Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa
File: RFK-Xege2ueazmJpALD9SBGk2rQ.roa (raw, json)
Hash identifier: FMhvyfCCHVxWxk8/WCfAMes4zHWvYygixVf2KpoQ95c=
Subject key identifier: 44:52:BE:5D:E8:1E:DA:E7:9A:CE:62:69:00:B0:FD:48:11:A4:DA:B4
Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial: 01896E1A06D82C3CCBF1D46F7E12F8452BA3
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa
Signing time: Wed 19 Jul 2023 12:22:26 +0000
ROA not before: Wed 19 Jul 2023 12:22:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61218
IP address blocks: 2001:67c:bd4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:1a:06:d8:2c:3c:cb:f1:d4:6f:7e:12:f8:45:2b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Validity
Not Before: Jul 19 12:22:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4452be5de81edae79ace626900b0fd4811a4dab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:93:ee:c8:22:e5:8c:17:8d:68:1c:4e:8e:
55:ef:ff:b5:fb:8e:b4:c0:2d:8c:bb:f5:99:a0:ce:
52:15:20:c5:06:10:61:88:75:bd:62:24:29:e2:82:
7c:6e:90:57:a8:1e:c5:d3:f2:1e:70:77:09:02:5d:
5f:ec:e9:7e:d0:dc:eb:87:e9:05:5f:c7:0e:bc:c4:
38:e7:6c:3a:33:a6:61:13:d1:1a:90:ba:d4:30:99:
98:a9:2a:45:4e:92:67:44:7a:ad:02:51:49:5a:0b:
16:80:dd:e3:c0:4d:01:1e:06:5c:a4:45:6b:1a:17:
bb:80:3c:7b:ca:aa:64:df:17:8c:a5:be:a3:8f:4e:
da:d7:f1:64:5a:70:15:f0:0b:dd:ae:af:b4:12:62:
74:02:6b:13:8c:63:4f:cf:07:07:82:93:a3:5b:46:
b8:a0:92:d6:8b:82:40:c5:b1:93:de:e1:12:c7:57:
e8:39:68:3d:b4:e9:a4:0d:3b:ef:31:f4:94:00:d9:
f0:7c:4b:46:0a:52:8e:02:b9:3c:f1:ed:d8:7b:95:
62:0e:2d:1d:e0:19:4d:cd:5c:a5:16:27:3c:4c:a8:
33:59:5e:61:65:e8:55:0c:80:be:85:83:fe:e1:0b:
83:34:ad:79:48:a9:1f:2d:c4:e5:d5:cb:1a:0b:c3:
1b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:52:BE:5D:E8:1E:DA:E7:9A:CE:62:69:00:B0:FD:48:11:A4:DA:B4
X509v3 Authority Key Identifier:
keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/RFK-Xege2ueazmJpALD9SBGk2rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bd4::/48
Signature Algorithm: sha256WithRSAEncryption
01:d8:53:a1:29:b5:3f:89:a7:5d:29:bf:d0:28:44:dc:a5:90:
70:13:8f:5c:e1:16:a2:c5:c8:60:4e:f0:3e:7d:52:63:d3:56:
cb:68:fe:e1:e9:82:de:31:67:45:18:b8:92:aa:96:b5:59:fb:
b1:27:cb:d1:78:03:11:54:d1:5f:7c:1c:7d:5a:38:55:03:94:
c9:bf:89:25:ae:6d:98:40:cb:5b:ab:41:c0:02:c3:d3:a3:e2:
60:6d:3f:db:10:a9:8a:9d:a1:3c:3b:98:12:08:68:04:74:c1:
16:a7:0d:4a:b6:13:9c:f1:40:9f:02:c5:5b:38:05:94:01:cd:
a8:bd:ad:6a:56:f7:f8:f7:0f:dd:44:33:bd:d8:5a:cd:3c:d0:
55:40:d4:93:33:0f:bf:35:d0:be:f1:53:a1:10:5d:43:18:88:
5a:9c:8d:6e:3d:cb:bd:74:22:3c:f1:b0:49:e8:91:24:39:5e:
aa:26:b4:f2:c2:48:8e:c5:4c:2a:01:4c:9f:e9:89:e6:5b:88:
77:74:08:02:67:4c:b1:64:8e:35:38:f3:51:1c:d2:26:fe:82:
85:3f:60:a8:ec:6c:cd:f9:d6:a8:d1:07:bb:d1:08:94:b6:72:
88:5d:7d:61:6c:f1:85:ae:23:2a:08:61:cd:14:7f:4f:a5:30:
2c:e5:e6:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYluGgbYLDzL8dRvfhL4RSujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjMwNzE5MTIyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUyYmU1ZGU4MWVkYWU3OWFjZTYyNjkwMGIwZmQ0ODExYTRkYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0OT7sgi5YwXjWgcTo5V7/+1+460
wC2Mu/WZoM5SFSDFBhBhiHW9YiQp4oJ8bpBXqB7F0/IecHcJAl1f7Ol+0Nzrh+kF
X8cOvMQ452w6M6ZhE9EakLrUMJmYqSpFTpJnRHqtAlFJWgsWgN3jwE0BHgZcpEVr
Ghe7gDx7yqpk3xeMpb6jj07a1/FkWnAV8Avdrq+0EmJ0AmsTjGNPzwcHgpOjW0a4
oJLWi4JAxbGT3uESx1foOWg9tOmkDTvvMfSUANnwfEtGClKOArk88e3Ye5ViDi0d
4BlNzVylFic8TKgzWV5hZehVDIC+hYP+4QuDNK15SKkfLcTl1csaC8MbIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFERSvl3oHtrnms5iaQCw/UgRpNq0MB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvUkZLLVhlZ2UydWVhem1KcEFMRDlTQkdrMnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvU
MA0GCSqGSIb3DQEBCwUAA4IBAQAB2FOhKbU/iaddKb/QKETcpZBwE49c4Raixchg
TvA+fVJj01bLaP7h6YLeMWdFGLiSqpa1WfuxJ8vReAMRVNFffBx9WjhVA5TJv4kl
rm2YQMtbq0HAAsPTo+JgbT/bEKmKnaE8O5gSCGgEdMEWpw1KthOc8UCfAsVbOAWU
Ac2ova1qVvf49w/dRDO92FrNPNBVQNSTMw+/NdC+8VOhEF1DGIhanI1uPcu9dCI8
8bBJ6JEkOV6qJrTywkiOxUwqAUyf6YnmW4h3dAgCZ0yxZI41OPNRHNIm/oKFP2Co
7GzN+dao0Qe70QiUtnKIXX1hbPGFriMqCGHNFH9PpTAs5ebj
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:56 2025 by rpki-client