Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/51dd21-9db1-4224-9aac-56afc3cbdf4e/1/g2thCMLq57zqmVXirwqnDHF5PKw.roa
File: g2thCMLq57zqmVXirwqnDHF5PKw.roa (raw, json)
Hash identifier: YPQZPe6dw8Zad/uTWqqo/E0DtvsGqw93zM8fSwD/C34=
Subject key identifier: 83:6B:61:08:C2:EA:E7:BC:EA:99:55:E2:AF:0A:A7:0C:71:79:3C:AC
Certificate issuer: /CN=cd6cba10ab465cf0ee3e76025c67f8554d2d01a5
Certificate serial: 0187AEE0CF162A0DEBE1A4FAB2AA2DFC8CBC
Authority key identifier: CD:6C:BA:10:AB:46:5C:F0:EE:3E:76:02:5C:67:F8:55:4D:2D:01:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWy6EKtGXPDuPnYCXGf4VU0tAaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/51dd21-9db1-4224-9aac-56afc3cbdf4e/1/g2thCMLq57zqmVXirwqnDHF5PKw.roa
Signing time: Sun 23 Apr 2023 16:09:41 +0000
ROA not before: Sun 23 Apr 2023 16:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200957
IP address blocks: 2001:67c:be4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ae:e0:cf:16:2a:0d:eb:e1:a4:fa:b2:aa:2d:fc:8c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6cba10ab465cf0ee3e76025c67f8554d2d01a5
Validity
Not Before: Apr 23 16:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=836b6108c2eae7bcea9955e2af0aa70c71793cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:67:58:fb:6b:fe:07:c3:fc:f1:d0:bb:b6:f8:
c7:78:64:c9:b0:e6:a8:e3:ec:39:8f:89:71:19:0c:
6d:84:cd:92:4e:22:85:e3:c9:26:02:4f:23:07:6d:
ca:93:c3:c8:66:82:4e:96:eb:bb:30:cb:03:69:92:
db:b5:8f:21:14:2f:18:fb:e3:cf:63:b4:0d:ab:e1:
08:72:27:4d:45:e6:20:fb:3a:72:d5:49:c4:65:b0:
fe:66:48:9f:ca:27:2c:dc:77:86:35:5a:12:ac:8d:
86:6e:a5:f0:72:c5:3e:10:b5:8e:5a:66:86:be:e3:
10:5f:65:18:36:10:7d:f5:b6:76:44:20:63:c2:c8:
2c:eb:23:b5:ce:da:9b:64:bd:a4:13:d9:04:08:d7:
17:c4:af:3f:37:a7:0e:42:87:0b:11:38:a7:74:c6:
8b:c6:14:07:bc:f7:f0:0f:4d:6e:60:b9:f7:15:e1:
59:71:c9:e8:69:ac:fb:7f:9c:72:08:83:90:c3:34:
f1:cb:fa:b2:01:f9:82:f3:64:7a:c8:b9:1a:ac:23:
b2:6a:ec:2c:d4:e8:6b:2f:62:7d:fa:2a:49:b3:cc:
4d:1d:22:60:f5:eb:6e:72:e3:05:7d:b4:62:43:1a:
82:e9:c1:44:0a:6d:3a:94:65:ff:6e:89:0b:a8:86:
e2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6B:61:08:C2:EA:E7:BC:EA:99:55:E2:AF:0A:A7:0C:71:79:3C:AC
X509v3 Authority Key Identifier:
keyid:CD:6C:BA:10:AB:46:5C:F0:EE:3E:76:02:5C:67:F8:55:4D:2D:01:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWy6EKtGXPDuPnYCXGf4VU0tAaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/51dd21-9db1-4224-9aac-56afc3cbdf4e/1/g2thCMLq57zqmVXirwqnDHF5PKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/51dd21-9db1-4224-9aac-56afc3cbdf4e/1/zWy6EKtGXPDuPnYCXGf4VU0tAaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:be4::/48
