Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/jDwTEpQybTC26zdg4lQClWqEZDw.roa
File: jDwTEpQybTC26zdg4lQClWqEZDw.roa (raw, json)
Hash identifier: yPo8ZsZqelNv1V50eTHa2BPwMQa1VJkJmQc59UeIf8c=
Subject key identifier: 8C:3C:13:12:94:32:6D:30:B6:EB:37:60:E2:54:02:95:6A:84:64:3C
Certificate issuer: /CN=70675f6a57797c5ca96c3fb45e531bd32783016c
Certificate serial: 018572A7F76E06CA398E5558746721F34549
Authority key identifier: 70:67:5F:6A:57:79:7C:5C:A9:6C:3F:B4:5E:53:1B:D3:27:83:01:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGdfald5fFypbD-0XlMb0yeDAWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/jDwTEpQybTC26zdg4lQClWqEZDw.roa
Signing time: Mon 02 Jan 2023 13:24:48 +0000
ROA not before: Mon 02 Jan 2023 13:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198903
IP address blocks: 2001:67c:65c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:f7:6e:06:ca:39:8e:55:58:74:67:21:f3:45:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70675f6a57797c5ca96c3fb45e531bd32783016c
Validity
Not Before: Jan 2 13:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c3c131294326d30b6eb3760e25402956a84643c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:56:1d:e9:2c:44:7e:44:be:73:56:17:9b:6a:
1d:18:8e:0d:31:b6:cd:de:1d:50:5e:e0:18:8b:d4:
d3:14:e5:70:8e:73:c4:52:96:d1:da:61:47:e6:15:
a2:ef:3b:da:2f:41:9b:21:02:85:92:2a:44:9d:73:
c3:35:1e:99:1f:31:18:c3:d0:c7:ab:f8:91:c9:b9:
7e:50:06:ee:15:7f:c5:0c:9b:9d:5e:7b:a3:96:30:
35:ad:e6:ae:a4:8a:99:9f:76:70:c8:94:5a:cf:34:
25:bd:d4:a1:bf:d0:7e:c0:6a:30:59:d0:bb:07:d8:
4b:5b:11:e2:06:8c:ce:d1:2b:6e:a1:a4:75:e9:88:
68:9d:b9:23:2d:99:a2:56:c5:2e:e9:43:06:33:ea:
00:38:e6:20:5e:bb:90:c6:01:a8:5d:6a:75:5f:4a:
3d:62:0b:6b:02:11:0b:d5:53:2c:91:37:9d:28:16:
39:37:70:85:57:e9:0b:7c:22:0b:94:f7:a6:3b:d7:
8c:a1:d4:89:15:99:f7:ba:b2:d8:45:ee:9e:34:62:
47:b0:06:b3:79:5e:77:78:79:33:66:d3:e8:14:ab:
70:83:dd:a3:bc:cb:f5:4b:21:2c:00:2d:7a:65:c9:
c3:db:46:71:11:33:d9:5c:d5:32:15:ba:1c:5c:b4:
25:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3C:13:12:94:32:6D:30:B6:EB:37:60:E2:54:02:95:6A:84:64:3C
X509v3 Authority Key Identifier:
keyid:70:67:5F:6A:57:79:7C:5C:A9:6C:3F:B4:5E:53:1B:D3:27:83:01:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGdfald5fFypbD-0XlMb0yeDAWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/jDwTEpQybTC26zdg4lQClWqEZDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/cGdfald5fFypbD-0XlMb0yeDAWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:65c::/48
