B6:A3:F1:A0:2E:16:77:ED:79:36:38:C2:72:EB:9D:FB:B5
Certificate issuer: /CN=4a6376ce92087e4c7ce536686537769e2cc34059
Certificate serial: 0185701EF3EC734E7F31AD96E50ED5158CE9
Authority key identifier: 4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/1DL4tqPxoC4Wd-15NjjCcuud-7U.roa
Signing time: Mon 02 Jan 2023 01:35:54 +0000
ROA not before: Mon 02 Jan 2023 01:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 2001:678:490::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:f3:ec:73:4e:7f:31:ad:96:e5:0e:d5:15:8c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6376ce92087e4c7ce536686537769e2cc34059
Validity
Not Before: Jan 2 01:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d432f8b6a3f1a02e1677ed793638c272eb9dfbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:1f:49:53:ad:ad:e5:cf:c2:8e:07:4e:2b:
9f:38:e2:2d:9c:fc:f2:ba:92:f0:cd:da:5a:ff:ac:
ed:c6:c0:29:e0:43:46:26:18:08:d5:10:b9:61:2f:
51:51:ec:6f:c6:42:7e:b7:f5:8b:8e:aa:d5:65:22:
c0:01:f7:41:48:2c:9b:9e:19:13:84:8c:c1:52:9c:
7d:ed:fa:f1:38:25:d4:27:88:0e:90:5d:66:d1:79:
7d:a7:a5:75:33:67:40:e3:fb:a0:37:1f:42:f4:86:
b5:a1:e8:c0:01:b6:4e:de:d7:4a:48:49:31:a2:12:
dc:4e:34:b6:bd:48:7e:28:f4:4c:a7:55:23:75:95:
dc:c8:83:c4:5f:07:af:12:66:02:60:da:a3:d2:8e:
8f:6e:43:75:43:ae:49:de:63:01:9e:a1:a7:c6:44:
13:6e:30:a4:4a:8d:da:af:16:1f:64:15:54:57:42:
69:76:b1:42:ea:7d:67:02:d1:94:2a:5d:f9:78:9c:
08:76:53:c6:cf:d9:de:78:b1:fd:27:29:8a:ba:db:
89:5e:c3:38:60:7d:ad:2e:c4:4c:a6:17:31:bb:f1:
05:cd:3e:20:d1:a5:83:28:ce:53:1d:09:4b:62:12:
64:8c:52:51:c6:ae:07:7c:86:4f:f5:58:97:1a:5b:
f1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:32:F8:B6:A3:F1:A0:2E:16:77:ED:79:36:38:C2:72:EB:9D:FB:B5
X509v3 Authority Key Identifier:
keyid:4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/1DL4tqPxoC4Wd-15NjjCcuud-7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/SmN2zpIIfkx85TZoZTd2nizDQFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:490::/48
Signature Algorithm: sha256WithRSAEncryption
0b:21:d4:29:d6:03:36:a9:46:e3:2f:11:72:37:a8:e4:d8:cc:
1b:81:d0:3f:09:ce:33:a8:5d:76:c6:d3:b0:7b:af:fc:d6:a5:
04:67:10:be:cf:8d:d9:3d:25:fa:58:3a:a8:00:1e:3e:ea:96:
1b:a7:18:17:14:6b:45:8d:35:ba:91:26:40:d1:bc:83:83:32:
19:c0:45:16:72:35:2a:32:87:62:f2:a6:2b:1d:73:85:4f:b0:
9f:85:68:bf:f2:1b:2a:0a:fb:1e:82:1c:81:41:a4:4f:1a:b7:
f1:b9:7c:b7:24:70:57:f6:4d:58:c3:cf:1a:05:d6:02:97:00:
46:8d:de:6e:ec:69:e2:03:74:b0:5d:69:1c:65:9b:d2:4a:31:
57:1e:51:1f:ad:be:a5:f7:ac:ed:91:c3:ad:63:df:47:90:5c:
27:d2:94:02:8e:aa:53:ee:d3:d1:b5:8a:07:9f:96:ca:b6:02:
20:7a:d3:29:5f:6e:d5:f9:17:e4:38:ec:ee:14:37:9c:44:d9:
22:1a:ce:9d:98:49:c2:6a:a1:5c:9e:bd:d0:5d:28:d4:08:7a:
eb:ed:59:92:2c:83:b7:8b:00:d0:9e:30:29:c8:65:69:b6:b6:
ce:9a:c7:81:a3:61:ff:12:56:a8:97:a5:e9:13:e7:f2:f3:2b:
64:e6:51:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwHvPsc05/Ma2W5Q7VFYzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjM3NmNlOTIwODdlNGM3Y2U1MzY2ODY1Mzc3NjllMmNj
MzQwNTkwHhcNMjMwMTAyMDEzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDMyZjhiNmEzZjFhMDJlMTY3N2VkNzkzNjM4YzI3MmViOWRmYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucsfSVOtreXPwo4HTiufOOItnPzy
upLwzdpa/6ztxsAp4ENGJhgI1RC5YS9RUexvxkJ+t/WLjqrVZSLAAfdBSCybnhkT
hIzBUpx97frxOCXUJ4gOkF1m0Xl9p6V1M2dA4/ugNx9C9Ia1oejAAbZO3tdKSEkx
ohLcTjS2vUh+KPRMp1UjdZXcyIPEXwevEmYCYNqj0o6PbkN1Q65J3mMBnqGnxkQT
bjCkSo3arxYfZBVUV0JpdrFC6n1nAtGUKl35eJwIdlPGz9neeLH9JymKutuJXsM4
YH2tLsRMphcxu/EFzT4g0aWDKM5THQlLYhJkjFJRxq4HfIZP9ViXGlvxYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNQy+Laj8aAuFnfteTY4wnLrnfu1MB8GA1UdIwQY
MBaAFEpjds6SCH5MfOU2aGU3dp4sw0BZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQt
NGUxZmI3NmM4NDdhLzEvMURMNHRxUHhvQzRXZC0xNU5qakNjdXVkLTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQtNGUxZmI3NmM4NDdh
LzEvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASQ
MA0GCSqGSIb3DQEBCwUAA4IBAQALIdQp1gM2qUbjLxFyN6jk2MwbgdA/Cc4zqF12
xtOwe6/81qUEZxC+z43ZPSX6WDqoAB4+6pYbpxgXFGtFjTW6kSZA0byDgzIZwEUW
cjUqModi8qYrHXOFT7CfhWi/8hsqCvseghyBQaRPGrfxuXy3JHBX9k1Yw88aBdYC
lwBGjd5u7GniA3SwXWkcZZvSSjFXHlEfrb6l96ztkcOtY99HkFwn0pQCjqpT7tPR
tYoHn5bKtgIgetMpX27V+RfkOOzuFDecRNkiGs6dmEnCaqFcnr3QXSjUCHrr7VmS
LIO3iwDQnjApyGVptrbOmseBo2H/Elaol6XpE+fy8ytk5lF0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:48 2025 by rpki-client