Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/04dnD0U9yn1k_0vV4yc8_n-xOc4.roa
File: 04dnD0U9yn1k_0vV4yc8_n-xOc4.roa (raw, json)
Hash identifier: xtNysGTDG5M1g3mP0mc77530hnb0X15Q6Na+ibke1UQ=
Subject key identifier: D3:87:67:0F:45:3D:CA:7D:64:FF:4B:D5:E3:27:3C:FE:7F:B1:39:CE
Certificate issuer: /CN=96448e840d272a3e3159192d1df11f100e506f6a
Certificate serial: 0188B533FDA5BC0159E9452A2742AA133B3B
Authority key identifier: 96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/04dnD0U9yn1k_0vV4yc8_n-xOc4.roa
Signing time: Tue 13 Jun 2023 14:41:03 +0000
ROA not before: Tue 13 Jun 2023 14:41:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2001:67c:634::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:33:fd:a5:bc:01:59:e9:45:2a:27:42:aa:13:3b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96448e840d272a3e3159192d1df11f100e506f6a
Validity
Not Before: Jun 13 14:41:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d387670f453dca7d64ff4bd5e3273cfe7fb139ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:89:fb:35:dc:25:17:d4:6e:70:38:ec:69:83:
66:21:69:d0:25:2c:e4:a1:23:4e:fd:3e:b4:a5:b2:
10:08:94:c2:c2:9a:c9:c9:29:21:a5:b6:25:e3:44:
fe:18:9b:e3:56:81:81:ab:1c:dc:03:37:3c:2b:a4:
35:e6:4c:82:f4:fb:43:dd:2b:14:e7:1f:31:31:21:
3c:93:a4:db:86:cb:15:38:2f:21:99:6f:29:60:0a:
43:5a:f8:f8:a3:65:37:35:c4:fc:48:d2:15:a1:4b:
c4:d4:91:28:90:9b:7c:a7:7f:c6:b9:92:14:b7:de:
ae:94:f7:d5:7d:05:a7:46:b7:63:56:af:4a:46:54:
22:46:a7:43:0f:b2:60:db:82:65:de:f0:62:13:a6:
44:72:69:7b:13:48:fa:96:09:dd:3f:08:6a:eb:19:
a5:eb:b5:36:95:df:16:2f:23:26:a7:98:e2:76:67:
24:8c:47:9c:98:d2:18:52:a5:ad:3f:93:99:db:05:
bf:b9:f0:9f:49:e1:ae:f3:ae:ce:ff:f5:21:59:10:
20:00:5d:6d:99:f4:6b:98:cf:2a:00:3c:bc:ab:9c:
91:35:34:52:39:4a:d3:62:48:88:0c:1d:4f:22:7f:
83:f7:be:e2:9e:7b:3a:00:e9:58:5a:6d:41:7a:97:
6d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:87:67:0F:45:3D:CA:7D:64:FF:4B:D5:E3:27:3C:FE:7F:B1:39:CE
X509v3 Authority Key Identifier:
keyid:96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/04dnD0U9yn1k_0vV4yc8_n-xOc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:634::/48
Signature Algorithm: sha256WithRSAEncryption
05:34:1b:4d:30:f8:d5:c2:e9:37:81:78:5c:81:86:77:3e:43:
cb:c6:43:ca:db:8c:d1:1a:11:48:32:04:d9:52:e2:69:7f:19:
37:74:6b:fc:04:e9:61:4b:99:14:85:49:f1:7e:42:75:24:46:
fd:ee:9a:96:74:77:7b:33:ba:8b:2f:d2:f3:fa:c9:82:c8:fa:
06:d3:a6:c8:f4:fe:2a:db:2b:70:9c:06:10:ff:06:72:83:66:
e1:7a:d1:07:73:ef:3b:bc:36:1d:14:2a:96:64:33:23:bf:9b:
e7:c9:1e:c7:a2:66:8f:71:35:46:e2:a4:e9:0d:21:d8:2f:31:
b1:1f:45:f7:e9:f2:24:9f:b3:87:70:8c:2e:50:4d:f1:c9:76:
8c:36:81:51:a7:e4:21:e2:07:bc:0d:05:a7:14:5b:c7:74:6c:
b9:45:a3:68:d5:40:dd:ee:8d:78:ce:70:b1:4d:c3:b0:87:eb:
59:1a:7b:07:77:05:35:07:86:d4:4a:c4:e2:38:9b:67:33:78:
23:ef:05:c0:95:2d:e9:61:fa:9d:ab:5b:eb:da:a4:56:b4:ce:
58:b5:50:b1:b9:36:41:b3:15:3a:d2:96:0c:6e:3c:c0:9f:bd:
1a:f8:a2:e5:59:39:82:14:7d:b4:59:98:a8:ee:90:78:4a:cc:
f4:d8:8b:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYi1M/2lvAFZ6UUqJ0KqEzs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NDQ4ZTg0MGQyNzJhM2UzMTU5MTkyZDFkZjExZjEwMGU1
MDZmNmEwHhcNMjMwNjEzMTQ0MTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg3NjcwZjQ1M2RjYTdkNjRmZjRiZDVlMzI3M2NmZTdmYjEzOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1on7NdwlF9RucDjsaYNmIWnQJSzk
oSNO/T60pbIQCJTCwprJySkhpbYl40T+GJvjVoGBqxzcAzc8K6Q15kyC9PtD3SsU
5x8xMSE8k6TbhssVOC8hmW8pYApDWvj4o2U3NcT8SNIVoUvE1JEokJt8p3/GuZIU
t96ulPfVfQWnRrdjVq9KRlQiRqdDD7Jg24Jl3vBiE6ZEcml7E0j6lgndPwhq6xml
67U2ld8WLyMmp5jidmckjEecmNIYUqWtP5OZ2wW/ufCfSeGu867O//UhWRAgAF1t
mfRrmM8qADy8q5yRNTRSOUrTYkiIDB1PIn+D977inns6AOlYWm1Bepdt1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNOHZw9FPcp9ZP9L1eMnPP5/sTnOMB8GA1UdIwQY
MBaAFJZEjoQNJyo+MVkZLR3xHxAOUG9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYt
MTZhZmJhOTg3YjA2LzEvMDRkbkQwVTl5bjFrXzB2VjR5Yzhfbi14T2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYtMTZhZmJhOTg3YjA2
LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAY0
MA0GCSqGSIb3DQEBCwUAA4IBAQAFNBtNMPjVwuk3gXhcgYZ3PkPLxkPK24zRGhFI
MgTZUuJpfxk3dGv8BOlhS5kUhUnxfkJ1JEb97pqWdHd7M7qLL9Lz+smCyPoG06bI
9P4q2ytwnAYQ/wZyg2bhetEHc+87vDYdFCqWZDMjv5vnyR7HomaPcTVG4qTpDSHY
LzGxH0X36fIkn7OHcIwuUE3xyXaMNoFRp+Qh4ge8DQWnFFvHdGy5RaNo1UDd7o14
znCxTcOwh+tZGnsHdwU1B4bUSsTiOJtnM3gj7wXAlS3pYfqdq1vr2qRWtM5YtVCx
uTZBsxU60pYMbjzAn70a+KLlWTmCFH20WZio7pB4Ssz02Iu7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:09 2025 by rpki-client