Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/555bc9-4e19-4828-8eba-61ffb6506644/1/6GFEUvvO3AY9sf6U5RzU7Fv-VNg.roa
File: 6GFEUvvO3AY9sf6U5RzU7Fv-VNg.roa (raw, json)
Hash identifier: KjZHvFtTuq/0iDw+QFHCBoA6iIDbx/Do33qKRdmWgLM=
Subject key identifier: E8:61:44:52:FB:CE:DC:06:3D:B1:FE:94:E5:1C:D4:EC:5B:FE:54:D8
Certificate issuer: /CN=359c7243bef2dc775ae67692889d5d26c1b2d148
Certificate serial: 01857231125CFF8EFD802444058E3800DDF8
Authority key identifier: 35:9C:72:43:BE:F2:DC:77:5A:E6:76:92:88:9D:5D:26:C1:B2:D1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZxyQ77y3Hda5naSiJ1dJsGy0Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/555bc9-4e19-4828-8eba-61ffb6506644/1/6GFEUvvO3AY9sf6U5RzU7Fv-VNg.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2643
IP address blocks: 2001:678:7d8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:12:5c:ff:8e:fd:80:24:44:05:8e:38:00:dd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359c7243bef2dc775ae67692889d5d26c1b2d148
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8614452fbcedc063db1fe94e51cd4ec5bfe54d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:74:02:b5:61:59:89:0d:04:c1:fa:a0:60:21:
7a:fc:42:65:40:70:d0:62:b6:8d:be:5c:21:f7:c5:
49:11:25:79:19:68:87:1f:3e:15:14:1f:54:1a:3f:
c0:9d:7b:e9:bd:2b:37:86:b1:75:b1:ff:fd:57:92:
81:9c:51:b2:da:15:64:45:ae:46:12:43:6d:d4:6a:
d7:52:fc:f2:3a:07:e9:71:e3:da:2e:57:3f:02:df:
73:a6:5e:e5:a3:82:c4:b6:11:35:de:63:24:a2:ae:
dd:17:7b:39:31:07:91:af:46:6b:57:cf:11:f8:a7:
a0:a3:05:b7:10:a7:00:37:b2:69:a8:41:95:60:2b:
4a:d0:8c:c2:f8:b5:3f:ff:29:0d:a4:37:62:6b:5b:
db:d5:28:64:b3:bb:36:e3:64:c1:a4:f2:67:ca:29:
e7:f1:79:d3:7a:3e:fe:d0:17:d4:b6:04:80:36:25:
f0:29:9e:43:8e:43:9a:5e:a0:c7:c8:a8:4f:53:50:
e9:19:02:52:83:51:35:f2:e8:a4:88:39:0c:6d:26:
68:9d:96:5a:4f:54:fa:81:b4:07:e9:1e:2d:04:85:
c5:84:46:06:a9:76:ca:4a:cf:26:b2:f1:b8:3f:96:
39:0b:4f:cd:24:8a:c6:08:1a:b3:52:88:68:c6:64:
34:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:61:44:52:FB:CE:DC:06:3D:B1:FE:94:E5:1C:D4:EC:5B:FE:54:D8
X509v3 Authority Key Identifier:
keyid:35:9C:72:43:BE:F2:DC:77:5A:E6:76:92:88:9D:5D:26:C1:B2:D1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZxyQ77y3Hda5naSiJ1dJsGy0Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/555bc9-4e19-4828-8eba-61ffb6506644/1/6GFEUvvO3AY9sf6U5RzU7Fv-VNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/555bc9-4e19-4828-8eba-61ffb6506644/1/NZxyQ77y3Hda5naSiJ1dJsGy0Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:7d8::/48
