Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/ecfHVT1h-6MbVaVNU-H5ux9lLMU.roa
File: ecfHVT1h-6MbVaVNU-H5ux9lLMU.roa (raw, json)
Hash identifier: kKow+V8xxdZP7eIuoAevCIBP7tcH0KQ6Ej4ZiWQ6qEw=
Subject key identifier: 79:C7:C7:55:3D:61:FB:A3:1B:55:A5:4D:53:E1:F9:BB:1F:65:2C:C5
Certificate issuer: /CN=553f4c4631a3385c5e395ee1d9daa076b0bccff1
Certificate serial: 01856D4ABE91E0B49F64B9C8F1094B088FC9
Authority key identifier: 55:3F:4C:46:31:A3:38:5C:5E:39:5E:E1:D9:DA:A0:76:B0:BC:CF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VT9MRjGjOFxeOV7h2dqgdrC8z_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/ecfHVT1h-6MbVaVNU-H5ux9lLMU.roa
Signing time: Sun 01 Jan 2023 12:24:53 +0000
ROA not before: Sun 01 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212467
IP address blocks: 2001:67c:2fbc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:be:91:e0:b4:9f:64:b9:c8:f1:09:4b:08:8f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553f4c4631a3385c5e395ee1d9daa076b0bccff1
Validity
Not Before: Jan 1 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79c7c7553d61fba31b55a54d53e1f9bb1f652cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:af:a8:e8:ba:0c:15:fe:1a:7f:22:31:26:ca:
86:13:56:c5:3c:a7:a3:dd:24:2e:69:f3:be:32:c0:
42:5a:a7:93:17:fc:30:27:bd:90:c4:40:ba:17:5d:
aa:49:d1:76:83:10:74:78:2a:2b:71:0a:4d:d5:d1:
c1:8a:6b:66:36:50:c3:4f:58:cd:aa:ed:7c:70:40:
a5:1e:6e:97:04:44:0a:d2:6f:d6:79:83:bd:e8:43:
68:9e:4a:d3:a7:64:3c:2d:d8:67:4a:9c:68:0f:b2:
fb:46:1a:aa:78:79:f2:24:c6:c9:77:bd:de:22:b4:
34:39:90:e1:68:0a:5b:e2:33:b2:2a:a0:6d:c6:28:
e4:31:2f:6b:8a:fa:17:72:d2:ad:9c:97:aa:08:29:
78:46:3a:07:7b:d3:fe:7e:30:e9:52:38:8d:60:ee:
ef:c3:d1:9a:d5:f0:51:90:42:6b:37:42:13:2c:c3:
8e:54:62:96:1a:0b:62:8f:0f:dd:98:4a:93:cc:56:
37:a0:36:20:a7:7b:6f:b6:44:5b:e9:82:c6:1d:be:
05:b1:22:42:1e:c5:5c:d4:da:90:ee:19:cd:68:81:
71:f7:54:50:94:a7:97:13:8d:29:5b:6e:b0:b9:53:
43:85:72:01:d6:5a:40:7b:2c:62:53:3c:07:af:90:
7c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C7:C7:55:3D:61:FB:A3:1B:55:A5:4D:53:E1:F9:BB:1F:65:2C:C5
X509v3 Authority Key Identifier:
keyid:55:3F:4C:46:31:A3:38:5C:5E:39:5E:E1:D9:DA:A0:76:B0:BC:CF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VT9MRjGjOFxeOV7h2dqgdrC8z_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/ecfHVT1h-6MbVaVNU-H5ux9lLMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/VT9MRjGjOFxeOV7h2dqgdrC8z_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2fbc::/48
Signature Algorithm: sha256WithRSAEncryption
