Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/1-2U4LTMMno-GJn2TohRWy0eQQ_k.roa
File: 1-2U4LTMMno-GJn2TohRWy0eQQ_k.roa (raw, json)
Hash identifier: 9t61ArqZlzrya22u4AnpGxvLQ9DZNDL3Szu8qLyOxE4=
Subject key identifier: FB:65:38:2D:33:0C:9E:8F:86:26:7D:93:A2:14:56:CB:47:90:43:F9
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 0187DB5CC6F19D9A62ECF566A6C40A1E72C2
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/1-2U4LTMMno-GJn2TohRWy0eQQ_k.roa
Signing time: Tue 02 May 2023 07:28:23 +0000
ROA not before: Tue 02 May 2023 07:28:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198951
IP address blocks: 2001:678:518::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:5c:c6:f1:9d:9a:62:ec:f5:66:a6:c4:0a:1e:72:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: May 2 07:28:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb65382d330c9e8f86267d93a21456cb479043f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:23:b0:f5:f2:bb:83:fd:e9:1b:2f:82:be:3d:
85:1f:1d:c2:2d:0e:5b:c6:ce:1a:91:30:40:95:a3:
0d:ad:5d:0b:77:07:a6:9d:9d:a2:5f:5e:4e:b6:5a:
c3:a8:a8:b7:1b:a6:c5:2f:b6:37:98:be:f6:3b:28:
ed:a5:be:16:a6:a9:88:ea:db:1d:29:3c:1b:47:8f:
de:1b:a7:f4:e9:b6:7a:f2:9f:fe:14:5e:f4:f7:bd:
26:32:f4:d5:22:27:43:f5:81:66:3a:82:57:18:69:
52:81:b9:19:1b:20:2c:88:1e:e8:f3:3e:a6:da:32:
ec:1b:56:d9:ff:93:61:08:c5:6f:59:d2:4d:49:15:
a5:9c:df:27:1c:90:95:72:2f:52:7c:03:ec:e1:99:
ad:9b:96:96:cb:dc:f6:44:67:ba:cc:1f:9a:30:cb:
ec:a3:bd:67:e8:fe:8a:37:50:ff:1a:78:fa:58:0d:
de:7f:d2:cd:72:b4:a3:a1:a6:2e:15:c3:13:90:87:
c2:2a:15:44:27:0b:d2:fb:03:b0:62:80:c2:9d:df:
57:ea:ce:7a:7e:a7:e0:5d:62:64:c6:b6:df:9f:25:
3e:85:df:96:f3:a1:03:27:a7:50:ea:26:bf:5c:4f:
b9:02:a1:ec:89:60:2c:e0:da:51:08:ea:55:f4:12:
ed:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:65:38:2D:33:0C:9E:8F:86:26:7D:93:A2:14:56:CB:47:90:43:F9
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/1-2U4LTMMno-GJn2TohRWy0eQQ_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:518::/48
Signature Algorithm: sha256WithRSAEncryption
0d:8d:d4:f2:38:18:d3:83:82:1d:8f:87:5c:ad:f1:98:44:bc:
1c:53:fd:d5:35:c0:af:1f:e4:1d:75:14:07:3a:ed:3d:7b:d7:
03:1d:15:92:d7:8c:69:8a:d0:c8:d6:bd:61:3b:3b:87:76:10:
34:a5:7f:71:55:27:ac:35:a4:fe:24:67:4d:96:4d:dd:e7:5e:
b6:2c:41:c2:c3:b0:3c:50:23:3c:6d:a1:f1:72:a9:61:dd:aa:
98:b7:77:7a:1f:c6:d1:2b:72:3e:59:43:73:59:4b:1e:ee:43:
de:a1:eb:42:c6:d4:b0:6c:30:d3:9d:f6:ae:92:6b:a8:cd:f5:
ee:49:39:7a:6b:3b:fe:ba:17:9b:ed:3b:6b:52:48:d1:23:7b:
3f:77:1c:f7:3e:48:a2:d0:6d:a3:33:63:40:ae:55:8e:a1:b0:
e5:ca:8f:da:47:0e:98:10:d9:49:98:e7:10:32:f3:04:c0:a3:
75:14:54:c4:7d:bf:8f:f7:93:5b:46:e8:a2:f2:17:f4:15:76:
60:66:83:0b:5c:be:02:d4:f8:bb:8b:e8:45:be:71:6f:a5:5e:
b6:88:56:ab:ea:23:b7:34:67:8d:79:98:68:ec:59:b5:36:89:
b4:cb:4e:2b:16:60:3f:14:cd:09:69:1b:b1:f3:78:43:a3:54:
31:63:e8:cc
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYfbXMbxnZpi7PVmpsQKHnLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjMwNTAyMDcyODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY1MzgyZDMzMGM5ZThmODYyNjdkOTNhMjE0NTZjYjQ3OTA0M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSOw9fK7g/3pGy+Cvj2FHx3CLQ5b
xs4akTBAlaMNrV0LdwemnZ2iX15OtlrDqKi3G6bFL7Y3mL72Oyjtpb4WpqmI6tsd
KTwbR4/eG6f06bZ68p/+FF70970mMvTVIidD9YFmOoJXGGlSgbkZGyAsiB7o8z6m
2jLsG1bZ/5NhCMVvWdJNSRWlnN8nHJCVci9SfAPs4Zmtm5aWy9z2RGe6zB+aMMvs
o71n6P6KN1D/Gnj6WA3ef9LNcrSjoaYuFcMTkIfCKhVEJwvS+wOwYoDCnd9X6s56
fqfgXWJkxrbfnyU+hd+W86EDJ6dQ6ia/XE+5AqHsiWAs4NpRCOpV9BLt7wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPtlOC0zDJ6PhiZ9k6IUVstHkEP5MB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvMS0yVTRMVE1Nbm8tR0puMlRvaFJXeTBlUVFfay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjQvZTYyMDg5LWI5OGEtNGZkZC05YzRlLTYyNzg5MTgyYTBm
My8xL1hhc0xDT1VmZ1lJa1lwLXpvaEhZUFZ2alZFQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngF
GDANBgkqhkiG9w0BAQsFAAOCAQEADY3U8jgY04OCHY+HXK3xmES8HFP91TXArx/k
HXUUBzrtPXvXAx0VkteMaYrQyNa9YTs7h3YQNKV/cVUnrDWk/iRnTZZN3edetixB
wsOwPFAjPG2h8XKpYd2qmLd3eh/G0StyPllDc1lLHu5D3qHrQsbUsGww0532rpJr
qM317kk5ems7/roXm+07a1JI0SN7P3cc9z5IotBtozNjQK5VjqGw5cqP2kcOmBDZ
SZjnEDLzBMCjdRRUxH2/j/eTW0boovIX9BV2YGaDC1y+AtT4u4voRb5xb6VetohW
q+ojtzRnjXmYaOxZtTaJtMtOKxZgPxTNCWkbsfN4Q6NUMWPozA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:44:46 2025 by rpki-client