Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/dW4RPxbbEIh_yvG1FZzrvhsIaGc.roa
File: dW4RPxbbEIh_yvG1FZzrvhsIaGc.roa (raw, json)
Hash identifier: 8F+TzSp/tPA54odWT43FD5WmD54hrhx+6zOe1sLuxOc=
Subject key identifier: 75:6E:11:3F:16:DB:10:88:7F:CA:F1:B5:15:9C:EB:BE:1B:08:68:67
Certificate issuer: /CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031
Certificate serial: 0185729601BCD2B829EEE8E24BD8262BBB5F
Authority key identifier: 3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/dW4RPxbbEIh_yvG1FZzrvhsIaGc.roa
Signing time: Mon 02 Jan 2023 13:05:11 +0000
ROA not before: Mon 02 Jan 2023 13:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213210
IP address blocks: 2001:678:9b4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:96:01:bc:d2:b8:29:ee:e8:e2:4b:d8:26:2b:bb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031
Validity
Not Before: Jan 2 13:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=756e113f16db10887fcaf1b5159cebbe1b086867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:36:be:23:8b:97:42:2a:b0:82:d2:ee:f1:22:
1d:4f:a2:f3:ab:95:44:a1:8b:50:01:36:04:fe:f1:
00:ee:49:d1:2f:a6:50:09:ca:65:40:c2:9e:74:eb:
82:cc:df:18:15:93:90:c4:91:ec:6b:ee:3a:81:25:
23:00:32:60:ba:42:aa:ad:1d:07:3e:6b:13:2e:4b:
54:dc:9b:6b:94:f9:dc:fd:50:b2:fc:57:21:c5:1d:
5b:a4:51:e2:cf:9f:6b:67:4c:16:62:3a:c0:bf:7a:
8b:e4:ef:a4:67:7c:c5:97:d0:7b:aa:ff:74:f6:56:
5e:7f:32:57:98:67:a6:51:b3:1a:c9:27:f3:f8:5c:
ab:50:79:ce:35:d1:f6:1c:5f:44:c5:d4:17:b1:ea:
60:fe:9d:51:86:1f:52:16:38:cd:72:f1:52:7b:3a:
99:89:d2:2a:d2:1e:cb:c7:a3:4e:d7:19:05:ca:d1:
cb:fb:b8:5d:69:10:a2:b3:01:c6:dc:32:e6:38:8f:
a9:2b:45:e9:bc:f1:14:0b:43:23:5b:dc:68:10:97:
a0:14:3d:46:b2:c8:7b:d9:2e:03:20:05:ff:33:3f:
71:b2:f1:e1:9b:6a:b1:a2:dd:1a:d1:7b:6b:cd:39:
83:b7:c2:73:22:4c:6a:f0:f1:d0:22:3f:a4:da:03:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6E:11:3F:16:DB:10:88:7F:CA:F1:B5:15:9C:EB:BE:1B:08:68:67
X509v3 Authority Key Identifier:
keyid:3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/dW4RPxbbEIh_yvG1FZzrvhsIaGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:9b4::/48
Signature Algorithm: sha256WithRSAEncryption
9f:0e:4a:5b:fb:58:55:ad:54:10:f7:4b:40:c3:1a:ef:a4:85:
05:9f:d5:ae:5c:48:5c:1f:de:11:7e:09:38:43:8a:db:ff:83:
a7:2b:13:3c:d5:c3:2b:b7:c6:52:0d:b5:f0:da:0a:08:53:8a:
14:16:65:ec:8e:0a:c9:5b:4b:6a:8d:ff:9f:97:27:94:7c:65:
64:6a:04:2c:65:da:b0:ff:13:15:5b:2a:de:ff:dc:a0:e8:6d:
33:72:ac:5a:f6:13:a3:1d:e9:a8:2b:20:77:e4:bc:c8:5e:de:
fc:95:e2:84:a3:05:06:33:12:d5:87:43:20:8d:cd:e6:0b:83:
10:dd:1a:5a:82:25:99:38:24:0a:65:5a:aa:c5:2d:79:7d:c4:
a8:b7:ab:a3:71:b3:a1:48:a9:7c:d2:fe:e7:46:29:ee:66:eb:
8d:20:51:b7:1e:09:22:8d:0e:7d:47:92:1a:2e:de:48:ff:aa:
aa:d3:47:37:e7:f0:04:31:e8:0a:30:e9:c2:d5:ad:f6:d7:14:
0b:0a:c8:2d:23:5a:8a:83:5a:7d:86:13:2e:50:66:19:c5:b4:
05:73:45:3e:f5:7b:c8:b5:09:73:76:9b:4a:6b:71:de:58:92:
b5:6d:a3:be:d1:d4:b2:27:41:ff:54:fe:9e:73:7b:f3:b9:f7:
88:3b:14:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVylgG80rgp7ujiS9gmK7tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTI4NTRhODQwMGQ4Yzg3ZWE0ZGU3YTIyZmRmMWJmNTc0
YTkwMzEwHhcNMjMwMTAyMTMwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZlMTEzZjE2ZGIxMDg4N2ZjYWYxYjUxNTljZWJiZTFiMDg2ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgja+I4uXQiqwgtLu8SIdT6Lzq5VE
oYtQATYE/vEA7knRL6ZQCcplQMKedOuCzN8YFZOQxJHsa+46gSUjADJgukKqrR0H
PmsTLktU3JtrlPnc/VCy/FchxR1bpFHiz59rZ0wWYjrAv3qL5O+kZ3zFl9B7qv90
9lZefzJXmGemUbMaySfz+FyrUHnONdH2HF9ExdQXsepg/p1Rhh9SFjjNcvFSezqZ
idIq0h7Lx6NO1xkFytHL+7hdaRCiswHG3DLmOI+pK0XpvPEUC0MjW9xoEJegFD1G
ssh72S4DIAX/Mz9xsvHhm2qxot0a0XtrzTmDt8JzIkxq8PHQIj+k2gPfuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHVuET8W2xCIf8rxtRWc674bCGhnMB8GA1UdIwQY
MBaAFDoShUqEANjIfqTeeiL98b9XSpAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMt
NjgyOWQ2OGUyYTU0LzEvZFc0UlB4YmJFSWhfeXZHMUZaenJ2aHNJYUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMtNjgyOWQ2OGUyYTU0
LzEvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAm0
MA0GCSqGSIb3DQEBCwUAA4IBAQCfDkpb+1hVrVQQ90tAwxrvpIUFn9WuXEhcH94R
fgk4Q4rb/4OnKxM81cMrt8ZSDbXw2goIU4oUFmXsjgrJW0tqjf+flyeUfGVkagQs
Zdqw/xMVWyre/9yg6G0zcqxa9hOjHemoKyB35LzIXt78leKEowUGMxLVh0Mgjc3m
C4MQ3RpagiWZOCQKZVqqxS15fcSot6ujcbOhSKl80v7nRinuZuuNIFG3HgkijQ59
R5IaLt5I/6qq00c35/AEMegKMOnC1a321xQLCsgtI1qKg1p9hhMuUGYZxbQFc0U+
9XvItQlzdptKa3HeWJK1baO+0dSyJ0H/VP6ec3vzufeIOxQt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:26 2025 by rpki-client