Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/309980-afd7-4569-a25b-e909e41a07e5/1/pQmlmIE8UDgzoUYM-FAvsiZ2RKs.roa
File: pQmlmIE8UDgzoUYM-FAvsiZ2RKs.roa (raw, json)
Hash identifier: E3TBKulpP9pjucM1k37+2iBvv7xlBwIQxkXqGzT4PDc=
Subject key identifier: A5:09:A5:98:81:3C:50:38:33:A1:46:0C:F8:50:2F:B2:26:76:44:AB
Certificate issuer: /CN=1e398285e227827d8f2c51f1ea997357554be612
Certificate serial: 01856F2FCED69129BAB50B4D4322FC78A45C
Authority key identifier: 1E:39:82:85:E2:27:82:7D:8F:2C:51:F1:EA:99:73:57:55:4B:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjmCheIngn2PLFHx6plzV1VL5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/309980-afd7-4569-a25b-e909e41a07e5/1/pQmlmIE8UDgzoUYM-FAvsiZ2RKs.roa
Signing time: Sun 01 Jan 2023 21:14:42 +0000
ROA not before: Sun 01 Jan 2023 21:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62445
IP address blocks: 2001:678:898::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ce:d6:91:29:ba:b5:0b:4d:43:22:fc:78:a4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e398285e227827d8f2c51f1ea997357554be612
Validity
Not Before: Jan 1 21:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a509a598813c503833a1460cf8502fb2267644ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:01:5e:cf:25:4e:03:20:86:01:62:a9:f0:
31:b4:c7:41:6b:0a:f7:8d:64:95:c9:09:45:60:77:
3d:c3:f3:cd:38:ce:f1:ed:67:7f:72:d2:d3:9c:90:
b1:b3:ae:85:ae:cd:77:14:76:32:0d:76:bd:06:00:
00:32:47:1e:7c:fc:d9:99:d1:b2:87:30:d9:8b:54:
4e:0b:a3:52:99:e9:90:55:4a:14:5c:c0:06:62:2b:
26:6e:23:50:55:b8:7d:71:d5:a0:05:db:47:6b:63:
f7:61:87:3e:50:9d:68:7d:ce:6e:06:48:e2:6d:7c:
94:27:1d:19:e7:a2:d7:17:bc:61:6a:f4:1a:aa:a6:
2d:bd:8a:f3:fb:c2:0a:78:c5:53:f1:1a:07:78:0b:
45:31:61:f2:23:f7:6f:6c:96:8a:11:6e:e2:32:c6:
30:aa:81:75:41:95:25:bd:5b:64:1c:ed:3a:f5:f8:
d2:b7:30:9e:8d:cc:c3:5b:79:4b:38:2f:29:ba:6f:
3b:9b:0b:0e:74:5f:0f:de:94:47:c3:52:39:bd:2a:
0f:60:06:e8:c0:00:65:2c:85:70:fa:7b:fb:b2:3e:
42:d1:9b:75:d5:8c:03:1e:ec:ba:2b:ac:92:d8:02:
bc:24:5f:4c:ac:7f:7d:a5:64:60:86:8c:0a:a9:a7:
aa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:A5:98:81:3C:50:38:33:A1:46:0C:F8:50:2F:B2:26:76:44:AB
X509v3 Authority Key Identifier:
keyid:1E:39:82:85:E2:27:82:7D:8F:2C:51:F1:EA:99:73:57:55:4B:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjmCheIngn2PLFHx6plzV1VL5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/309980-afd7-4569-a25b-e909e41a07e5/1/pQmlmIE8UDgzoUYM-FAvsiZ2RKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/309980-afd7-4569-a25b-e909e41a07e5/1/HjmCheIngn2PLFHx6plzV1VL5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:898::/48
