Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/nDPT6pQkUDG6kIFE5nob7dy8HoQ.roa
File: nDPT6pQkUDG6kIFE5nob7dy8HoQ.roa (raw, json)
Hash identifier: E2LDvHmIJcUNgozBhfmBwWXolik5K6yWEXZU+w8h+wM=
Subject key identifier: 9C:33:D3:EA:94:24:50:31:BA:90:81:44:E6:7A:1B:ED:DC:BC:1E:84
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 018675539428BD8025F25FD82ED7C26C2568
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/nDPT6pQkUDG6kIFE5nob7dy8HoQ.roa
Signing time: Tue 21 Feb 2023 18:54:17 +0000
ROA not before: Tue 21 Feb 2023 18:54:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208046
IP address blocks: 2001:67c:9b0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:53:94:28:bd:80:25:f2:5f:d8:2e:d7:c2:6c:25:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Feb 21 18:54:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c33d3ea94245031ba908144e67a1beddcbc1e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:e6:af:b8:be:cd:a1:d3:5b:14:22:4c:61:
07:70:0a:4c:5b:38:e2:c6:5d:03:53:7f:4b:6f:14:
d8:45:2f:d1:eb:1a:c3:ee:d2:47:7c:ef:97:cb:b7:
15:2d:01:90:34:5c:92:56:fa:71:7f:83:d5:e2:36:
5a:6a:05:ae:49:64:9f:70:e6:a4:e1:2f:9a:f6:a4:
24:df:c1:12:8e:aa:80:b6:cd:18:3e:e8:8d:d7:e3:
aa:40:57:e9:56:05:0e:04:7f:cf:ef:43:e9:75:92:
58:09:da:c0:08:2d:68:3f:26:1d:db:be:06:73:42:
33:e7:97:b9:af:96:1e:82:66:39:b6:08:de:cb:9c:
6d:ee:eb:65:c6:25:f5:f4:74:e1:5a:b1:d2:d0:e1:
7c:f4:23:cf:96:de:fe:64:e0:7e:8c:9b:26:b5:5d:
6c:a9:b7:cd:09:16:53:03:0c:fe:d5:a9:24:80:39:
e2:d4:b6:e3:63:dd:af:57:0c:8a:2b:29:b1:12:92:
0a:26:7b:a4:d7:00:fd:c9:a6:e3:60:16:2f:67:88:
9c:95:92:9d:a0:45:0a:3d:df:aa:41:30:8f:24:04:
28:42:00:bb:dd:2c:4a:dc:77:dd:3a:0c:4b:ab:ae:
c9:b8:ce:23:1e:31:e3:40:a3:16:57:08:6d:18:4b:
46:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:33:D3:EA:94:24:50:31:BA:90:81:44:E6:7A:1B:ED:DC:BC:1E:84
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/nDPT6pQkUDG6kIFE5nob7dy8HoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9b0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:eb:77:d6:9f:a0:c8:37:45:29:8a:dc:48:6a:3a:32:76:5f:
8c:54:7a:b3:c5:85:48:06:3e:a6:c2:73:f2:64:31:06:f4:c4:
c2:08:a9:88:70:78:b9:ab:9b:d9:63:0d:2f:70:e5:bd:65:5e:
39:e3:a8:39:22:ed:21:61:18:17:5a:64:58:b3:e1:9d:9d:a9:
01:bd:f1:26:71:28:32:76:f2:cc:f5:3a:43:00:bc:44:c6:12:
74:07:2d:e8:06:c9:be:a6:c3:94:fd:ec:1e:d3:f1:cc:04:00:
a1:59:67:de:51:ee:fc:94:b3:f6:35:d5:c5:01:cc:f2:db:61:
62:9a:d9:82:d8:03:67:2f:4f:2c:1f:b6:dd:65:b6:9a:bb:73:
2e:56:1c:e8:04:8a:39:d5:6f:99:42:52:7e:a3:7a:59:c1:95:
e2:4e:1a:da:14:ce:c3:57:e7:88:46:d8:68:0b:38:50:a2:46:
95:e6:e6:e5:dc:09:dc:d7:dc:4d:31:67:15:4d:06:ee:68:1a:
d0:3c:cd:63:7a:71:8a:5d:4d:27:cd:86:4e:aa:72:d2:23:7e:
27:f8:67:be:a4:95:f6:3e:e7:bb:c9:c8:f4:9f:ac:7f:6a:8d:
48:91:bd:f5:c5:13:29:31:35:a0:ed:d5:5a:68:5d:fd:e3:f0:
23:b4:ca:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZ1U5QovYAl8l/YLtfCbCVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjMwMjIxMTg1NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzMzZDNlYTk0MjQ1MDMxYmE5MDgxNDRlNjdhMWJlZGRjYmMxZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrvmr7i+zaHTWxQiTGEHcApMWzji
xl0DU39LbxTYRS/R6xrD7tJHfO+Xy7cVLQGQNFySVvpxf4PV4jZaagWuSWSfcOak
4S+a9qQk38ESjqqAts0YPuiN1+OqQFfpVgUOBH/P70PpdZJYCdrACC1oPyYd274G
c0Iz55e5r5YegmY5tgjey5xt7utlxiX19HThWrHS0OF89CPPlt7+ZOB+jJsmtV1s
qbfNCRZTAwz+1akkgDni1LbjY92vVwyKKymxEpIKJnuk1wD9yabjYBYvZ4iclZKd
oEUKPd+qQTCPJAQoQgC73SxK3HfdOgxLq67JuM4jHjHjQKMWVwhtGEtGqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJwz0+qUJFAxupCBROZ6G+3cvB6EMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEvbkRQVDZwUWtVREc2a0lGRTVub2I3ZHk4SG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmw
MA0GCSqGSIb3DQEBCwUAA4IBAQA963fWn6DIN0UpitxIajoydl+MVHqzxYVIBj6m
wnPyZDEG9MTCCKmIcHi5q5vZYw0vcOW9ZV4546g5Iu0hYRgXWmRYs+GdnakBvfEm
cSgydvLM9TpDALxExhJ0By3oBsm+psOU/ewe0/HMBAChWWfeUe78lLP2NdXFAczy
22FimtmC2ANnL08sH7bdZbaau3MuVhzoBIo51W+ZQlJ+o3pZwZXiThraFM7DV+eI
RthoCzhQokaV5ubl3Anc19xNMWcVTQbuaBrQPM1jenGKXU0nzYZOqnLSI34n+Ge+
pJX2Pue7ycj0n6x/ao1Ikb31xRMpMTWg7dVaaF394/AjtMoz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:02 2025 by rpki-client