Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/6_VkXhy34qmQ04T0WqOfpV6AIok.roa
File: 6_VkXhy34qmQ04T0WqOfpV6AIok.roa (raw, json)
Hash identifier: XeRKhu+N0FZwu5Ye7GgyutDtDearLfmODUD70lb5TZU=
Subject key identifier: EB:F5:64:5E:1C:B7:E2:A9:90:D3:84:F4:5A:A3:9F:A5:5E:80:22:89
Certificate issuer: /CN=77e8bbf8643abd62ff3f42bec4c0b2db977596d7
Certificate serial: 01828D9533836D3F3C4B4753C781AB04F718
Authority key identifier: 77:E8:BB:F8:64:3A:BD:62:FF:3F:42:BE:C4:C0:B2:DB:97:75:96:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-i7-GQ6vWL_P0K-xMCy25d1ltc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/6_VkXhy34qmQ04T0WqOfpV6AIok.roa
Signing time: Thu 11 Aug 2022 15:45:41 +0000
ROA not before: Thu 11 Aug 2022 15:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56595
IP address blocks: 2001:67c:74c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:95:33:83:6d:3f:3c:4b:47:53:c7:81:ab:04:f7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e8bbf8643abd62ff3f42bec4c0b2db977596d7
Validity
Not Before: Aug 11 15:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebf5645e1cb7e2a990d384f45aa39fa55e802289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:26:0c:f6:95:79:70:c4:38:0b:ab:fe:61:
0c:25:f0:f1:0c:65:26:85:37:b8:7e:1d:9b:0a:fc:
7a:03:dd:62:72:bf:b4:a2:bb:29:26:3f:e2:13:40:
af:dd:3d:4e:6b:fe:3b:3b:3c:b6:77:03:72:f0:91:
fc:dc:3b:de:99:72:6f:cd:c3:8b:ad:52:08:61:a9:
60:ae:84:a9:52:bf:15:7c:a0:4f:97:1d:55:45:41:
a3:cd:c4:de:a2:c0:de:f7:8f:47:44:2a:34:89:2e:
f2:bf:ab:ed:a8:87:32:13:96:59:ae:58:91:0c:4d:
8a:55:54:2a:ee:ae:dc:ba:19:ba:69:77:ba:df:8c:
ce:97:2f:74:6b:7e:a9:32:08:94:49:5b:fa:65:9c:
71:43:cd:dd:30:6d:54:d0:e2:6d:3d:bc:f1:07:c2:
fa:18:04:38:83:0d:a1:64:24:d6:69:a4:d2:7b:c4:
09:e4:1c:db:75:93:37:2b:fe:fd:41:32:c0:51:3a:
74:7a:69:fa:e1:38:56:41:63:97:34:0a:87:6e:68:
87:a9:07:cf:e4:0b:23:4f:ff:58:35:8c:e0:fa:99:
55:67:99:33:c9:02:6c:8f:ed:81:fd:73:09:13:44:
33:b9:5e:73:64:5a:07:a6:d6:b2:b9:a9:11:76:fc:
74:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F5:64:5E:1C:B7:E2:A9:90:D3:84:F4:5A:A3:9F:A5:5E:80:22:89
X509v3 Authority Key Identifier:
keyid:77:E8:BB:F8:64:3A:BD:62:FF:3F:42:BE:C4:C0:B2:DB:97:75:96:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-i7-GQ6vWL_P0K-xMCy25d1ltc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/6_VkXhy34qmQ04T0WqOfpV6AIok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/d-i7-GQ6vWL_P0K-xMCy25d1ltc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:74c::/48
