Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/umM6uXglrsuNMfM2vTEfoKUGo6Q.roa
File: umM6uXglrsuNMfM2vTEfoKUGo6Q.roa (raw, json)
Hash identifier: jSCC8P/ovp8xGOvFALCWE3mDj7rqLor/yKmWhqX2bAU=
Subject key identifier: BA:63:3A:B9:78:25:AE:CB:8D:31:F3:36:BD:31:1F:A0:A5:06:A3:A4
Certificate issuer: /CN=f2023e76a68ea6c9f70d3ea72df84e53dc21724f
Certificate serial: 01856E01E4D364BFC49D1B615436739DADDD
Authority key identifier: F2:02:3E:76:A6:8E:A6:C9:F7:0D:3E:A7:2D:F8:4E:53:DC:21:72:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gI-dqaOpsn3DT6nLfhOU9whck8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/umM6uXglrsuNMfM2vTEfoKUGo6Q.roa
Signing time: Sun 01 Jan 2023 15:44:55 +0000
ROA not before: Sun 01 Jan 2023 15:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204711
IP address blocks: 2001:67c:24a4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:e4:d3:64:bf:c4:9d:1b:61:54:36:73:9d:ad:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2023e76a68ea6c9f70d3ea72df84e53dc21724f
Validity
Not Before: Jan 1 15:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba633ab97825aecb8d31f336bd311fa0a506a3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:95:3d:8a:b1:16:fb:33:64:70:99:7b:fe:06:
ef:ec:31:b9:21:8d:a3:c5:fd:f6:df:20:35:b8:f6:
95:d3:33:81:3a:0a:ae:3d:bf:be:02:f2:38:18:f5:
b9:0d:50:8c:74:16:ac:6b:d4:f9:6e:9d:8d:8c:c7:
4b:b7:f3:9f:3d:a7:af:2b:ba:a5:5e:c0:b8:d5:44:
c2:4a:3d:db:88:fe:73:11:8e:3a:cf:e8:c8:9c:94:
12:9f:89:21:d9:88:03:41:56:7c:f9:2f:fd:63:3b:
14:56:54:4a:3f:db:e3:b4:f1:84:3e:35:5c:f9:be:
39:a9:56:ac:ef:eb:d2:08:09:40:92:1f:0c:54:30:
31:f0:fa:f7:ab:9e:21:48:d8:a4:47:37:5c:d9:1f:
e9:8d:3c:0d:7d:30:e9:3b:4b:1f:50:de:e3:65:a0:
97:7f:ec:8c:3a:31:7e:6c:82:c8:52:a2:72:cf:e5:
78:13:af:19:70:8d:88:2f:f7:66:3f:d8:ba:a2:67:
2f:f8:0d:b5:48:23:24:52:b2:f0:09:16:f2:01:77:
e1:1f:c0:a9:7a:5d:71:2b:f4:ce:d9:5b:97:6f:2b:
6b:72:6b:38:20:13:0a:a7:a0:ae:33:d6:96:c3:c3:
48:06:4b:42:41:53:11:0a:08:9f:1b:d8:d9:29:6a:
f4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:63:3A:B9:78:25:AE:CB:8D:31:F3:36:BD:31:1F:A0:A5:06:A3:A4
X509v3 Authority Key Identifier:
keyid:F2:02:3E:76:A6:8E:A6:C9:F7:0D:3E:A7:2D:F8:4E:53:DC:21:72:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gI-dqaOpsn3DT6nLfhOU9whck8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/umM6uXglrsuNMfM2vTEfoKUGo6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/8gI-dqaOpsn3DT6nLfhOU9whck8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:24a4::/48
