Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/428911-8816-4f11-97a6-4882e6b568b2/1/3Ii6s45-IY-wdYofJajukR1jUHk.roa
File: 3Ii6s45-IY-wdYofJajukR1jUHk.roa (raw, json)
Hash identifier: zBdlZY1v0IVlKOmQv05JyfFPXMqFnsQz7RfigOGmw/M=
Subject key identifier: DC:88:BA:B3:8E:7E:21:8F:B0:75:8A:1F:25:A8:EE:91:1D:63:50:79
Certificate issuer: /CN=accfab8b893010a1b5e25072e1d456904493f52d
Certificate serial: 01856E78B9D00AF26B4E4B8B9AE96CC9079D
Authority key identifier: AC:CF:AB:8B:89:30:10:A1:B5:E2:50:72:E1:D4:56:90:44:93:F5:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rM-ri4kwEKG14lBy4dRWkEST9S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/428911-8816-4f11-97a6-4882e6b568b2/1/3Ii6s45-IY-wdYofJajukR1jUHk.roa
Signing time: Sun 01 Jan 2023 17:54:43 +0000
ROA not before: Sun 01 Jan 2023 17:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211586
IP address blocks: 2001:678:f18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:b9:d0:0a:f2:6b:4e:4b:8b:9a:e9:6c:c9:07:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=accfab8b893010a1b5e25072e1d456904493f52d
Validity
Not Before: Jan 1 17:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc88bab38e7e218fb0758a1f25a8ee911d635079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:77:e2:b8:e4:7f:01:cf:61:e7:f7:7f:1d:
0d:0b:d7:59:41:f5:27:21:ed:cf:77:99:ad:9a:20:
01:23:7b:53:50:0b:b1:b1:54:49:82:76:d5:db:a2:
10:ca:7a:4f:f6:fe:4b:72:64:df:71:fc:d1:42:34:
90:dd:21:ae:41:98:88:16:70:fa:ed:1e:9e:cb:4f:
b8:e4:8f:75:d0:83:f1:c5:40:58:ba:85:16:b3:a8:
23:73:39:08:ca:f2:76:7e:f0:9f:9e:6a:3e:6f:68:
16:c0:1e:64:af:39:94:96:a1:0b:b4:0e:4f:9b:99:
18:4c:63:92:de:34:e9:64:33:f2:92:96:22:08:a2:
00:95:de:69:76:41:dc:65:82:48:53:94:54:ba:00:
da:62:d9:bc:89:0e:ba:5d:d5:76:b2:8b:11:ce:96:
25:9f:f3:49:86:3d:db:50:d6:55:c5:8d:1a:be:b4:
5a:dc:8a:d1:22:fb:dc:b7:5f:be:d5:81:5d:3b:aa:
44:25:eb:ce:76:eb:b6:a2:21:b9:f7:45:47:3b:15:
37:75:20:f1:98:49:86:46:9e:41:96:41:ef:bb:95:
10:a0:f0:42:43:e0:c0:20:7e:df:a3:b8:99:a5:58:
ea:f8:96:e5:10:10:d0:1d:1d:67:bd:43:2f:8f:2c:
ca:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:88:BA:B3:8E:7E:21:8F:B0:75:8A:1F:25:A8:EE:91:1D:63:50:79
X509v3 Authority Key Identifier:
keyid:AC:CF:AB:8B:89:30:10:A1:B5:E2:50:72:E1:D4:56:90:44:93:F5:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rM-ri4kwEKG14lBy4dRWkEST9S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/428911-8816-4f11-97a6-4882e6b568b2/1/3Ii6s45-IY-wdYofJajukR1jUHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/428911-8816-4f11-97a6-4882e6b568b2/1/rM-ri4kwEKG14lBy4dRWkEST9S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f18::/48