Signature Algorithm: sha256WithRSAEncryption
9f:39:92:74:42:89:c8:df:3a:8f:3f:68:74:c4:30:70:12:58:
bd:58:58:e2:3e:f8:62:e6:1d:e8:41:d7:b9:65:74:96:d8:c6:
04:83:d5:e6:23:ac:9c:ef:ab:3f:5d:9f:27:37:6a:cd:86:89:
e2:c7:f8:ce:36:12:bd:bc:5b:09:45:79:cd:87:7c:5a:9c:4c:
d4:0f:5f:f4:b6:cc:19:05:57:89:b7:b4:65:03:06:61:ae:b2:
05:36:a6:e7:7f:87:c1:9f:2d:22:a8:9b:22:4a:92:90:a0:e7:
ec:b3:c8:98:e1:83:57:43:17:45:b1:a3:86:ce:9f:8e:66:b8:
61:f8:3c:7b:a8:74:83:6d:87:90:23:5c:78:ef:bd:6c:cc:36:
e1:c0:a2:26:a0:01:51:17:df:a3:6d:02:19:67:09:f5:94:9b:
07:bc:e5:b4:06:46:c7:ce:02:54:b6:88:f7:d2:d8:d3:d4:aa:
72:50:fc:6f:62:4c:20:9b:c8:5a:e9:d8:79:a8:d2:69:68:51:
22:da:77:8d:73:da:40:3f:f9:18:71:19:74:7c:da:67:4c:d8:
91:b1:68:d1:fb:4d:6b:1f:b2:3e:a3:28:0e:cf:60:a9:9a:0f:
81:67:51:27:41:b1:47:f6:6f:e2:d7:e2:60:44:65:0c:98:2d:
af:26:f8:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYKNlTODbT88S0dTx4GrBPcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZThiYmY4NjQzYWJkNjJmZjNmNDJiZWM0YzBiMmRiOTc3
NTk2ZDcwHhcNMjIwODExMTU0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmY1NjQ1ZTFjYjdlMmE5OTBkMzg0ZjQ1YWEzOWZhNTVlODAyMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxsmDPaVeXDEOAur/mEMJfDxDGUm
hTe4fh2bCvx6A91icr+0orspJj/iE0Cv3T1Oa/47Ozy2dwNy8JH83DvemXJvzcOL
rVIIYalgroSpUr8VfKBPlx1VRUGjzcTeosDe949HRCo0iS7yv6vtqIcyE5ZZrliR
DE2KVVQq7q7cuhm6aXe634zOly90a36pMgiUSVv6ZZxxQ83dMG1U0OJtPbzxB8L6
GAQ4gw2hZCTWaaTSe8QJ5BzbdZM3K/79QTLAUTp0emn64ThWQWOXNAqHbmiHqQfP
5AsjT/9YNYzg+plVZ5kzyQJsj+2B/XMJE0QzuV5zZFoHptayuakRdvx0bwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOv1ZF4ct+KpkNOE9Fqjn6VegCKJMB8GA1UdIwQY
MBaAFHfou/hkOr1i/z9CvsTAstuXdZbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1pNy1HUTZ2V0xfUDBLLXhNQ3kyNWQxbHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iODcwZTctN2YxZS00OWNlLWIxZjkt
NDRjY2QxYjUxZjEwLzEvNl9Wa1hoeTM0cW1RMDRUMFdxT2ZwVjZBSW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iODcwZTctN2YxZS00OWNlLWIxZjktNDRjY2QxYjUxZjEw
LzEvZC1pNy1HUTZ2V0xfUDBLLXhNQ3kyNWQxbHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAdM
MA0GCSqGSIb3DQEBCwUAA4IBAQCfOZJ0QonI3zqPP2h0xDBwEli9WFjiPvhi5h3o
Qde5ZXSW2MYEg9XmI6yc76s/XZ8nN2rNhonix/jONhK9vFsJRXnNh3xanEzUD1/0
tswZBVeJt7RlAwZhrrIFNqbnf4fBny0iqJsiSpKQoOfss8iY4YNXQxdFsaOGzp+O
Zrhh+Dx7qHSDbYeQI1x4771szDbhwKImoAFRF9+jbQIZZwn1lJsHvOW0BkbHzgJU
toj30tjT1KpyUPxvYkwgm8ha6dh5qNJpaFEi2neNc9pAP/kYcRl0fNpnTNiRsWjR
+01rH7I+oygOz2Cpmg+BZ1EnQbFH9m/i1+JgRGUMmC2vJvi/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:00 2025 by rpki-client