10:6d:8f:7a:56:18:b8:e5:14:b4:5f:00:bc:57:3c:fd:07:1e:
f6:2f:17:11:75:af:b0:e0:d1:6f:2f:e5:6c:fc:3c:8d:11:2b:
ac:30:5f:82:ae:86:72:14:63:65:cf:89:df:23:d5:e3:10:58:
f3:27:8b:18:83:1a:fe:ab:ab:6e:c4:37:61:74:0d:91:24:66:
19:14:67:47:2a:3a:d2:2c:40:23:a1:fc:31:66:72:4f:df:de:
02:bf:3e:ca:b8:a7:2a:44:92:30:13:fb:90:c0:a4:a6:cc:a5:
f5:70:0b:f9:fd:ef:79:9d:53:fe:58:90:dc:34:2f:3c:9b:b5:
3a:58:36:f5:5f:20:6d:6d:83:92:a9:10:8d:5f:b3:27:0c:10:
97:cb:01:2c:bf:87:88:63:b1:2e:00:78:55:29:04:ce:7b:85:
cb:9c:b1:54:9e:07:a4:f3:f1:64:5c:53:a8:3b:95:5c:27:6a:
86:c3:6e:f0:76:16:1c:25:30:20:b0:3b:ee:6d:1e:e5:ed:92:
20:76:36:c1:c6:e1:8e:04:e5:38:4e:e8:91:15:7b:37:41:81:
be:e3:e8:8e:cb:ab:98:e8:c8:75:0b:45:c3:b2:ed:2c:6e:c6:
af:d6:34:b8:ca:96:eb:41:04:0d:aa:6d:d0:ac:5b:47:f4:6a:
ae:d4:f0:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtSr6R4LSfZLnI8QlLCI/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2Y0YzQ2MzFhMzM4NWM1ZTM5NWVlMWQ5ZGFhMDc2YjBi
Y2NmZjEwHhcNMjMwMTAxMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM3Yzc1NTNkNjFmYmEzMWI1NWE1NGQ1M2UxZjliYjFmNjUyY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6+o6LoMFf4afyIxJsqGE1bFPKej
3SQuafO+MsBCWqeTF/wwJ72QxEC6F12qSdF2gxB0eCorcQpN1dHBimtmNlDDT1jN
qu18cEClHm6XBEQK0m/WeYO96ENonkrTp2Q8LdhnSpxoD7L7RhqqeHnyJMbJd73e
IrQ0OZDhaApb4jOyKqBtxijkMS9rivoXctKtnJeqCCl4RjoHe9P+fjDpUjiNYO7v
w9Ga1fBRkEJrN0ITLMOOVGKWGgtijw/dmEqTzFY3oDYgp3tvtkRb6YLGHb4FsSJC
HsVc1NqQ7hnNaIFx91RQlKeXE40pW26wuVNDhXIB1lpAeyxiUzwHr5B8LwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHnHx1U9YfujG1WlTVPh+bsfZSzFMB8GA1UdIwQY
MBaAFFU/TEYxozhcXjle4dnaoHawvM/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlQ5TVJqR2pPRnhlT1Y3aDJkcWdkckM4el9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy85YThkMDgtZTRiYi00OTJmLTk4NjMt
NDU0Zjk5Yzc0ZjExLzEvZWNmSFZUMWgtNk1iVmFWTlUtSDV1eDlsTE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy85YThkMDgtZTRiYi00OTJmLTk4NjMtNDU0Zjk5Yzc0ZjEx
LzEvVlQ5TVJqR2pPRnhlT1Y3aDJkcWdkckM4el9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC+8
MA0GCSqGSIb3DQEBCwUAA4IBAQAQbY96Vhi45RS0XwC8Vzz9Bx72LxcRda+w4NFv
L+Vs/DyNESusMF+CroZyFGNlz4nfI9XjEFjzJ4sYgxr+q6tuxDdhdA2RJGYZFGdH
KjrSLEAjofwxZnJP394Cvz7KuKcqRJIwE/uQwKSmzKX1cAv5/e95nVP+WJDcNC88
m7U6WDb1XyBtbYOSqRCNX7MnDBCXywEsv4eIY7EuAHhVKQTOe4XLnLFUngek8/Fk
XFOoO5VcJ2qGw27wdhYcJTAgsDvubR7l7ZIgdjbBxuGOBOU4TuiRFXs3QYG+4+iO
y6uY6Mh1C0XDsu0sbsav1jS4ypbrQQQNqm3QrFtH9Gqu1PD0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:24 2025 by rpki-client