Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0dbf3d-98d2-4ec4-8b80-076dd6bd124a/1/b_3vqWtNgUwBZp_Ob8o9vYn1x2k.roa
File: b_3vqWtNgUwBZp_Ob8o9vYn1x2k.roa (raw, json)
Hash identifier: 5VkpNSrJOdWMHY+r0F6LgDsPnruURmoG6ncFuhgsHCc=
Subject key identifier: 6F:FD:EF:A9:6B:4D:81:4C:01:66:9F:CE:6F:CA:3D:BD:89:F5:C7:69
Certificate issuer: /CN=e4fb640946d8cfaefe5648948702ad6034a0e8b9
Certificate serial: 018476B7224E5B2BAA4E317DEC95250D2729
Authority key identifier: E4:FB:64:09:46:D8:CF:AE:FE:56:48:94:87:02:AD:60:34:A0:E8:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PtkCUbYz67-VkiUhwKtYDSg6Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0dbf3d-98d2-4ec4-8b80-076dd6bd124a/1/b_3vqWtNgUwBZp_Ob8o9vYn1x2k.roa
Signing time: Mon 14 Nov 2022 15:17:04 +0000
ROA not before: Mon 14 Nov 2022 15:17:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213003
IP address blocks: 2001:678:d7c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:b7:22:4e:5b:2b:aa:4e:31:7d:ec:95:25:0d:27:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4fb640946d8cfaefe5648948702ad6034a0e8b9
Validity
Not Before: Nov 14 15:17:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ffdefa96b4d814c01669fce6fca3dbd89f5c769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:00:e2:53:fd:7e:0f:78:8c:79:df:71:b1:60:
29:4e:02:35:1a:56:e0:bf:d8:dc:ed:4f:b9:9b:9c:
bf:85:3a:62:3c:c5:0a:dc:0e:83:6b:91:2a:81:a0:
bb:54:8f:66:22:7a:91:22:37:52:b8:4a:a0:0d:7d:
5d:fe:7f:e6:b8:a7:2f:4d:73:47:44:65:9d:44:ea:
12:0b:0a:b3:1d:b0:78:a1:e0:74:32:4f:d3:4f:b7:
a4:29:bb:fd:ff:ad:a1:82:1a:e7:b0:c7:ec:72:ff:
b8:c8:e4:37:08:df:11:d9:ca:60:3f:7f:e3:16:05:
c0:56:d9:ab:c9:fb:fe:af:23:b5:ab:c8:4e:c8:68:
25:33:ab:49:6e:33:4e:53:43:35:08:d0:77:54:65:
fd:d6:fb:ce:18:e7:ef:a6:5a:09:92:0c:66:d2:13:
8e:62:71:ee:ff:7d:1f:b5:c8:17:f7:1b:e9:1d:46:
e1:62:0a:b6:20:77:a8:24:f0:97:ee:eb:7e:7b:eb:
81:8e:8d:57:3b:98:d6:e7:ac:40:4b:a1:b3:16:c8:
ad:7f:a6:bc:f6:6a:fa:7c:9a:23:a8:16:86:f5:1e:
d1:3b:9d:77:9a:dc:07:2d:6e:76:aa:dc:97:f0:66:
55:1b:5d:fb:54:67:cc:d7:b0:20:bf:42:24:0d:15:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FD:EF:A9:6B:4D:81:4C:01:66:9F:CE:6F:CA:3D:BD:89:F5:C7:69
X509v3 Authority Key Identifier:
keyid:E4:FB:64:09:46:D8:CF:AE:FE:56:48:94:87:02:AD:60:34:A0:E8:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PtkCUbYz67-VkiUhwKtYDSg6Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0dbf3d-98d2-4ec4-8b80-076dd6bd124a/1/b_3vqWtNgUwBZp_Ob8o9vYn1x2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0dbf3d-98d2-4ec4-8b80-076dd6bd124a/1/5PtkCUbYz67-VkiUhwKtYDSg6Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d7c::/48
