Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/iGBXsQFmBRWF3-r_XjQIs90uwIo.roa
File: iGBXsQFmBRWF3-r_XjQIs90uwIo.roa (raw, json)
Hash identifier: cpQYIzRjscSnb6jZ+1Y8p6xKC03FfKULP7Z0bJdLQVQ=
Subject key identifier: 88:60:57:B1:01:66:05:15:85:DF:EA:FF:5E:34:08:B3:DD:2E:C0:8A
Certificate issuer: /CN=ac9bbf9f623313eb2b1827350b45a9ba1fd9da5f
Certificate serial: 01879E3A1D73219A40CDDDC9B6C4B3D37A6D
Authority key identifier: AC:9B:BF:9F:62:33:13:EB:2B:18:27:35:0B:45:A9:BA:1F:D9:DA:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/iGBXsQFmBRWF3-r_XjQIs90uwIo.roa
Signing time: Thu 20 Apr 2023 10:33:41 +0000
ROA not before: Thu 20 Apr 2023 10:33:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 2001:67c:6d4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:3a:1d:73:21:9a:40:cd:dd:c9:b6:c4:b3:d3:7a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9bbf9f623313eb2b1827350b45a9ba1fd9da5f
Validity
Not Before: Apr 20 10:33:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886057b10166051585dfeaff5e3408b3dd2ec08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3b:56:4b:98:d1:07:c0:f2:bd:d8:dd:d2:99:
83:0c:d6:f5:a1:23:77:3f:bb:35:f5:f0:06:bd:08:
c2:25:7e:90:ca:20:3b:65:1d:fb:26:12:05:cd:a2:
6a:fd:dd:d8:de:64:ea:86:6c:dd:74:1e:ec:2d:d8:
00:24:8c:52:85:55:0d:ec:8e:12:94:5e:32:1b:ad:
7f:54:bc:8f:a8:be:49:5c:ae:df:e9:33:c7:07:8f:
80:f6:fe:24:47:43:7c:0b:5a:52:43:ec:9a:e3:84:
10:dc:03:03:92:50:23:cc:ca:5b:2d:b8:99:b0:40:
44:93:7a:2f:ee:bb:61:bf:89:cc:7e:97:54:87:2c:
c9:f2:1e:1f:bd:04:3b:3f:02:72:58:98:1c:34:46:
f0:8c:b3:a3:c9:91:fd:f0:7b:bc:99:d7:75:d0:8c:
b4:fa:af:1e:cf:82:bb:10:1d:64:f1:e1:26:2d:94:
9f:b6:d9:ce:68:80:70:b9:d9:42:4e:d1:58:f4:5f:
4a:ac:f9:9f:36:bd:44:c0:12:c5:b5:72:f3:a6:ae:
2b:b0:1e:d5:98:05:f2:73:51:4c:11:05:60:8a:9d:
74:2a:c8:b7:3f:17:eb:22:4e:1e:f3:ca:c3:54:f7:
64:90:05:3b:3b:cf:59:b7:fb:5e:01:6f:09:bc:36:
66:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:60:57:B1:01:66:05:15:85:DF:EA:FF:5E:34:08:B3:DD:2E:C0:8A
X509v3 Authority Key Identifier:
keyid:AC:9B:BF:9F:62:33:13:EB:2B:18:27:35:0B:45:A9:BA:1F:D9:DA:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/iGBXsQFmBRWF3-r_XjQIs90uwIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:6d4::/48
Signature Algorithm: sha256WithRSAEncryption
11:59:77:2a:d9:5a:bb:1d:fc:3f:fb:ec:b4:d3:5f:40:79:78:
01:12:49:d5:dd:0e:44:2d:f0:2c:f0:63:94:25:54:76:73:16:
42:51:c7:7e:af:62:bf:0a:e7:01:c6:d6:c2:eb:0f:17:e3:32:
43:65:62:fa:13:f7:55:b5:92:07:3e:2b:fe:31:e9:62:a7:68:
57:e6:a6:66:b3:0f:d4:7d:5a:ea:8e:cf:4d:28:9a:ce:c8:ae:
c2:fb:9d:96:d0:7e:89:2c:c9:8e:b2:ac:aa:af:c5:4d:10:ce:
99:b6:c9:98:45:8f:f4:ba:63:a1:20:dd:2d:50:66:b3:d7:35:
e4:f2:fb:2f:33:e8:79:69:03:59:e5:62:9b:a6:fd:55:bd:2a:
34:4e:c6:20:e5:d7:16:8c:15:56:f5:a1:37:02:99:ae:1c:cd:
78:47:13:a4:ad:15:a8:cd:7d:04:b4:2e:35:7f:c6:70:08:89:
dd:0e:5f:3c:74:25:62:de:af:fd:e2:6c:16:3f:05:11:55:c1:
92:84:62:dd:9f:a8:97:77:e9:bb:8f:b1:9f:ba:17:a7:fa:c4:
8b:a5:9b:d3:63:43:c0:0f:89:21:f2:1c:a4:40:64:13:45:4e:
54:b2:bd:c6:98:9c:9b:37:f1:e7:3b:d5:b7:ca:b9:ff:e5:3d:
ea:41:ba:5d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeeOh1zIZpAzd3JtsSz03ptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWJiZjlmNjIzMzEzZWIyYjE4MjczNTBiNDVhOWJhMWZk
OWRhNWYwHhcNMjMwNDIwMTAzMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYwNTdiMTAxNjYwNTE1ODVkZmVhZmY1ZTM0MDhiM2RkMmVjMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgztWS5jRB8Dyvdjd0pmDDNb1oSN3
P7s19fAGvQjCJX6QyiA7ZR37JhIFzaJq/d3Y3mTqhmzddB7sLdgAJIxShVUN7I4S
lF4yG61/VLyPqL5JXK7f6TPHB4+A9v4kR0N8C1pSQ+ya44QQ3AMDklAjzMpbLbiZ
sEBEk3ov7rthv4nMfpdUhyzJ8h4fvQQ7PwJyWJgcNEbwjLOjyZH98Hu8mdd10Iy0
+q8ez4K7EB1k8eEmLZSfttnOaIBwudlCTtFY9F9KrPmfNr1EwBLFtXLzpq4rsB7V
mAXyc1FMEQVgip10Ksi3PxfrIk4e88rDVPdkkAU7O89Zt/teAW8JvDZmtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIhgV7EBZgUVhd/q/140CLPdLsCKMB8GA1UdIwQY
MBaAFKybv59iMxPrKxgnNQtFqbof2dpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckp1X24ySXpFLXNyR0NjMUMwV3B1aF9aMmw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jN2I1NzMtMjc2OC00NzNjLWE1YzQt
NTdlZjdmZWU3NTljLzEvaUdCWHNRRm1CUldGMy1yX1hqUUlzOTB1d0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jN2I1NzMtMjc2OC00NzNjLWE1YzQtNTdlZjdmZWU3NTlj
LzEvckp1X24ySXpFLXNyR0NjMUMwV3B1aF9aMmw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAbU
MA0GCSqGSIb3DQEBCwUAA4IBAQARWXcq2Vq7Hfw/++y0019AeXgBEknV3Q5ELfAs
8GOUJVR2cxZCUcd+r2K/CucBxtbC6w8X4zJDZWL6E/dVtZIHPiv+Melip2hX5qZm
sw/UfVrqjs9NKJrOyK7C+52W0H6JLMmOsqyqr8VNEM6ZtsmYRY/0umOhIN0tUGaz
1zXk8vsvM+h5aQNZ5WKbpv1VvSo0TsYg5dcWjBVW9aE3ApmuHM14RxOkrRWozX0E
tC41f8ZwCIndDl88dCVi3q/94mwWPwURVcGShGLdn6iXd+m7j7Gfuhen+sSLpZvT
Y0PAD4kh8hykQGQTRU5Usr3GmJybN/HnO9W3yrn/5T3qQbpd
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:59 2025 by rpki-client