Signature Algorithm: sha256WithRSAEncryption
89:4a:e1:0e:78:2b:fa:ff:3e:df:78:73:de:b6:1a:17:bf:bb:
e4:8e:dc:65:5c:0a:8e:15:62:31:e4:54:48:f1:bb:cf:f1:16:
d3:ac:27:79:21:27:02:da:2a:db:a2:92:42:eb:e9:0f:3e:4a:
e2:9a:58:78:09:cd:58:c0:5e:a2:53:8a:4f:74:f4:e5:3f:58:
e1:2c:7d:d4:0e:6a:b3:5d:ce:81:ed:69:c6:a2:2d:fd:59:4f:
71:ac:91:ac:90:92:1e:c1:6d:c9:be:a8:9e:f2:97:13:de:e8:
0a:06:72:fc:0f:ae:b1:46:4f:66:79:2d:06:c3:1f:38:53:30:
aa:72:20:e8:ed:d2:8c:84:0d:0c:2a:0d:7d:96:54:12:eb:79:
6d:a2:61:3c:ff:75:df:b6:60:55:7f:cc:a0:5a:d0:08:22:c6:
71:b7:41:de:fc:70:32:57:22:10:ce:e9:64:55:16:ff:d2:9e:
4b:e3:4d:a7:d5:e3:da:6e:94:71:c5:04:2c:f7:b9:14:c6:7e:
dd:32:61:a7:7b:bc:e6:fb:c6:81:0f:de:73:af:5b:49:c7:5d:
b8:f8:60:14:89:08:45:bf:b1:80:52:0a:4a:d8:33:0f:f2:3e:
c4:03:8f:8a:58:87:02:93:72:52:f5:77:21:2f:7f:a4:76:23:
42:59:ce:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyp/duBso5jlVYdGch80VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjc1ZjZhNTc3OTdjNWNhOTZjM2ZiNDVlNTMxYmQzMjc4
MzAxNmMwHhcNMjMwMTAyMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNjMTMxMjk0MzI2ZDMwYjZlYjM3NjBlMjU0MDI5NTZhODQ2NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFYd6SxEfkS+c1YXm2odGI4NMbbN
3h1QXuAYi9TTFOVwjnPEUpbR2mFH5hWi7zvaL0GbIQKFkipEnXPDNR6ZHzEYw9DH
q/iRybl+UAbuFX/FDJudXnujljA1reaupIqZn3ZwyJRazzQlvdShv9B+wGowWdC7
B9hLWxHiBozO0StuoaR16YhonbkjLZmiVsUu6UMGM+oAOOYgXruQxgGoXWp1X0o9
YgtrAhEL1VMskTedKBY5N3CFV+kLfCILlPemO9eModSJFZn3urLYRe6eNGJHsAaz
eV53eHkzZtPoFKtwg92jvMv1SyEsAC16ZcnD20ZxETPZXNUyFbocXLQl5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIw8ExKUMm0wtus3YOJUApVqhGQ8MB8GA1UdIwQY
MBaAFHBnX2pXeXxcqWw/tF5TG9MngwFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dkZmFsZDVmRnlwYkQtMFhsTWIweWVEQVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hYzk0ODEtNmZjYS00MjQwLTllZDEt
YzI3N2QzNzE2YmQ5LzEvakR3VEVwUXliVEMyNnpkZzRsUUNsV3FFWkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hYzk0ODEtNmZjYS00MjQwLTllZDEtYzI3N2QzNzE2YmQ5
LzEvY0dkZmFsZDVmRnlwYkQtMFhsTWIweWVEQVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAZc
MA0GCSqGSIb3DQEBCwUAA4IBAQCJSuEOeCv6/z7feHPethoXv7vkjtxlXAqOFWIx
5FRI8bvP8RbTrCd5IScC2irbopJC6+kPPkrimlh4Cc1YwF6iU4pPdPTlP1jhLH3U
DmqzXc6B7WnGoi39WU9xrJGskJIewW3Jvqie8pcT3ugKBnL8D66xRk9meS0Gwx84
UzCqciDo7dKMhA0MKg19llQS63ltomE8/3XftmBVf8ygWtAIIsZxt0He/HAyVyIQ
zulkVRb/0p5L402n1ePabpRxxQQs97kUxn7dMmGne7zm+8aBD95zr1tJx124+GAU
iQhFv7GAUgpK2DMP8j7EA4+KWIcCk3JS9XchL3+kdiNCWc5l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:12 2025 by rpki-client