Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/rO33JJVlzdd1bS82XkkLsxwpBOQ.roa
File: rO33JJVlzdd1bS82XkkLsxwpBOQ.roa (raw, json)
Hash identifier: WL+W2mUG+gPdOBu9ivrk/tyXIDmlvptN24OKYs/ADB8=
Subject key identifier: AC:ED:F7:24:95:65:CD:D7:75:6D:2F:36:5E:49:0B:B3:1C:29:04:E4
Certificate issuer: /CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Certificate serial: 039CFF69
Authority key identifier: 1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/rO33JJVlzdd1bS82XkkLsxwpBOQ.roa
Signing time: Sat 01 Jan 2022 14:01:15 +0000
ROA not before: Sat 01 Jan 2022 14:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212351
IP address blocks: 2001:678:eb0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60620649 (0x39cff69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Validity
Not Before: Jan 1 14:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acedf7249565cdd7756d2f365e490bb31c2904e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a4:27:24:42:91:55:28:a8:29:46:8b:ff:be:
8d:da:1f:1d:9c:88:89:6c:39:f7:a3:8a:55:98:62:
9d:e6:66:6d:d8:5a:ce:b0:62:37:f0:e0:8c:39:20:
b1:cd:50:f5:06:44:48:65:9c:b4:67:4a:51:98:5a:
b5:0f:40:df:c6:90:4e:fb:26:a9:fe:1f:64:f9:be:
76:31:12:0f:cd:4b:1a:6a:76:0b:6c:58:17:94:52:
f4:05:84:2d:ba:d9:1f:97:1c:87:4c:16:cd:cb:f7:
65:ef:17:56:05:c8:87:e9:29:1d:fc:bc:d9:7c:68:
7a:ab:57:1c:bc:e1:fe:38:b5:a7:b5:53:38:44:17:
0f:b2:d7:fc:d5:68:7e:fd:44:66:93:c4:e3:cc:4f:
91:59:c7:ed:20:e4:38:63:79:eb:01:53:cc:03:6f:
08:1a:0e:68:ba:1b:b9:3b:e5:e9:e5:f6:19:f9:cb:
a7:d7:1e:4d:6d:9b:2f:7f:9f:d7:47:8f:ba:8c:30:
fa:3d:bd:d2:a9:d3:ec:4e:a0:32:b3:af:85:c2:d7:
86:e0:01:74:08:5f:10:2b:8d:86:29:47:b8:7d:0a:
ce:93:77:2d:8c:bf:74:e1:05:22:ec:1a:d0:a6:92:
84:e3:a6:54:e6:65:c5:3f:36:16:4f:a6:a2:9c:5d:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:ED:F7:24:95:65:CD:D7:75:6D:2F:36:5E:49:0B:B3:1C:29:04:E4
X509v3 Authority Key Identifier:
keyid:1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/rO33JJVlzdd1bS82XkkLsxwpBOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:eb0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:0f:4e:da:b3:13:37:ba:f1:14:f8:fd:9c:ff:01:f7:9c:51:
fa:f1:1c:70:82:44:44:62:2d:43:e1:d5:65:42:ea:c9:7d:81:
1c:13:41:01:24:23:2e:e9:36:60:f3:9a:a4:0e:2a:cc:98:99:
1f:f6:8e:fb:86:1a:aa:54:11:20:f5:66:92:d1:cf:95:d8:27:
d9:ac:34:18:90:76:90:ec:96:da:6b:e0:58:04:5b:86:4c:3b:
76:1b:62:30:36:50:ae:5f:f6:73:0c:74:21:26:a5:4c:14:f2:
3c:3b:9a:24:a1:d2:b0:91:70:ee:ef:a8:07:af:ea:1c:8a:08:
c4:56:e3:de:e9:e2:bb:e7:76:51:ea:bf:e9:c2:95:7b:6d:5c:
80:04:d3:24:d3:66:20:9a:7e:08:34:8b:cd:82:44:9e:cc:9c:
3f:8e:a6:6b:6c:87:87:bb:45:73:14:73:7f:87:7f:7c:e8:0b:
2a:56:6c:67:a6:97:96:d7:f5:5a:c8:ea:c3:84:f6:70:7c:fd:
83:72:74:01:f1:19:ab:9f:90:7a:d2:fb:26:bb:3e:18:e9:d3:
8a:77:61:f2:f5:d8:a6:96:ec:6a:ca:20:1c:04:08:bb:0f:3c:
05:9e:6a:41:7c:37:c8:67:09:b3:cf:12:2d:ac:26:fe:fc:70:
aa:9e:87:b6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA5z/aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzY5Yzc2MzM4YWZjOTA4NWI4ZmJkNjY5YjhiNzRiZDdhOTJkNDMxMB4XDTIyMDEw
MTE0MDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNlZGY3MjQ5NTY1
Y2RkNzc1NmQyZjM2NWU0OTBiYjMxYzI5MDRlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6kJyRCkVUoqClGi/++jdofHZyIiWw596OKVZhineZmbdha
zrBiN/DgjDkgsc1Q9QZESGWctGdKUZhatQ9A38aQTvsmqf4fZPm+djESD81LGmp2
C2xYF5RS9AWELbrZH5cch0wWzcv3Ze8XVgXIh+kpHfy82XxoeqtXHLzh/ji1p7VT
OEQXD7LX/NVofv1EZpPE48xPkVnH7SDkOGN56wFTzANvCBoOaLobuTvl6eX2GfnL
p9ceTW2bL3+f10ePuoww+j290qnT7E6gMrOvhcLXhuABdAhfECuNhilHuH0KzpN3
LYy/dOEFIuwa0KaShOOmVOZlxT82Fk+mopxdYwkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSs7fcklWXN13VtLzZeSQuzHCkE5DAfBgNVHSMEGDAWgBQcacdjOK/JCFuP
vWabi3S9epLUMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hHbkhZeml2eVFoYmo3MW1tNHQwdlhxUzFERS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvYTIwODhiLWExMjYtNGJhNi04NzFjLTU3NTliNDI3ZjRkMS8x
L3JPMzNKSlZsemRkMWJTODJYa2tMc3h3cEJPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
YTIwODhiLWExMjYtNGJhNi04NzFjLTU3NTliNDI3ZjRkMS8xL0hHbkhZeml2eVFo
Ymo3MW1tNHQwdlhxUzFERS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngOsDANBgkqhkiG9w0BAQsF
AAOCAQEAKg9O2rMTN7rxFPj9nP8B95xR+vEccIJERGItQ+HVZULqyX2BHBNBASQj
Luk2YPOapA4qzJiZH/aO+4YaqlQRIPVmktHPldgn2aw0GJB2kOyW2mvgWARbhkw7
dhtiMDZQrl/2cwx0ISalTBTyPDuaJKHSsJFw7u+oB6/qHIoIxFbj3uniu+d2Ueq/
6cKVe21cgATTJNNmIJp+CDSLzYJEnsycP46ma2yHh7tFcxRzf4d/fOgLKlZsZ6aX
ltf1Wsjqw4T2cHz9g3J0AfEZq5+QetL7Jrs+GOnTindh8vXYppbsasogHAQIuw88
BZ5qQXw3yGcJs88SLawm/vxwqp6Htg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:52 2025 by rpki-client