Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TvivG7hskn5nw73HNgxEX5TU9IM.roa
File: TvivG7hskn5nw73HNgxEX5TU9IM.roa (raw, json)
Hash identifier: KdQt2l6C4WjKZubden6MEODhDRa4MTCqcNFfpWGHRts=
Subject key identifier: 4E:F8:AF:1B:B8:6C:92:7E:67:C3:BD:C7:36:0C:44:5F:94:D4:F4:83
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01857355D9F7AAED121EE818E7DA45785D5D
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TvivG7hskn5nw73HNgxEX5TU9IM.roa
Signing time: Mon 02 Jan 2023 16:34:44 +0000
ROA not before: Mon 02 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25973
IP address blocks: 2001:668:117::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d9:f7:aa:ed:12:1e:e8:18:e7:da:45:78:5d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 2 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ef8af1bb86c927e67c3bdc7360c445f94d4f483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:5c:92:bd:07:df:ad:4f:a9:5c:56:c9:24:
bc:5f:72:e0:e7:2c:66:c0:70:79:78:7c:d6:2a:b4:
99:7a:c1:35:b5:ab:8e:b8:17:08:eb:84:8a:27:61:
d9:60:2f:58:06:b9:28:8c:a1:bd:47:a8:ec:12:00:
13:c2:1a:d5:bc:bf:df:5e:58:b2:c4:98:36:a1:43:
74:2d:43:d1:c8:84:f8:33:cf:7c:62:de:e8:0d:4f:
65:b0:5c:05:be:77:1f:e9:fe:1e:66:95:df:97:ba:
8d:31:f8:f1:ea:e8:06:3e:12:86:00:ec:bc:8a:f6:
d7:b1:9a:46:9f:32:37:39:1e:e2:7c:b9:76:23:43:
c6:30:eb:91:ea:0b:23:25:a6:47:29:bb:c7:d4:be:
8a:9f:0e:b5:d1:50:c7:e6:45:87:9d:dd:00:1e:40:
63:4d:af:0e:d0:e2:cd:bd:88:3c:4a:55:be:52:54:
f0:58:a3:90:ff:ca:36:78:8f:5c:f2:1b:cf:02:ba:
60:9a:df:8f:d1:4f:19:21:24:ff:31:25:bc:b3:46:
01:99:bd:eb:69:b0:17:8f:97:2d:b1:2e:92:c3:a6:
90:7a:54:b7:b7:27:50:80:5d:a7:62:9e:1f:58:f3:
b5:d3:94:13:22:e5:d6:64:4a:a7:34:e6:b8:c3:ee:
e2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F8:AF:1B:B8:6C:92:7E:67:C3:BD:C7:36:0C:44:5F:94:D4:F4:83
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/TvivG7hskn5nw73HNgxEX5TU9IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:668:117::/48
Signature Algorithm: sha256WithRSAEncryption
84:44:21:2d:ed:31:2c:22:54:d3:77:c0:ef:43:dd:03:17:4f:
56:f3:3a:4e:17:3d:a0:61:55:6e:28:55:e5:1b:23:74:a9:0e:
28:84:3d:ec:50:11:57:76:55:29:78:9c:fb:17:08:c6:83:fc:
72:13:a1:a1:47:1a:de:bd:bb:7a:ce:e9:26:d3:16:87:a7:70:
53:aa:f1:01:3c:27:47:08:08:e4:82:a5:90:7d:4a:73:98:7a:
33:d8:28:71:b7:a9:53:a9:fe:4d:f4:65:df:67:ce:5b:89:c0:
92:a2:89:de:b0:c5:8f:04:b4:33:e4:0f:37:dd:d2:64:12:e9:
7a:f7:80:b8:2d:fb:9b:15:44:a7:d4:16:98:2d:bd:aa:e7:f6:
7c:f8:af:93:bc:23:3d:90:45:bc:49:0e:d3:89:fe:ca:4e:32:
f7:af:21:62:e6:85:44:a9:de:5f:b3:83:61:b0:b7:1d:d3:a3:
61:24:90:0a:7c:e4:0f:5e:90:c2:5a:a8:be:6f:8b:0b:e7:62:
64:48:3c:ff:94:af:cd:8f:7a:0a:f3:be:c4:5d:1c:e9:4f:ec:
81:30:18:8a:6f:75:7d:48:58:a7:5e:0f:54:37:81:8c:a3:42:
d4:4e:18:d2:8a:22:fd:67:fd:e9:b4:88:4f:d7:45:19:88:f4:
42:d7:d0:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzVdn3qu0SHugY59pFeF1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY4YWYxYmI4NmM5MjdlNjdjM2JkYzczNjBjNDQ1Zjk0ZDRmNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKtckr0H361PqVxWySS8X3Lg5yxm
wHB5eHzWKrSZesE1tauOuBcI64SKJ2HZYC9YBrkojKG9R6jsEgATwhrVvL/fXliy
xJg2oUN0LUPRyIT4M898Yt7oDU9lsFwFvncf6f4eZpXfl7qNMfjx6ugGPhKGAOy8
ivbXsZpGnzI3OR7ifLl2I0PGMOuR6gsjJaZHKbvH1L6Knw610VDH5kWHnd0AHkBj
Ta8O0OLNvYg8SlW+UlTwWKOQ/8o2eI9c8hvPArpgmt+P0U8ZIST/MSW8s0YBmb3r
abAXj5ctsS6Sw6aQelS3tydQgF2nYp4fWPO105QTIuXWZEqnNOa4w+7iVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE74rxu4bJJ+Z8O9xzYMRF+U1PSDMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvVHZpdkc3aHNrbjVudzczSE5neEVYNVRVOUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGaAEX
MA0GCSqGSIb3DQEBCwUAA4IBAQCERCEt7TEsIlTTd8DvQ90DF09W8zpOFz2gYVVu
KFXlGyN0qQ4ohD3sUBFXdlUpeJz7FwjGg/xyE6GhRxrevbt6zukm0xaHp3BTqvEB
PCdHCAjkgqWQfUpzmHoz2Chxt6lTqf5N9GXfZ85bicCSoonesMWPBLQz5A833dJk
Eul694C4LfubFUSn1BaYLb2q5/Z8+K+TvCM9kEW8SQ7Tif7KTjL3ryFi5oVEqd5f
s4NhsLcd06NhJJAKfOQPXpDCWqi+b4sL52JkSDz/lK/Nj3oK877EXRzpT+yBMBiK
b3V9SFinXg9UN4GMo0LUThjSiiL9Z/3ptIhP10UZiPRC19An
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:11:38 2025 by rpki-client