Signature Algorithm: sha256WithRSAEncryption
48:04:2f:08:d2:68:9b:75:ea:79:f6:67:14:ba:a6:9c:3c:ff:
88:08:eb:87:0b:fd:84:11:f4:f0:3a:03:7c:a3:4f:14:ab:f9:
cd:b0:13:1a:b8:db:61:73:cf:22:99:2f:01:8d:7e:ce:c8:2b:
c1:68:e9:2d:c8:96:82:97:0f:a5:1b:a5:f8:4d:bb:c5:f1:9e:
e8:e1:ec:a3:98:e0:8f:c2:66:a9:90:af:b3:e2:9d:b2:a2:8c:
20:20:f2:45:2a:ce:cd:35:4c:33:ce:19:fd:55:38:2e:84:04:
5a:af:11:33:18:c7:8d:2d:e0:00:bc:72:3a:c9:28:e9:be:d7:
8e:a6:bb:fb:bf:43:45:e7:bd:55:5e:1b:ab:70:0f:07:a2:8f:
67:4a:a9:da:45:4e:f6:b0:53:65:87:37:c8:98:19:1d:b6:25:
26:5d:c3:f0:df:ff:f4:f7:f4:58:a5:60:8a:08:2f:11:a4:21:
13:cb:40:ad:62:1d:36:9c:46:1a:02:fa:0b:05:fa:dd:c9:cc:
df:b8:1e:b2:1d:38:6f:cc:ca:7d:25:e5:fd:b2:88:0c:c5:8f:
01:a0:12:80:75:5a:d9:a5:fc:65:9e:52:eb:cd:67:9b:5e:c2:
6e:df:9f:24:3a:28:24:4f:01:63:86:5d:64:81:e7:a6:85:c0:
83:8a:14:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYR2tyJOWyuqTjF97JUlDScpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZmI2NDA5NDZkOGNmYWVmZTU2NDg5NDg3MDJhZDYwMzRh
MGU4YjkwHhcNMjIxMTE0MTUxNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZkZWZhOTZiNGQ4MTRjMDE2NjlmY2U2ZmNhM2RiZDg5ZjVjNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwDiU/1+D3iMed9xsWApTgI1Glbg
v9jc7U+5m5y/hTpiPMUK3A6Da5EqgaC7VI9mInqRIjdSuEqgDX1d/n/muKcvTXNH
RGWdROoSCwqzHbB4oeB0Mk/TT7ekKbv9/62hghrnsMfscv+4yOQ3CN8R2cpgP3/j
FgXAVtmryfv+ryO1q8hOyGglM6tJbjNOU0M1CNB3VGX91vvOGOfvploJkgxm0hOO
YnHu/30ftcgX9xvpHUbhYgq2IHeoJPCX7ut+e+uBjo1XO5jW56xAS6GzFsitf6a8
9mr6fJojqBaG9R7RO513mtwHLW52qtyX8GZVG137VGfM17Agv0IkDRXHhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG/976lrTYFMAWafzm/KPb2J9cdpMB8GA1UdIwQY
MBaAFOT7ZAlG2M+u/lZIlIcCrWA0oOi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVB0a0NVYll6NjctVmtpVWh3S3RZRFNnNkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wZGJmM2QtOThkMi00ZWM0LThiODAt
MDc2ZGQ2YmQxMjRhLzEvYl8zdnFXdE5nVXdCWnBfT2I4bzl2WW4xeDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wZGJmM2QtOThkMi00ZWM0LThiODAtMDc2ZGQ2YmQxMjRh
LzEvNVB0a0NVYll6NjctVmtpVWh3S3RZRFNnNkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA18
MA0GCSqGSIb3DQEBCwUAA4IBAQBIBC8I0mibdep59mcUuqacPP+ICOuHC/2EEfTw
OgN8o08Uq/nNsBMauNthc88imS8BjX7OyCvBaOktyJaClw+lG6X4TbvF8Z7o4eyj
mOCPwmapkK+z4p2yoowgIPJFKs7NNUwzzhn9VTguhARarxEzGMeNLeAAvHI6ySjp
vteOprv7v0NF571VXhurcA8Hoo9nSqnaRU72sFNlhzfImBkdtiUmXcPw3//09/RY
pWCKCC8RpCETy0CtYh02nEYaAvoLBfrdyczfuB6yHThvzMp9JeX9sogMxY8BoBKA
dVrZpfxlnlLrzWebXsJu358kOigkTwFjhl1kgeemhcCDihSL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:12 2025 by rpki-client