Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/XDjsJfLLqv2kfubacG7vAjdPcfk.roa
File: XDjsJfLLqv2kfubacG7vAjdPcfk.roa (raw, json)
Hash identifier: Mmvkio03h3Ffc+U788sJ6GLUKu3ctQTU/G6YUiapE6A=
Subject key identifier: 5C:38:EC:25:F2:CB:AA:FD:A4:7E:E6:DA:70:6E:EF:02:37:4F:71:F9
Certificate issuer: /CN=f95d39e5b6890a46c8ce5c9037e6d26365e857bc
Certificate serial: 0183C2A8289055A48FCB86C140484E901785
Authority key identifier: F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-V055baJCkbIzlyQN-bSY2XoV7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/XDjsJfLLqv2kfubacG7vAjdPcfk.roa
Signing time: Mon 10 Oct 2022 16:09:03 +0000
ROA not before: Mon 10 Oct 2022 16:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213027
IP address blocks: 2001:678:f70::/48 maxlen: 48
2001:678:f74::/48 maxlen: 48
2a11:a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:a8:28:90:55:a4:8f:cb:86:c1:40:48:4e:90:17:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f95d39e5b6890a46c8ce5c9037e6d26365e857bc
Validity
Not Before: Oct 10 16:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c38ec25f2cbaafda47ee6da706eef02374f71f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:24:c9:7e:5e:02:33:90:f6:12:b0:96:72:2c:
de:62:6e:f9:23:29:68:d9:17:bc:11:87:6c:cc:53:
cc:0b:81:9b:36:c6:d4:6c:16:f4:d8:a8:82:10:47:
e7:af:b3:e4:91:bd:00:c6:4d:38:e0:c1:e9:bc:15:
40:77:62:41:37:95:b4:12:24:d3:56:11:87:2f:b5:
7b:18:7e:12:58:fa:62:40:da:4e:54:a9:71:c2:5c:
d5:38:56:a5:05:94:d5:7c:d2:17:97:c0:5a:ef:04:
9c:40:6e:74:0c:45:6f:fd:44:66:83:44:5f:4a:11:
37:e3:a1:89:96:6d:5c:f5:df:c9:b3:a0:80:90:db:
b2:22:0b:13:ee:77:1d:40:3e:44:9c:b9:8f:e4:5d:
6c:1b:f8:b6:cc:5c:b2:e4:36:7b:4a:85:62:7a:15:
6d:8e:ef:f2:19:ad:32:ec:1a:86:58:39:02:b3:94:
59:07:7b:c2:32:e9:b4:6b:bc:e2:3a:3f:a8:d8:49:
1b:a1:27:bb:02:63:9a:f7:52:eb:3a:91:11:99:af:
bf:19:68:66:33:46:52:33:1b:62:51:e9:f8:f2:7a:
d5:c5:fa:17:38:ee:34:5e:67:7d:30:0b:d0:b1:79:
28:6a:c1:e3:01:0b:2e:3a:d6:f4:96:51:a2:b4:83:
c8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:38:EC:25:F2:CB:AA:FD:A4:7E:E6:DA:70:6E:EF:02:37:4F:71:F9
X509v3 Authority Key Identifier:
keyid:F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-V055baJCkbIzlyQN-bSY2XoV7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/XDjsJfLLqv2kfubacG7vAjdPcfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/1-V055baJCkbIzlyQN-bSY2XoV7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f70::/48
2001:678:f74::/48
2a11:a00::/29
Signature Algorithm: sha256WithRSAEncryption
