Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/1-n1FL2rN3KKlorxcqy1Kr-T4zus.roa
File: 1-n1FL2rN3KKlorxcqy1Kr-T4zus.roa (raw, json)
Hash identifier: daZjEL5yM26MfXKLDZFqudBnmH4Bked3UtKXYrLm1iI=
Subject key identifier: FA:7D:45:2F:6A:CD:DC:A2:A5:A2:BC:5C:AB:2D:4A:AF:E4:F8:CE:EB
Certificate issuer: /CN=27032f79023052100c4393c9e690f97d7896926f
Certificate serial: 01856E38ACF2E5DAC00432F0F8892E22E5CC
Authority key identifier: 27:03:2F:79:02:30:52:10:0C:43:93:C9:E6:90:F9:7D:78:96:92:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/1-n1FL2rN3KKlorxcqy1Kr-T4zus.roa
Signing time: Sun 01 Jan 2023 16:44:46 +0000
ROA not before: Sun 01 Jan 2023 16:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206161
IP address blocks: 2001:678:c88::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:ac:f2:e5:da:c0:04:32:f0:f8:89:2e:22:e5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27032f79023052100c4393c9e690f97d7896926f
Validity
Not Before: Jan 1 16:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa7d452f6acddca2a5a2bc5cab2d4aafe4f8ceeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:42:b0:94:63:d9:08:48:c6:0b:0b:26:86:dd:
0c:27:1a:8a:76:fc:f2:63:96:ce:4d:e1:77:f0:b9:
05:e8:0f:1c:cd:c4:1b:d7:d1:17:49:d9:d1:8d:c3:
cb:3d:06:20:77:91:08:b6:89:40:27:89:08:f1:26:
77:0a:70:ba:0f:16:c9:91:67:56:6f:98:c4:17:7d:
14:0e:1c:96:61:09:95:05:da:da:d2:44:cf:42:9a:
e3:ab:df:58:1a:8e:cf:49:d4:b7:02:4e:df:13:7e:
bb:d8:a5:c6:ab:a9:70:45:b9:5d:39:dc:6b:3b:36:
54:a2:81:48:0b:6b:4c:14:99:64:3f:6d:f1:39:dd:
66:4d:cd:39:32:b3:3d:4d:45:15:a5:d6:9b:61:d7:
ba:3a:d6:fb:98:69:72:78:5c:b6:5e:6d:48:47:60:
0f:ee:68:c0:3e:f0:94:f5:86:bb:87:e5:d2:86:bd:
ae:c3:1e:67:73:80:7e:0d:be:0b:e7:79:7b:b0:b7:
b2:a0:ee:04:ad:40:9a:41:cc:a5:27:d1:92:60:4a:
64:d6:b9:06:5e:6a:28:57:e5:e4:16:73:a0:8b:30:
4c:12:e7:84:98:79:ab:b7:79:ed:d1:6c:d0:49:f5:
fb:8b:2e:2b:b4:18:96:81:d8:c8:1c:3b:35:4b:c4:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7D:45:2F:6A:CD:DC:A2:A5:A2:BC:5C:AB:2D:4A:AF:E4:F8:CE:EB
X509v3 Authority Key Identifier:
keyid:27:03:2F:79:02:30:52:10:0C:43:93:C9:E6:90:F9:7D:78:96:92:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/1-n1FL2rN3KKlorxcqy1Kr-T4zus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c88::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f2:ec:37:e7:9a:94:d5:78:be:16:1c:65:7e:c2:bc:df:a2:
0b:74:ea:cd:7d:d7:60:e7:24:d7:16:a3:4d:f2:c5:28:1b:b3:
