Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/91402e-ed28-4a21-84e2-e4d64dca67ac/1/TS-1pOFKPAlhiZckAYCd3jSTiGA.roa
File: TS-1pOFKPAlhiZckAYCd3jSTiGA.roa (raw, json)
Hash identifier: jlPbSvHZI8YZtm5/WWd891WOopnPcbav4iUqBYxXHb0=
Subject key identifier: 4D:2F:B5:A4:E1:4A:3C:09:61:89:97:24:01:80:9D:DE:34:93:88:60
Certificate issuer: /CN=e316c03cfaffe134c7beda4886ab8b09cf45fbc4
Certificate serial: 01866E7E0362F3CB986AA59981461CC78E82
Authority key identifier: E3:16:C0:3C:FA:FF:E1:34:C7:BE:DA:48:86:AB:8B:09:CF:45:FB:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xbAPPr_4TTHvtpIhquLCc9F-8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/91402e-ed28-4a21-84e2-e4d64dca67ac/1/TS-1pOFKPAlhiZckAYCd3jSTiGA.roa
Signing time: Mon 20 Feb 2023 11:03:17 +0000
ROA not before: Mon 20 Feb 2023 11:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199789
IP address blocks: 2001:67c:29a4::/48 maxlen: 48
2001:67c:b98::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:7e:03:62:f3:cb:98:6a:a5:99:81:46:1c:c7:8e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316c03cfaffe134c7beda4886ab8b09cf45fbc4
Validity
Not Before: Feb 20 11:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2fb5a4e14a3c096189972401809dde34938860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:6b:54:2f:c6:55:ee:bc:38:2a:aa:16:90:
df:38:7f:fd:7d:65:5c:91:06:ae:14:34:40:85:09:
2a:0b:9b:94:8f:73:8e:ec:9b:32:52:20:20:47:53:
74:16:33:4c:3b:14:16:38:69:21:4c:87:70:29:2f:
a1:ae:ed:35:d1:93:d0:05:dc:7b:d3:7c:6b:23:23:
5d:43:46:af:c1:25:58:9f:f9:c0:f0:c1:2f:53:b4:
1d:d3:a7:0f:d8:fb:d3:74:f3:07:64:a4:17:5a:14:
bc:34:c0:99:9d:d1:99:c0:dd:00:76:a2:b7:a1:e8:
5b:d5:0d:73:f0:ee:fe:5e:c1:96:33:35:56:d9:0e:
12:9d:2c:00:9a:88:61:c1:5f:bb:c3:d1:b9:e8:ae:
be:4f:f2:7f:72:50:42:bb:85:a3:69:45:9d:05:43:
d1:c7:54:c1:3a:28:ec:67:07:53:53:73:f4:49:36:
1f:c3:a1:22:59:f5:c1:74:05:51:65:05:d1:9a:cc:
d8:a0:65:12:67:2d:45:0a:b6:0c:83:35:20:53:5b:
1c:8f:26:69:e8:3e:90:b0:69:39:7a:dc:4e:6d:f2:
a6:01:5f:97:3c:e4:9f:9f:5d:d2:fd:f5:9e:7a:da:
e8:b4:99:22:b1:af:09:7f:a0:9d:95:47:93:b0:5c:
a6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2F:B5:A4:E1:4A:3C:09:61:89:97:24:01:80:9D:DE:34:93:88:60
X509v3 Authority Key Identifier:
keyid:E3:16:C0:3C:FA:FF:E1:34:C7:BE:DA:48:86:AB:8B:09:CF:45:FB:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xbAPPr_4TTHvtpIhquLCc9F-8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/91402e-ed28-4a21-84e2-e4d64dca67ac/1/TS-1pOFKPAlhiZckAYCd3jSTiGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/91402e-ed28-4a21-84e2-e4d64dca67ac/1/4xbAPPr_4TTHvtpIhquLCc9F-8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b98::/48