Signature Algorithm: sha256WithRSAEncryption
28:21:bc:32:53:17:28:09:42:3e:b5:00:af:c8:0a:d4:4e:91:
da:b0:65:f3:9b:14:05:cb:51:c3:76:7f:cc:01:3b:a6:ba:24:
67:ca:1b:1c:9e:5b:30:71:33:ce:ec:bb:22:99:44:0d:3a:0d:
7d:c5:10:f0:78:6e:50:ef:f4:25:b6:ba:3b:0e:c9:4c:8a:70:
ca:e2:9d:4d:cc:11:4a:6b:a0:ee:42:9c:af:5e:76:28:75:ae:
5e:17:ec:31:87:c5:db:aa:00:36:ca:94:47:5f:bc:53:43:35:
ec:e7:37:b3:55:ae:58:21:92:6d:a6:1d:e9:57:64:f5:66:98:
ed:78:5e:cf:3d:44:55:f0:aa:f2:28:9f:1b:73:de:72:6b:d3:
34:c9:46:52:82:ca:6f:0f:aa:a2:27:d6:8d:5f:3a:5d:73:d5:
d5:b3:30:de:d9:c7:02:e9:9d:a9:91:f4:8b:af:d5:0d:63:10:
79:99:c6:62:66:3a:19:63:4b:0d:f9:4e:90:41:68:19:81:c9:
d3:00:ca:3b:d5:1f:8c:90:f2:76:0b:f6:72:21:fa:ff:43:47:
ba:5c:b5:9d:c1:bf:b8:65:69:f8:89:75:dd:20:e5:2f:3c:7d:
bf:de:6c:55:da:ba:27:9a:d5:1d:d6:02:d8:e1:33:1d:5c:70:
4f:35:e0:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL87WkSm6tQtNQyL8eKRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzk4Mjg1ZTIyNzgyN2Q4ZjJjNTFmMWVhOTk3MzU3NTU0
YmU2MTIwHhcNMjMwMTAxMjExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA5YTU5ODgxM2M1MDM4MzNhMTQ2MGNmODUwMmZiMjI2NzY0NGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptsBXs8lTgMghgFiqfAxtMdBawr3
jWSVyQlFYHc9w/PNOM7x7Wd/ctLTnJCxs66Frs13FHYyDXa9BgAAMkcefPzZmdGy
hzDZi1ROC6NSmemQVUoUXMAGYismbiNQVbh9cdWgBdtHa2P3YYc+UJ1ofc5uBkji
bXyUJx0Z56LXF7xhavQaqqYtvYrz+8IKeMVT8RoHeAtFMWHyI/dvbJaKEW7iMsYw
qoF1QZUlvVtkHO069fjStzCejczDW3lLOC8pum87mwsOdF8P3pRHw1I5vSoPYAbo
wABlLIVw+nv7sj5C0Zt11YwDHuy6K6yS2AK8JF9MrH99pWRghowKqaeqrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKUJpZiBPFA4M6FGDPhQL7ImdkSrMB8GA1UdIwQY
MBaAFB45goXiJ4J9jyxR8eqZc1dVS+YSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGptQ2hlSW5nbjJQTEZIeDZwbHpWMVZMNWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zMDk5ODAtYWZkNy00NTY5LWEyNWIt
ZTkwOWU0MWEwN2U1LzEvcFFtbG1JRThVRGd6b1VZTS1GQXZzaVoyUktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zMDk5ODAtYWZkNy00NTY5LWEyNWItZTkwOWU0MWEwN2U1
LzEvSGptQ2hlSW5nbjJQTEZIeDZwbHpWMVZMNWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAiY
MA0GCSqGSIb3DQEBCwUAA4IBAQAoIbwyUxcoCUI+tQCvyArUTpHasGXzmxQFy1HD
dn/MATumuiRnyhscnlswcTPO7LsimUQNOg19xRDweG5Q7/Qltro7DslMinDK4p1N
zBFKa6DuQpyvXnYoda5eF+wxh8XbqgA2ypRHX7xTQzXs5zezVa5YIZJtph3pV2T1
ZpjteF7PPURV8KryKJ8bc95ya9M0yUZSgspvD6qiJ9aNXzpdc9XVszDe2ccC6Z2p
kfSLr9UNYxB5mcZiZjoZY0sN+U6QQWgZgcnTAMo71R+MkPJ2C/ZyIfr/Q0e6XLWd
wb+4ZWn4iXXdIOUvPH2/3mxV2ronmtUd1gLY4TMdXHBPNeCz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:37 2025 by rpki-client