2b:8d:e7:1e:cf:80:0e:a0:bc:7a:3e:88:0f:49:6f:bd:9f:da:
1b:95:f3:42:5c:68:cd:18:f9:d8:98:24:2e:cf:cc:3a:13:1f:
c9:43:60:95:41:7a:b1:03:27:0d:6f:4b:28:61:63:2a:b7:77:
1e:6e:2d:30:04:67:93:d0:43:24:84:e7:05:66:f0:dd:93:03:
e1:c4:87:b9:bc:28:ea:23:e9:b0:21:dd:19:3b:27:d1:3d:3a:
96:2c:03:e3:24:98:12:11:79:19:89:03:4b:94:5c:fc:54:d6:
f8:71:46:59:1c:e0:c1:7c:45:32:c5:8b:6c:b8:0a:da:bb:e0:
aa:4a:c8:99:4d:a2:31:17:8e:05:71:ed:0f:26:2f:72:e3:47:
fa:6b:8b:31:cd:af:13:43:de:32:09:54:5b:9c:35:bb:f1:c7:
94:ae:64:cf:be:f8:ad:73:4a:b7:30:7f:d8:b9:4e:9e:c5:5a:
56:aa:73:08:9f:a6:da:84:ef:96:9a:a1:53:1e:56:67:e6:a7:
2c:6a:9f:87:ba:3f:7f:b3:bb:8a:53:d8:77:00:b9:b6:91:98:
f6:e0:1b:60
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVuOKzy5drABDLw+IkuIuXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDMyZjc5MDIzMDUyMTAwYzQzOTNjOWU2OTBmOTdkNzg5
NjkyNmYwHhcNMjMwMTAxMTY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTdkNDUyZjZhY2RkY2EyYTVhMmJjNWNhYjJkNGFhZmU0ZjhjZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEKwlGPZCEjGCwsmht0MJxqKdvzy
Y5bOTeF38LkF6A8czcQb19EXSdnRjcPLPQYgd5EItolAJ4kI8SZ3CnC6DxbJkWdW
b5jEF30UDhyWYQmVBdra0kTPQprjq99YGo7PSdS3Ak7fE3672KXGq6lwRbldOdxr
OzZUooFIC2tMFJlkP23xOd1mTc05MrM9TUUVpdabYde6Otb7mGlyeFy2Xm1IR2AP
7mjAPvCU9Ya7h+XShr2uwx5nc4B+Db4L53l7sLeyoO4ErUCaQcylJ9GSYEpk1rkG
XmooV+XkFnOgizBMEueEmHmrt3nt0WzQSfX7iy4rtBiWgdjIHDs1S8QzhQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPp9RS9qzdyipaK8XKstSq/k+M7rMB8GA1UdIwQY
MBaAFCcDL3kCMFIQDEOTyeaQ+X14lpJvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndNdmVRSXdVaEFNUTVQSjVwRDVmWGlXa204LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mNGZmNTItNjRiYS00MjBiLWJmZjQt
ZjA3ZGQyNjA2MjY3LzEvMS1uMUZMMnJOM0tLbG9yeGNxeTFLci1UNHp1cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDEvZjRmZjUyLTY0YmEtNDIwYi1iZmY0LWYwN2RkMjYwNjI2
Ny8xL0p3TXZlUUl3VWhBTVE1UEo1cEQ1ZlhpV2ttOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngM
iDANBgkqhkiG9w0BAQsFAAOCAQEADfLsN+ealNV4vhYcZX7CvN+iC3TqzX3XYOck
1xajTfLFKBuzK43nHs+ADqC8ej6ID0lvvZ/aG5XzQlxozRj52JgkLs/MOhMfyUNg
lUF6sQMnDW9LKGFjKrd3Hm4tMARnk9BDJITnBWbw3ZMD4cSHubwo6iPpsCHdGTsn
0T06liwD4ySYEhF5GYkDS5Rc/FTW+HFGWRzgwXxFMsWLbLgK2rvgqkrImU2iMReO
BXHtDyYvcuNH+muLMc2vE0PeMglUW5w1u/HHlK5kz774rXNKtzB/2LlOnsVaVqpz
CJ+m2oTvlpqhUx5WZ+anLGqfh7o/f7O7ilPYdwC5tpGY9uAbYA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:34:38 2025 by rpki-client