Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/byd0xplzHnAv9cqN3qeDpJHyfgI.roa
File: byd0xplzHnAv9cqN3qeDpJHyfgI.roa (raw, json)
Hash identifier: lcORfSGtDPuhVU/AETOJVWdoHGU1XLaEP6SahN8GvYo=
Subject key identifier: 6F:27:74:C6:99:73:1E:70:2F:F5:CA:8D:DE:A7:83:A4:91:F2:7E:02
Certificate issuer: /CN=529231b247bff65b4c6341907ecd5eaba7f9ca92
Certificate serial: 018571F0EEAD71A418D3A80EE4E2153DAE95
Authority key identifier: 52:92:31:B2:47:BF:F6:5B:4C:63:41:90:7E:CD:5E:AB:A7:F9:CA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpIxske_9ltMY0GQfs1eq6f5ypI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/byd0xplzHnAv9cqN3qeDpJHyfgI.roa
Signing time: Mon 02 Jan 2023 10:04:53 +0000
ROA not before: Mon 02 Jan 2023 10:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200479
IP address blocks: 2001:67c:2344::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:ee:ad:71:a4:18:d3:a8:0e:e4:e2:15:3d:ae:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529231b247bff65b4c6341907ecd5eaba7f9ca92
Validity
Not Before: Jan 2 10:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f2774c699731e702ff5ca8ddea783a491f27e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:32:82:6e:92:2e:38:b6:e4:4c:4e:0b:14:e0:
b9:07:47:1b:eb:6d:db:3d:f1:f8:67:6e:73:11:60:
a1:df:cb:6f:b4:48:d6:26:18:86:bc:8a:9d:d1:f7:
cb:7a:3c:1d:7b:c9:1b:92:dc:de:5d:88:69:17:e8:
a1:6d:77:43:fc:32:c8:5a:ca:36:ee:b4:0d:4e:0f:
f7:4c:31:f9:7c:17:9c:99:08:81:9e:cf:5e:7a:a6:
c3:85:5d:38:a7:e6:7d:c7:1c:e7:7e:b2:0d:f1:74:
ad:20:b2:a2:1c:0f:e4:40:76:dd:3e:03:54:76:95:
a1:da:9a:1d:9d:e3:03:d4:2a:06:56:57:36:86:5e:
c2:c9:84:0e:ee:1a:c6:a6:a6:86:11:14:8d:f0:6c:
0e:9e:7c:69:21:94:c9:e0:3b:83:e6:84:e2:5d:3e:
66:84:8f:74:f4:9c:0f:e3:38:96:4f:c2:8d:55:b1:
88:8e:84:f4:c6:90:a5:5e:72:d8:8a:5b:c0:b0:e0:
4d:4d:f8:ec:6e:25:a9:7d:59:68:d8:7f:22:2c:c6:
48:ac:c2:88:46:20:5c:76:46:df:f4:a3:4a:66:f3:
dd:0e:c1:3a:e6:30:d1:d0:48:d9:db:93:76:ea:d8:
a3:84:a9:40:35:12:9e:aa:1c:4b:f7:df:83:75:06:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:27:74:C6:99:73:1E:70:2F:F5:CA:8D:DE:A7:83:A4:91:F2:7E:02
X509v3 Authority Key Identifier:
keyid:52:92:31:B2:47:BF:F6:5B:4C:63:41:90:7E:CD:5E:AB:A7:F9:CA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpIxske_9ltMY0GQfs1eq6f5ypI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/byd0xplzHnAv9cqN3qeDpJHyfgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/UpIxske_9ltMY0GQfs1eq6f5ypI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2344::/48