Signature Algorithm: sha256WithRSAEncryption
6a:f3:9c:e7:85:5d:8f:30:91:77:e4:b2:4d:d6:4e:7b:9a:1d:
2d:fe:50:1b:c4:33:e3:6b:05:a3:e0:0f:99:7d:89:5f:5e:8f:
e2:dc:cd:84:67:d9:8c:e1:57:fe:a5:92:32:eb:85:68:34:66:
c1:dd:5b:da:f1:ea:28:91:9f:b4:86:48:7b:37:6a:14:28:5b:
ab:bb:2e:68:61:5e:e1:be:a3:31:84:56:26:42:4d:a2:0f:ac:
61:aa:6c:d1:f8:1a:f9:ca:03:59:72:09:d9:2a:9b:c0:f3:8b:
29:d2:88:a9:db:12:23:dc:6b:0b:e5:69:21:01:72:41:69:b7:
5c:9e:b0:fd:d3:b9:d5:0b:80:17:8e:73:c0:ae:f8:e5:b8:e7:
9a:a6:91:29:dc:f5:f6:2a:af:aa:88:23:e6:b2:45:7a:3d:6b:
49:08:76:81:39:b3:61:56:ed:3c:d7:d2:bc:ec:f9:3d:4c:ce:
b5:15:06:56:35:eb:fd:7c:e7:11:40:5c:c6:28:e6:e5:a7:79:
26:e0:b5:57:2c:e1:2f:e4:d5:aa:f4:d8:f8:19:8f:69:fb:a8:
77:69:b8:db:37:25:ee:57:a0:05:ac:29:6d:86:c1:91:6b:67:
9f:a0:2e:a2:74:af:2f:f8:f1:d7:0d:f9:3c:40:bd:89:e0:36:
bb:4d:cd:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeu4M8WKg3r4aT6sqot/Iy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNmNiYTEwYWI0NjVjZjBlZTNlNzYwMjVjNjdmODU1NGQy
ZDAxYTUwHhcNMjMwNDIzMTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZiNjEwOGMyZWFlN2JjZWE5OTU1ZTJhZjBhYTcwYzcxNzkzY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmdY+2v+B8P88dC7tvjHeGTJsOao
4+w5j4lxGQxthM2STiKF48kmAk8jB23Kk8PIZoJOluu7MMsDaZLbtY8hFC8Y++PP
Y7QNq+EIcidNReYg+zpy1UnEZbD+Zkifyics3HeGNVoSrI2GbqXwcsU+ELWOWmaG
vuMQX2UYNhB99bZ2RCBjwsgs6yO1ztqbZL2kE9kECNcXxK8/N6cOQocLETindMaL
xhQHvPfwD01uYLn3FeFZccnoaaz7f5xyCIOQwzTxy/qyAfmC82R6yLkarCOyauws
1OhrL2J9+ipJs8xNHSJg9etucuMFfbRiQxqC6cFECm06lGX/bokLqIbiYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFINrYQjC6ue86plV4q8KpwxxeTysMB8GA1UdIwQY
MBaAFM1suhCrRlzw7j52Alxn+FVNLQGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveld5NkVLdEdYUER1UG5ZQ1hHZjRWVTB0QWFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81MWRkMjEtOWRiMS00MjI0LTlhYWMt
NTZhZmMzY2JkZjRlLzEvZzJ0aENNTHE1N3pxbVZYaXJ3cW5ESEY1UEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81MWRkMjEtOWRiMS00MjI0LTlhYWMtNTZhZmMzY2JkZjRl
LzEveld5NkVLdEdYUER1UG5ZQ1hHZjRWVTB0QWFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvk
MA0GCSqGSIb3DQEBCwUAA4IBAQBq85znhV2PMJF35LJN1k57mh0t/lAbxDPjawWj
4A+ZfYlfXo/i3M2EZ9mM4Vf+pZIy64VoNGbB3Vva8eookZ+0hkh7N2oUKFuruy5o
YV7hvqMxhFYmQk2iD6xhqmzR+Br5ygNZcgnZKpvA84sp0oip2xIj3GsL5WkhAXJB
abdcnrD907nVC4AXjnPArvjluOeappEp3PX2Kq+qiCPmskV6PWtJCHaBObNhVu08
19K87Pk9TM61FQZWNev9fOcRQFzGKOblp3km4LVXLOEv5NWq9Nj4GY9p+6h3abjb
NyXuV6AFrClthsGRa2efoC6idK8v+PHXDfk8QL2J4Da7Tc3R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client