Signature Algorithm: sha256WithRSAEncryption
27:51:17:d4:89:7c:94:c7:0b:24:af:f0:6a:19:dc:37:e4:92:
10:27:ee:db:ef:66:d0:9e:a0:04:8f:2c:84:a6:c7:73:94:c3:
03:7d:a6:59:d8:bc:b2:7e:2e:eb:e5:8d:65:60:0b:26:79:fa:
dc:b8:f3:5c:e8:a1:2f:4b:ea:e5:cd:86:98:57:8f:1a:7c:9c:
b7:3f:45:18:a1:9e:56:25:50:e7:87:3e:2d:76:46:1f:87:3f:
fb:d0:2e:17:61:4f:94:f4:b1:b1:ee:3f:fb:a5:a3:01:b8:bf:
7d:8e:80:f2:7c:32:a2:98:a9:90:9c:5a:b5:e3:31:ca:d8:d1:
1c:44:6c:bb:bf:6e:d2:29:29:d0:7a:3d:4a:ce:f9:2a:8f:b0:
3f:a0:40:e2:7b:a8:1d:ef:27:34:e8:16:50:94:6b:11:45:e7:
91:af:bb:72:95:cc:02:a4:d5:a4:bb:67:bb:b7:c3:a6:77:9a:
8d:b6:e8:ed:57:f5:89:04:22:e1:1b:ce:31:41:da:f3:89:73:
68:ea:45:78:7a:e4:72:f3:fb:3f:3b:4e:77:a2:94:18:c0:46:
c3:eb:7b:bd:c9:1a:85:a2:49:ed:d5:22:6d:5f:ad:b9:10:5b:
c7:36:15:bf:dc:e9:2e:40:92:f5:8c:ed:da:78:fc:27:b7:b5:
0d:7b:d8:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyMRJc/479gCREBY44AN34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWM3MjQzYmVmMmRjNzc1YWU2NzY5Mjg4OWQ1ZDI2YzFi
MmQxNDgwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODYxNDQ1MmZiY2VkYzA2M2RiMWZlOTRlNTFjZDRlYzViZmU1NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinQCtWFZiQ0EwfqgYCF6/EJlQHDQ
YraNvlwh98VJESV5GWiHHz4VFB9UGj/AnXvpvSs3hrF1sf/9V5KBnFGy2hVkRa5G
EkNt1GrXUvzyOgfpcePaLlc/At9zpl7lo4LEthE13mMkoq7dF3s5MQeRr0ZrV88R
+KegowW3EKcAN7JpqEGVYCtK0IzC+LU//ykNpDdia1vb1Shks7s242TBpPJnyinn
8XnTej7+0BfUtgSANiXwKZ5DjkOaXqDHyKhPU1DpGQJSg1E18uikiDkMbSZonZZa
T1T6gbQH6R4tBIXFhEYGqXbKSs8msvG4P5Y5C0/NJIrGCBqzUohoxmQ0jQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOhhRFL7ztwGPbH+lOUc1Oxb/lTYMB8GA1UdIwQY
MBaAFDWcckO+8tx3WuZ2koidXSbBstFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlp4eVE3N3kzSGRhNW5hU2lKMWRKc0d5MFVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NTViYzktNGUxOS00ODI4LThlYmEt
NjFmZmI2NTA2NjQ0LzEvNkdGRVV2dk8zQVk5c2Y2VTVSelU3RnYtVk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81NTViYzktNGUxOS00ODI4LThlYmEtNjFmZmI2NTA2NjQ0
LzEvTlp4eVE3N3kzSGRhNW5hU2lKMWRKc0d5MFVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAfY
MA0GCSqGSIb3DQEBCwUAA4IBAQAnURfUiXyUxwskr/BqGdw35JIQJ+7b72bQnqAE
jyyEpsdzlMMDfaZZ2Lyyfi7r5Y1lYAsmefrcuPNc6KEvS+rlzYaYV48afJy3P0UY
oZ5WJVDnhz4tdkYfhz/70C4XYU+U9LGx7j/7paMBuL99joDyfDKimKmQnFq14zHK
2NEcRGy7v27SKSnQej1Kzvkqj7A/oEDie6gd7yc06BZQlGsRReeRr7tylcwCpNWk
u2e7t8Omd5qNtujtV/WJBCLhG84xQdrziXNo6kV4euRy8/s/O053opQYwEbD63u9
yRqFoknt1SJtX625EFvHNhW/3OkuQJL1jO3aePwnt7UNe9ii
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:20:51 2025 by rpki-client