2001:67c:29a4::/48
Signature Algorithm: sha256WithRSAEncryption
28:3c:ee:e1:26:e2:b6:10:f3:1b:10:3e:74:7b:2b:ab:51:49:
2e:4a:6d:be:77:78:ec:26:7c:5a:6a:6c:63:31:b1:ca:ad:e1:
bf:b3:83:d3:10:48:0d:78:f7:3f:d5:12:c1:86:9e:94:8b:a7:
48:95:a0:c1:62:8d:46:6a:02:a1:c7:78:70:e3:1b:a8:45:5e:
06:00:98:91:7e:09:0c:8f:d8:96:90:b3:2d:4a:4c:23:69:50:
2b:f9:e1:14:cd:35:de:7e:d9:8b:49:42:f6:7d:79:64:90:30:
e8:75:95:ad:ae:82:9a:91:5a:a7:85:ce:50:1c:ef:d2:93:8d:
9e:06:fe:8f:d1:dc:5d:3b:e5:79:92:72:c2:2e:e6:18:01:b7:
1d:67:0c:b4:16:9b:41:5a:c9:e4:6e:f6:82:bf:9f:b6:bf:1d:
74:13:eb:43:2d:6d:19:57:79:3b:f2:35:45:35:6a:b2:cd:90:
5c:c1:90:5c:fe:ec:e5:10:b2:c5:51:f3:28:85:12:51:bf:84:
69:94:47:c5:b0:f8:47:fa:c3:53:c4:6d:92:b2:38:46:2f:28:
8c:f5:7f:b2:a8:69:f1:bb:a1:88:51:76:95:93:67:19:b8:85:
be:e1:b4:f3:ce:0d:a4:8a:fb:90:61:88:3a:ef:c2:07:8f:a6:
50:90:3f:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZufgNi88uYaqWZgUYcx46CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTZjMDNjZmFmZmUxMzRjN2JlZGE0ODg2YWI4YjA5Y2Y0
NWZiYzQwHhcNMjMwMjIwMTEwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJmYjVhNGUxNGEzYzA5NjE4OTk3MjQwMTgwOWRkZTM0OTM4ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8drVC/GVe68OCqqFpDfOH/9fWVc
kQauFDRAhQkqC5uUj3OO7JsyUiAgR1N0FjNMOxQWOGkhTIdwKS+hru010ZPQBdx7
03xrIyNdQ0avwSVYn/nA8MEvU7Qd06cP2PvTdPMHZKQXWhS8NMCZndGZwN0AdqK3
oehb1Q1z8O7+XsGWMzVW2Q4SnSwAmohhwV+7w9G56K6+T/J/clBCu4WjaUWdBUPR
x1TBOijsZwdTU3P0STYfw6EiWfXBdAVRZQXRmszYoGUSZy1FCrYMgzUgU1scjyZp
6D6QsGk5etxObfKmAV+XPOSfn13S/fWeetrotJkisa8Jf6CdlUeTsFymJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0vtaThSjwJYYmXJAGAnd40k4hgMB8GA1UdIwQY
MBaAFOMWwDz6/+E0x77aSIariwnPRfvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhiQVBQcl80VFRIdnRwSWhxdUxDYzlGLThRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85MTQwMmUtZWQyOC00YTIxLTg0ZTIt
ZTRkNjRkY2E2N2FjLzEvVFMtMXBPRktQQWxoaVpja0FZQ2QzalNUaUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85MTQwMmUtZWQyOC00YTIxLTg0ZTItZTRkNjRkY2E2N2Fj
LzEvNHhiQVBQcl80VFRIdnRwSWhxdUxDYzlGLThRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAuY
AwcAIAEGfCmkMA0GCSqGSIb3DQEBCwUAA4IBAQAoPO7hJuK2EPMbED50eyurUUku
Sm2+d3jsJnxaamxjMbHKreG/s4PTEEgNePc/1RLBhp6Ui6dIlaDBYo1GagKhx3hw
4xuoRV4GAJiRfgkMj9iWkLMtSkwjaVAr+eEUzTXeftmLSUL2fXlkkDDodZWtroKa
kVqnhc5QHO/Sk42eBv6P0dxdO+V5knLCLuYYAbcdZwy0FptBWsnkbvaCv5+2vx10
E+tDLW0ZV3k78jVFNWqyzZBcwZBc/uzlELLFUfMohRJRv4RplEfFsPhH+sNTxG2S
sjhGLyiM9X+yqGnxu6GIUXaVk2cZuIW+4bTzzg2kivuQYYg678IHj6ZQkD9f
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:11 2025 by rpki-client