Signature Algorithm: sha256WithRSAEncryption
06:d8:64:9a:18:05:39:ef:64:f0:e7:65:7c:ac:9f:a0:76:94:
de:19:81:7c:75:31:7b:0b:04:7c:d5:12:81:3f:11:1f:03:f5:
9f:28:aa:b9:05:31:e6:16:2f:dc:05:d7:f6:e0:51:0c:be:5a:
38:f8:27:f4:83:78:15:a4:3c:cb:70:c7:9c:ef:18:73:98:49:
a6:b7:b4:e4:cb:fc:4f:81:f1:15:78:d2:0c:42:37:10:a6:02:
46:cf:cb:90:ff:7d:e0:0d:73:9e:c6:42:11:ff:d0:ce:a1:5f:
95:da:74:f5:77:0b:f7:c0:31:d9:4b:c4:2f:8d:d8:4f:ed:94:
8f:b2:55:d6:f6:0a:d8:95:5e:de:28:a0:9f:16:8f:37:d0:51:
90:38:3d:ff:9f:da:dc:f9:48:8e:16:c0:f4:e1:10:be:d9:bb:
e4:1c:da:cb:a9:e0:4a:6a:8a:2d:25:06:20:ab:61:81:95:2b:
b1:10:db:61:a9:70:46:7f:e2:18:df:8e:73:0c:f7:91:dc:ff:
16:a8:a0:33:76:df:4b:5a:61:45:4f:6e:a1:15:01:9d:c7:18:
34:d5:84:44:f1:00:a3:d0:5c:5c:0a:bc:bc:33:b3:3e:b8:1f:
29:09:f1:72:ca:9d:5b:72:58:9e:23:ec:cd:37:a7:d6:fd:6a:
8c:d4:67:fb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuAeTTZL/EnRthVDZzna3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMDIzZTc2YTY4ZWE2YzlmNzBkM2VhNzJkZjg0ZTUzZGMy
MTcyNGYwHhcNMjMwMTAxMTU0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTYzM2FiOTc4MjVhZWNiOGQzMWYzMzZiZDMxMWZhMGE1MDZhM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipU9irEW+zNkcJl7/gbv7DG5IY2j
xf323yA1uPaV0zOBOgquPb++AvI4GPW5DVCMdBasa9T5bp2NjMdLt/OfPaevK7ql
XsC41UTCSj3biP5zEY46z+jInJQSn4kh2YgDQVZ8+S/9YzsUVlRKP9vjtPGEPjVc
+b45qVas7+vSCAlAkh8MVDAx8Pr3q54hSNikRzdc2R/pjTwNfTDpO0sfUN7jZaCX
f+yMOjF+bILIUqJyz+V4E68ZcI2IL/dmP9i6omcv+A21SCMkUrLwCRbyAXfhH8Cp
el1xK/TO2VuXbytrcms4IBMKp6CuM9aWw8NIBktCQVMRCgifG9jZKWr03QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLpjOrl4Ja7LjTHzNr0xH6ClBqOkMB8GA1UdIwQY
MBaAFPICPnamjqbJ9w0+py34TlPcIXJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGdJLWRxYU9wc24zRFQ2bkxmaE9VOXdoY2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83ZThlZDYtYWU3Mi00ZDNmLTk5OWQt
NjdjM2FmZmJkMWFhLzEvdW1NNnVYZ2xyc3VOTWZNMnZURWZvS1VHbzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83ZThlZDYtYWU3Mi00ZDNmLTk5OWQtNjdjM2FmZmJkMWFh
LzEvOGdJLWRxYU9wc24zRFQ2bkxmaE9VOXdoY2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCSk
MA0GCSqGSIb3DQEBCwUAA4IBAQAG2GSaGAU572Tw52V8rJ+gdpTeGYF8dTF7CwR8
1RKBPxEfA/WfKKq5BTHmFi/cBdf24FEMvlo4+Cf0g3gVpDzLcMec7xhzmEmmt7Tk
y/xPgfEVeNIMQjcQpgJGz8uQ/33gDXOexkIR/9DOoV+V2nT1dwv3wDHZS8QvjdhP
7ZSPslXW9grYlV7eKKCfFo830FGQOD3/n9rc+UiOFsD04RC+2bvkHNrLqeBKaoot
JQYgq2GBlSuxENthqXBGf+IY345zDPeR3P8WqKAzdt9LWmFFT26hFQGdxxg01YRE
8QCj0FxcCry8M7M+uB8pCfFyyp1bclieI+zNN6fW/WqM1Gf7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:10 2025 by rpki-client