Signature Algorithm: sha256WithRSAEncryption
58:a1:4c:61:d9:a2:0b:ee:45:ca:bb:7e:cd:6e:cf:56:bf:43:
90:31:8f:d0:a8:1c:a5:6d:f1:9e:93:7f:99:07:ca:ce:30:e9:
7f:78:39:a7:55:2f:5a:8c:ac:d7:8a:24:1e:1c:6a:5b:da:31:
6e:36:77:7d:61:b3:2f:bb:33:2f:36:56:71:96:f4:7b:99:74:
ed:ae:92:de:ac:17:f7:ce:c6:76:8e:c3:fa:2a:56:50:c1:53:
49:83:0d:e8:ea:4b:fe:c9:fd:10:54:b2:b0:62:7f:1c:1e:70:
15:3b:c8:0f:c7:ce:7b:56:ac:fb:ae:bc:31:b2:59:a5:22:6c:
63:03:8d:84:ff:ed:f2:48:db:7d:fa:d0:52:6f:4a:ee:ed:38:
96:51:80:3d:a5:08:53:03:07:32:b2:9e:e8:dd:34:c3:78:9d:
4b:f2:e9:b2:e1:73:d2:f2:85:e5:e3:75:e9:8b:1f:2d:b7:5d:
c5:b1:96:78:be:81:ab:f1:93:74:f8:77:32:df:f8:3d:62:5e:
18:e9:ea:d2:a6:65:94:0e:36:f4:1a:33:23:ab:8c:95:7e:e9:
10:78:d5:12:f3:20:ec:16:8e:47:f6:6e:f7:60:e2:06:a1:e7:
cf:22:b2:bd:68:a8:fd:54:c9:b5:03:f9:71:a3:c0:eb:95:9a:
28:05:2e:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx8O6tcaQY06gO5OIVPa6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOTIzMWIyNDdiZmY2NWI0YzYzNDE5MDdlY2Q1ZWFiYTdm
OWNhOTIwHhcNMjMwMTAyMTAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI3NzRjNjk5NzMxZTcwMmZmNWNhOGRkZWE3ODNhNDkxZjI3ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TKCbpIuOLbkTE4LFOC5B0cb623b
PfH4Z25zEWCh38tvtEjWJhiGvIqd0ffLejwde8kbktzeXYhpF+ihbXdD/DLIWso2
7rQNTg/3TDH5fBecmQiBns9eeqbDhV04p+Z9xxznfrIN8XStILKiHA/kQHbdPgNU
dpWh2podneMD1CoGVlc2hl7CyYQO7hrGpqaGERSN8GwOnnxpIZTJ4DuD5oTiXT5m
hI909JwP4ziWT8KNVbGIjoT0xpClXnLYilvAsOBNTfjsbiWpfVlo2H8iLMZIrMKI
RiBcdkbf9KNKZvPdDsE65jDR0EjZ25N26tijhKlANRKeqhxL99+DdQab7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG8ndMaZcx5wL/XKjd6ng6SR8n4CMB8GA1UdIwQY
MBaAFFKSMbJHv/ZbTGNBkH7NXqun+cqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXBJeHNrZV85bHRNWTBHUWZzMWVxNmY1eXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84ZWM5NmQtZDYxYy00NmFjLWJmNTQt
NjUxMzVjZjJmODE1LzEvYnlkMHhwbHpIbkF2OWNxTjNxZURwSkh5ZmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84ZWM5NmQtZDYxYy00NmFjLWJmNTQtNjUxMzVjZjJmODE1
LzEvVXBJeHNrZV85bHRNWTBHUWZzMWVxNmY1eXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCNE
MA0GCSqGSIb3DQEBCwUAA4IBAQBYoUxh2aIL7kXKu37Nbs9Wv0OQMY/QqBylbfGe
k3+ZB8rOMOl/eDmnVS9ajKzXiiQeHGpb2jFuNnd9YbMvuzMvNlZxlvR7mXTtrpLe
rBf3zsZ2jsP6KlZQwVNJgw3o6kv+yf0QVLKwYn8cHnAVO8gPx857Vqz7rrwxslml
ImxjA42E/+3ySNt9+tBSb0ru7TiWUYA9pQhTAwcysp7o3TTDeJ1L8umy4XPS8oXl
43Xpix8tt13FsZZ4voGr8ZN0+Hcy3/g9Yl4Y6erSpmWUDjb0GjMjq4yVfukQeNUS
8yDsFo5H9m73YOIGoefPIrK9aKj9VMm1A/lxo8DrlZooBS5a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:48 2025 by rpki-client