Signature Algorithm: sha256WithRSAEncryption
84:2f:7d:07:03:87:64:29:6d:d2:c1:3b:13:01:47:3c:f2:29:
a7:7f:e2:d4:97:d4:1b:c1:d0:fe:21:15:11:3a:f0:a4:f1:de:
aa:e7:51:cc:ac:25:7b:e0:6e:df:0e:bb:a2:0d:58:ad:56:4f:
38:27:89:93:f7:c9:37:57:52:e6:fd:de:d9:7b:93:7d:4d:28:
30:93:7e:8f:1b:26:c0:a8:56:29:1f:39:bc:cd:dc:1d:56:93:
57:9e:e9:89:47:69:42:90:d9:27:89:1d:5c:46:4b:4d:19:3f:
44:d5:cc:65:e7:d2:d4:f1:01:b5:d2:fa:3c:01:3f:ad:b4:10:
eb:20:d4:7b:0b:f9:f3:04:4f:c8:9d:da:5f:47:f6:18:aa:37:
00:8f:92:ab:46:e2:d0:39:9b:01:74:c0:93:01:91:bb:ba:35:
56:83:b8:3c:ad:ce:10:3d:39:99:fb:e4:42:99:e6:23:6e:5b:
d6:d9:55:e3:b7:8c:70:ec:fb:cb:64:6c:8e:9d:46:33:a1:03:
8e:0b:ec:49:1e:2f:e0:0f:ef:65:a4:89:00:b2:27:1e:c1:9c:
27:87:0a:62:99:6a:03:27:cf:f7:0c:42:ad:d8:54:bf:e3:9c:
74:67:76:f2:76:2f:a4:63:f6:fb:ba:28:48:c1:43:ab:49:6a:
4f:4f:82:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVueLnQCvJrTkuLmulsyQedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjY2ZhYjhiODkzMDEwYTFiNWUyNTA3MmUxZDQ1NjkwNDQ5
M2Y1MmQwHhcNMjMwMTAxMTc1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg4YmFiMzhlN2UyMThmYjA3NThhMWYyNWE4ZWU5MTFkNjM1MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmt34rjkfwHPYef3fx0NC9dZQfUn
Ie3Pd5mtmiABI3tTUAuxsVRJgnbV26IQynpP9v5LcmTfcfzRQjSQ3SGuQZiIFnD6
7R6ey0+45I910IPxxUBYuoUWs6gjczkIyvJ2fvCfnmo+b2gWwB5krzmUlqELtA5P
m5kYTGOS3jTpZDPykpYiCKIAld5pdkHcZYJIU5RUugDaYtm8iQ66XdV2sosRzpYl
n/NJhj3bUNZVxY0avrRa3IrRIvvct1++1YFdO6pEJevOduu2oiG590VHOxU3dSDx
mEmGRp5BlkHvu5UQoPBCQ+DAIH7fo7iZpVjq+JblEBDQHR1nvUMvjyzKBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNyIurOOfiGPsHWKHyWo7pEdY1B5MB8GA1UdIwQY
MBaAFKzPq4uJMBChteJQcuHUVpBEk/UtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck0tcmk0a3dFS0cxNGxCeTRkUldrRVNUOVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80Mjg5MTEtODgxNi00ZjExLTk3YTYt
NDg4MmU2YjU2OGIyLzEvM0lpNnM0NS1JWS13ZFlvZkphanVrUjFqVUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80Mjg5MTEtODgxNi00ZjExLTk3YTYtNDg4MmU2YjU2OGIy
LzEvck0tcmk0a3dFS0cxNGxCeTRkUldrRVNUOVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA8Y
MA0GCSqGSIb3DQEBCwUAA4IBAQCEL30HA4dkKW3SwTsTAUc88imnf+LUl9QbwdD+
IRUROvCk8d6q51HMrCV74G7fDruiDVitVk84J4mT98k3V1Lm/d7Ze5N9TSgwk36P
GybAqFYpHzm8zdwdVpNXnumJR2lCkNkniR1cRktNGT9E1cxl59LU8QG10vo8AT+t
tBDrINR7C/nzBE/IndpfR/YYqjcAj5KrRuLQOZsBdMCTAZG7ujVWg7g8rc4QPTmZ
++RCmeYjblvW2VXjt4xw7PvLZGyOnUYzoQOOC+xJHi/gD+9lpIkAsicewZwnhwpi
mWoDJ8/3DEKt2FS/45x0Z3bydi+kY/b7uihIwUOrSWpPT4KX
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:08 2025 by rpki-client