b2:6e:47:46:70:72:86:d0:8e:9e:31:35:93:1b:cb:ac:c4:e0:
8d:8a:58:7a:a0:3a:3b:bb:77:1c:bb:25:34:ec:9d:96:54:12:
cd:c0:e0:20:c9:52:b8:f2:32:6c:57:d2:60:66:61:96:f7:ba:
c3:32:18:4e:4e:70:aa:7e:e1:0b:3b:08:01:1d:63:f8:dc:64:
8c:78:75:be:7c:2b:09:8b:2b:4d:fb:9d:3b:8c:62:ad:54:7a:
a7:29:21:43:cf:be:b0:02:5c:1f:c6:27:38:c8:55:c6:ab:26:
72:63:0e:48:d3:29:3a:d1:77:5c:ea:c5:71:9e:b3:96:cd:d8:
f7:7b:7b:e4:fb:ad:fb:b0:19:28:90:d0:56:30:28:4e:9c:95:
92:3e:ea:7d:0c:bf:1a:bd:05:d3:12:20:51:45:95:ed:b7:0d:
7b:bb:49:bb:ca:0f:ef:4c:77:b0:a0:27:1b:c8:4a:eb:3a:e6:
37:ab:1f:e7:3a:8f:10:af:9d:23:5a:20:cb:40:14:21:79:7e:
7d:9b:55:04:9a:4a:77:de:ce:30:b6:97:e8:4b:2f:ee:18:1e:
4a:5e:0b:54:d9:7e:5c:5c:17:9a:70:de:b5:67:be:ce:ae:a1:
db:45:f8:89:8f:e7:07:03:d7:70:99:6c:c5:51:cb:d6:c6:ed:
b9:eb:96:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYPCqCiQVaSPy4bBQEhOkBeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NWQzOWU1YjY4OTBhNDZjOGNlNWM5MDM3ZTZkMjYzNjVl
ODU3YmMwHhcNMjIxMDEwMTYwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM4ZWMyNWYyY2JhYWZkYTQ3ZWU2ZGE3MDZlZWYwMjM3NGY3MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSTJfl4CM5D2ErCWcizeYm75Iylo
2Re8EYdszFPMC4GbNsbUbBb02KiCEEfnr7Pkkb0Axk044MHpvBVAd2JBN5W0EiTT
VhGHL7V7GH4SWPpiQNpOVKlxwlzVOFalBZTVfNIXl8Ba7wScQG50DEVv/URmg0Rf
ShE346GJlm1c9d/Js6CAkNuyIgsT7ncdQD5EnLmP5F1sG/i2zFyy5DZ7SoViehVt
ju/yGa0y7BqGWDkCs5RZB3vCMum0a7ziOj+o2EkboSe7AmOa91LrOpERma+/GWhm
M0ZSMxtiUen48nrVxfoXOO40Xmd9MAvQsXkoasHjAQsuOtb0llGitIPIqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFw47CXyy6r9pH7m2nBu7wI3T3H5MB8GA1UdIwQY
MBaAFPldOeW2iQpGyM5ckDfm0mNl6Fe8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WMDU1YmFKQ2tiSXpseVFOLWJTWTJYb1Y3dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvYzMyMDZhLTljMTYtNDUyNy04Yjg5
LTZlOGRjYmFlYWY3Zi8xL1hEanNKZkxMcXYya2Z1YmFjRzd2QWpkUGNmay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvYzMyMDZhLTljMTYtNDUyNy04Yjg5LTZlOGRjYmFlYWY3
Zi8xLzEtVjA1NWJhSkNrYkl6bHlRTi1iU1kyWG9WN3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMgYIKwYBBQUHAQcBAf8EIzAhMB8EAgACMBkDBwAgAQZ4
D3ADBwAgAQZ4D3QDBQMqEQoAMA0GCSqGSIb3DQEBCwUAA4IBAQCybkdGcHKG0I6e
MTWTG8usxOCNilh6oDo7u3ccuyU07J2WVBLNwOAgyVK48jJsV9JgZmGW97rDMhhO
TnCqfuELOwgBHWP43GSMeHW+fCsJiytN+507jGKtVHqnKSFDz76wAlwfxic4yFXG
qyZyYw5I0yk60Xdc6sVxnrOWzdj3e3vk+637sBkokNBWMChOnJWSPup9DL8avQXT
EiBRRZXttw17u0m7yg/vTHewoCcbyErrOuY3qx/nOo8Qr50jWiDLQBQheX59m1UE
mkp33s4wtpfoSy/uGB5KXgtU2X5cXBeacN61Z77OrqHbRfiJj+cHA9dwmWzFUcvW
xu2565a0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:17 2025 by rpki-client