Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/i2pVWHTgHtPaGZFQ1FQnC31PkTA.roa
File: i2pVWHTgHtPaGZFQ1FQnC31PkTA.roa (raw, json)
Hash identifier: 4Nv3ZsU2ZqUNo68a9JrAO4/Whj6Nz0esdjtzdTj0oas=
Subject key identifier: 8B:6A:55:58:74:E0:1E:D3:DA:19:91:50:D4:54:27:0B:7D:4F:91:30
Certificate issuer: /CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Certificate serial: 01856F42BCB10F7E3857FA3205C62637BAD7
Authority key identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/i2pVWHTgHtPaGZFQ1FQnC31PkTA.roa
Signing time: Sun 01 Jan 2023 21:35:22 +0000
ROA not before: Sun 01 Jan 2023 21:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206321
IP address blocks: 2001:67c:2d2c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:bc:b1:0f:7e:38:57:fa:32:05:c6:26:37:ba:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Validity
Not Before: Jan 1 21:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b6a555874e01ed3da199150d454270b7d4f9130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:46:db:98:1e:25:c6:b8:30:97:8b:78:d4:
ad:ad:5c:49:09:bb:82:58:68:a0:43:af:1b:fb:f6:
7d:ed:bf:12:b7:60:38:b0:1f:b7:65:87:4b:a2:af:
ed:9a:b9:13:38:b7:91:57:25:6e:ea:78:e3:a0:2d:
16:38:d7:14:f4:b0:cd:c9:e5:69:da:d9:3a:8d:1f:
1a:d2:4c:f7:b5:da:14:16:9b:b5:3d:21:8c:74:67:
5a:05:24:d9:9e:25:c2:23:00:7d:40:36:5d:96:4a:
41:9e:65:85:50:d3:8e:7a:05:48:7a:8c:fc:87:62:
31:1a:34:8c:28:a8:53:27:d1:9e:24:bb:0c:35:26:
aa:6c:14:9e:c5:78:ca:d4:8e:10:fc:51:a4:20:c8:
ea:71:bf:dc:37:f9:79:a5:33:9c:f5:bc:8c:5d:a1:
d8:6f:44:af:90:75:cd:db:90:f8:fd:88:a7:57:32:
9d:1c:73:ee:97:77:9b:9c:d6:54:ac:57:70:19:bc:
f5:09:18:57:4f:97:1e:2a:f7:59:22:e0:fe:5e:10:
b1:c5:52:0b:bf:e6:f0:f4:e8:b4:de:3c:ea:94:2e:
fc:0b:53:cb:e7:77:84:c5:48:b8:12:8e:35:b1:70:
87:a5:6b:fa:73:78:f9:33:63:eb:38:36:0e:fd:6d:
d1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6A:55:58:74:E0:1E:D3:DA:19:91:50:D4:54:27:0B:7D:4F:91:30
X509v3 Authority Key Identifier:
keyid:9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/i2pVWHTgHtPaGZFQ1FQnC31PkTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d2c::/48
Signature Algorithm: sha256WithRSAEncryption
6a:69:3f:72:23:3c:ec:c8:20:17:12:f4:7f:0f:bf:20:48:84:
ac:67:2f:ef:28:ee:5c:a4:dc:21:bb:74:65:d5:c9:69:ae:fc:
6c:0e:c4:54:80:ed:85:db:cb:c4:83:9f:6c:ac:07:c5:5d:b7:
be:16:53:6c:06:b9:1f:1a:58:a8:ee:d8:ad:28:8f:91:2e:c5:
52:91:3f:00:ce:a5:a0:c1:9c:48:c3:1a:06:48:df:d9:84:8b:
ed:09:39:46:e7:c4:c2:2c:4a:50:a2:2f:18:bd:86:6d:b9:8a:
da:ca:8f:94:ea:dc:cf:d0:39:c4:8a:48:0a:e5:65:08:46:89:
9e:c6:91:d2:a6:7a:13:06:70:70:6c:5d:ed:b4:1b:d3:e0:2a:
8e:95:41:0e:d7:28:8d:c4:24:dd:dd:74:cd:8e:58:b5:0c:a7:
9c:52:17:42:6c:45:6c:6f:c1:43:2b:56:e8:52:29:66:c4:16:
0a:f8:eb:fe:fc:81:da:03:8d:6c:cd:ce:c9:f6:4c:a0:eb:22:
47:bc:6c:81:c5:b6:28:ef:16:06:67:23:e4:da:08:30:c2:00:
7d:7f:4e:66:8c:04:17:40:6a:78:37:f2:9e:c2:d1:8a:04:56:
33:88:fe:db:e0:9b:86:5d:17:6e:e3:63:36:a8:46:f6:71:fe:
78:b4:cb:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQryxD344V/oyBcYmN7rXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjRlODBiNGNhZDRlNTBiNzg4ZWRmMTY5NzY3MTJkZWVm
ZjZjMGQwHhcNMjMwMTAxMjEzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjZhNTU1ODc0ZTAxZWQzZGExOTkxNTBkNDU0MjcwYjdkNGY5MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreRG25geJca4MJeLeNStrVxJCbuC
WGigQ68b+/Z97b8St2A4sB+3ZYdLoq/tmrkTOLeRVyVu6njjoC0WONcU9LDNyeVp
2tk6jR8a0kz3tdoUFpu1PSGMdGdaBSTZniXCIwB9QDZdlkpBnmWFUNOOegVIeoz8
h2IxGjSMKKhTJ9GeJLsMNSaqbBSexXjK1I4Q/FGkIMjqcb/cN/l5pTOc9byMXaHY
b0SvkHXN25D4/YinVzKdHHPul3ebnNZUrFdwGbz1CRhXT5ceKvdZIuD+XhCxxVIL
v+bw9Oi03jzqlC78C1PL53eExUi4Eo41sXCHpWv6c3j5M2PrODYO/W3RbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFItqVVh04B7T2hmRUNRUJwt9T5EwMB8GA1UdIwQY
MBaAFJ306AtMrU5Qt4jt8Wl2cS3u/2wNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zNDAxMWQtMDFiZi00OGExLWE4YzMt
YzlmYzVmNDUyOTk1LzEvaTJwVldIVGdIdFBhR1pGUTFGUW5DMzFQa1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zNDAxMWQtMDFiZi00OGExLWE4YzMtYzlmYzVmNDUyOTk1
LzEvbmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0s
MA0GCSqGSIb3DQEBCwUAA4IBAQBqaT9yIzzsyCAXEvR/D78gSISsZy/vKO5cpNwh
u3Rl1clprvxsDsRUgO2F28vEg59srAfFXbe+FlNsBrkfGlio7titKI+RLsVSkT8A
zqWgwZxIwxoGSN/ZhIvtCTlG58TCLEpQoi8YvYZtuYrayo+U6tzP0DnEikgK5WUI
RomexpHSpnoTBnBwbF3ttBvT4CqOlUEO1yiNxCTd3XTNjli1DKecUhdCbEVsb8FD
K1boUilmxBYK+Ov+/IHaA41szc7J9kyg6yJHvGyBxbYo7xYGZyPk2ggwwgB9f05m
jAQXQGp4N/KewtGKBFYziP7b4JuGXRdu42M2qEb2cf54tMtD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:15 2025 by rpki-client