Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/P-_yU1VsjHAYkwDxAcuANInMyq4.roa
File: P-_yU1VsjHAYkwDxAcuANInMyq4.roa (raw, json)
Hash identifier: BUb8wsCaOVAItNiIgCFW/m/CcHhHWeUaA4iUPUfB0Mw=
Subject key identifier: 3F:EF:F2:53:55:6C:8C:70:18:93:00:F1:01:CB:80:34:89:CC:CA:AE
Certificate issuer: /CN=44814ea7e83b4019bfd5797eba989da06dd90e33
Certificate serial: 686EDA
Authority key identifier: 44:81:4E:A7:E8:3B:40:19:BF:D5:79:7E:BA:98:9D:A0:6D:D9:0E:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIFOp-g7QBm_1Xl-upidoG3ZDjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/P-_yU1VsjHAYkwDxAcuANInMyq4.roa
Signing time: Sat 26 Mar 2022 07:03:52 +0000
ROA not before: Sat 26 Mar 2022 07:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208733
IP address blocks: 2001:678:3b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6844122 (0x686eda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44814ea7e83b4019bfd5797eba989da06dd90e33
Validity
Not Before: Mar 26 07:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3feff253556c8c70189300f101cb803489cccaae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cf:18:80:a8:ce:d0:2a:ce:e6:86:a6:b6:c3:
d3:f0:62:cb:8a:5c:51:1e:15:b8:c3:ce:df:a0:c7:
5a:68:7e:e6:bb:57:f4:30:94:58:6f:41:e5:00:55:
63:fc:9c:fb:3a:79:b0:50:88:0d:ea:f3:d6:24:2d:
06:fb:b3:6f:85:63:86:b5:91:77:07:41:25:be:a8:
7a:67:82:5f:bf:01:b3:0d:7b:05:f7:33:fd:d0:86:
05:6e:11:2e:44:18:ba:0f:9e:d1:7b:db:c7:c9:83:
04:54:7b:24:4b:37:be:c1:df:09:3b:bf:1f:ad:9b:
fd:a7:61:4e:42:e2:07:1c:4c:cf:18:88:6a:fb:f7:
29:72:a2:1a:96:11:82:be:64:f2:7b:08:f2:b8:00:
a4:5b:b0:be:e3:a6:4e:02:5c:e3:e8:d0:70:c1:0f:
bf:a1:c5:dd:0a:97:ae:dd:f0:dd:77:7e:b0:06:41:
8b:38:2e:82:66:ac:bc:da:a7:56:88:4e:bb:d7:8c:
0f:0e:22:b1:10:0e:76:ef:fc:07:78:e0:4d:d8:70:
b3:f4:c6:68:7e:e4:d9:d1:ff:5f:74:a0:dc:40:88:
96:73:0c:20:7f:3a:22:8b:e0:d6:18:fa:4e:8f:a7:
cc:38:02:b3:45:3b:68:57:cf:9a:3f:85:39:83:98:
9c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EF:F2:53:55:6C:8C:70:18:93:00:F1:01:CB:80:34:89:CC:CA:AE
X509v3 Authority Key Identifier:
keyid:44:81:4E:A7:E8:3B:40:19:BF:D5:79:7E:BA:98:9D:A0:6D:D9:0E:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIFOp-g7QBm_1Xl-upidoG3ZDjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/P-_yU1VsjHAYkwDxAcuANInMyq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:3b8::/48
Signature Algorithm: sha256WithRSAEncryption
88:79:4f:d7:d4:f8:a0:cd:1d:f3:cd:e8:84:ba:d5:25:20:dc:
4e:4b:46:fa:27:14:1e:c6:6a:a5:0e:fe:78:a5:f5:0b:5c:f3:
9d:5d:df:af:b9:63:d5:04:92:dd:96:01:6e:dd:25:29:bf:71:
ae:c5:96:d0:3c:c2:a6:fb:61:f4:a9:fe:3e:7d:2e:c7:77:8d:
6e:48:e4:c0:1c:de:b7:8c:ca:64:9e:f1:ec:ac:fb:41:e0:5f:
22:e7:f2:6f:4f:cf:51:d1:12:45:ee:2c:1e:94:ab:1d:e5:55:
cd:4a:9d:22:ad:05:81:3f:21:99:15:b2:f3:64:a3:3e:1f:04:
38:9b:2d:aa:48:80:99:e7:ef:7f:b9:5c:a9:ec:17:1c:84:45:
83:2b:2b:07:47:2e:36:34:cb:97:43:92:ca:fa:57:ed:05:d4:
40:2b:fe:17:81:31:96:c2:44:3f:76:d7:2d:67:d3:a4:ee:d7:
3f:1b:ef:b6:af:ab:8d:b5:5f:c0:32:33:02:fe:2b:bc:f8:8f:
b9:55:d1:07:14:9e:a2:12:11:c3:96:c8:c3:be:e3:2c:24:c5:
cc:5d:f1:0f:3b:8b:88:ef:fe:cc:d0:67:14:57:ad:80:f6:fc:
cf:74:39:94:b1:f8:e3:f7:49:82:9b:c3:a8:27:02:b6:cb:af:
22:42:fe:f0
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDaG7aMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ0
ODE0ZWE3ZTgzYjQwMTliZmQ1Nzk3ZWJhOTg5ZGEwNmRkOTBlMzMwHhcNMjIwMzI2
MDcwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzZmVmZjI1MzU1NmM4
YzcwMTg5MzAwZjEwMWNiODAzNDg5Y2NjYWFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwc8YgKjO0CrO5oamtsPT8GLLilxRHhW4w87foMdaaH7mu1f0
MJRYb0HlAFVj/Jz7OnmwUIgN6vPWJC0G+7NvhWOGtZF3B0Elvqh6Z4JfvwGzDXsF
9zP90IYFbhEuRBi6D57Re9vHyYMEVHskSze+wd8JO78frZv9p2FOQuIHHEzPGIhq
+/cpcqIalhGCvmTyewjyuACkW7C+46ZOAlzj6NBwwQ+/ocXdCpeu3fDdd36wBkGL
OC6CZqy82qdWiE6714wPDiKxEA527/wHeOBN2HCz9MZofuTZ0f9fdKDcQIiWcwwg
fzoii+DWGPpOj6fMOAKzRTtoV8+aP4U5g5icewIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFD/v8lNVbIxwGJMA8QHLgDSJzMquMB8GA1UdIwQYMBaAFESBTqfoO0AZv9V5
frqYnaBt2Q4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UklGT3AtZzdRQm1fMVhsLXVwaWRvRzNaRGpNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82MC8zYWM0NGItNTY1YS00Mjg2LWE0MGMtZDdlMDFhYzAyYTc1LzEv
UC1feVUxVnNqSEFZa3dEeEFjdUFOSW5NeXE0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8z
YWM0NGItNTY1YS00Mjg2LWE0MGMtZDdlMDFhYzAyYTc1LzEvUklGT3AtZzdRQm1f
MVhsLXVwaWRvRzNaRGpNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAO4MA0GCSqGSIb3DQEBCwUA
A4IBAQCIeU/X1PigzR3zzeiEutUlINxOS0b6JxQexmqlDv54pfULXPOdXd+vuWPV
BJLdlgFu3SUpv3GuxZbQPMKm+2H0qf4+fS7Hd41uSOTAHN63jMpknvHsrPtB4F8i
5/JvT89R0RJF7iwelKsd5VXNSp0irQWBPyGZFbLzZKM+HwQ4my2qSICZ5+9/uVyp
7BcchEWDKysHRy42NMuXQ5LK+lftBdRAK/4XgTGWwkQ/dtctZ9Ok7tc/G++2r6uN
tV/AMjMC/iu8+I+5VdEHFJ6iEhHDlsjDvuMsJMXMXfEPO4uI7/7M0GcUV62A9vzP
dDmUsfjj90mCm8OoJwK2y68iQv7w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:09 2025 by rpki-client