Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7db061-0bca-4b0e-9483-e775d5faa9e3/1/xgQwayEkqkjQS6NK1HD__NK432Q.roa
File: xgQwayEkqkjQS6NK1HD__NK432Q.roa (raw, json)
Hash identifier: IJZ8c2adrMZoo7JR7TYrV9eAGpGgysc61F7+A0UF2yI=
Subject key identifier: C6:04:30:6B:21:24:AA:48:D0:4B:A3:4A:D4:70:FF:FC:D2:B8:DF:64
Certificate issuer: /CN=162af3302f6a49f7eb691ac4959e1acf95db6ce7
Certificate serial: 01856E41C8C22438B4F102A084B86581AA6F
Authority key identifier: 16:2A:F3:30:2F:6A:49:F7:EB:69:1A:C4:95:9E:1A:CF:95:DB:6C:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FirzMC9qSffraRrElZ4az5XbbOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7db061-0bca-4b0e-9483-e775d5faa9e3/1/xgQwayEkqkjQS6NK1HD__NK432Q.roa
Signing time: Sun 01 Jan 2023 16:54:42 +0000
ROA not before: Sun 01 Jan 2023 16:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48025
IP address blocks: 2001:678:c98::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:c8:c2:24:38:b4:f1:02:a0:84:b8:65:81:aa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162af3302f6a49f7eb691ac4959e1acf95db6ce7
Validity
Not Before: Jan 1 16:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c604306b2124aa48d04ba34ad470fffcd2b8df64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f3:c8:5b:ad:df:92:46:81:bd:74:bf:65:e6:
84:44:de:57:19:9b:73:cf:04:c0:01:94:ae:5c:b0:
86:1f:87:ae:8f:c1:f6:d5:18:c3:16:2a:c0:3d:3b:
fb:69:29:9d:c8:8c:fe:f9:95:94:e1:d0:52:ea:d0:
47:0a:e8:bf:bb:7e:2d:e9:72:b5:ad:87:60:a7:18:
93:8c:50:04:9b:65:93:cb:6d:44:d6:e1:a1:af:83:
28:1c:9c:0c:68:02:c6:12:9c:2f:39:18:20:68:a3:
1c:40:fd:f8:7a:b5:8f:da:ad:7c:85:c9:b2:a3:71:
f0:b4:8e:7b:d3:e9:21:47:13:83:47:eb:69:97:45:
40:d6:48:4d:5b:1b:88:20:26:7b:49:a3:3a:eb:86:
dd:9e:01:b0:da:f2:d4:b0:2b:a6:46:3b:38:b4:39:
e0:6f:4b:5e:c7:0f:0e:14:c1:df:34:0e:47:4a:da:
c2:97:7f:91:4b:17:14:6f:f9:db:0d:30:99:da:f6:
3b:2b:62:c3:92:3e:05:5a:21:15:cf:4f:2a:a6:90:
9e:8c:d4:b0:c5:1c:f2:00:26:49:73:4f:9b:db:bb:
66:e9:b3:3b:00:de:af:66:74:21:2d:d1:4b:7a:64:
48:e7:7a:46:12:04:4e:a7:f6:7c:fb:11:3d:2f:5c:
a1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:04:30:6B:21:24:AA:48:D0:4B:A3:4A:D4:70:FF:FC:D2:B8:DF:64
X509v3 Authority Key Identifier:
keyid:16:2A:F3:30:2F:6A:49:F7:EB:69:1A:C4:95:9E:1A:CF:95:DB:6C:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FirzMC9qSffraRrElZ4az5XbbOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7db061-0bca-4b0e-9483-e775d5faa9e3/1/xgQwayEkqkjQS6NK1HD__NK432Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7db061-0bca-4b0e-9483-e775d5faa9e3/1/FirzMC9qSffraRrElZ4az5XbbOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c98::/48
Signature Algorithm: sha256WithRSAEncryption
59:5d:cb:e3:a8:a0:47:5b:f2:26:cf:dd:19:cf:dc:f7:d5:d4:
03:8f:e1:d2:cb:c8:da:84:58:01:ad:93:6d:6b:f2:c3:0c:92:
23:70:29:3b:28:b6:da:eb:5b:06:32:16:5d:f7:19:53:3f:4b:
ee:50:96:8d:2b:57:4a:11:ce:c0:a4:d5:7f:2f:5f:e6:32:50:
d5:a7:a7:36:0a:3c:2a:7a:17:72:af:1d:21:a4:03:a5:cc:37:
83:2a:90:d3:09:2d:a3:ac:85:9e:66:6d:ff:0b:fc:43:79:41:
ae:9c:b4:bd:5c:7c:4a:6c:b2:b7:4a:6d:99:1f:b9:50:96:3c:
2f:8f:ee:12:d7:92:dc:05:2b:f5:83:26:cc:f2:cf:5a:8a:1a:
1b:70:13:d6:d0:13:4e:5a:eb:4a:09:ea:f7:00:7a:38:ae:14:
da:4a:c3:66:4d:5d:fc:5e:d6:d0:d9:10:86:2a:90:9d:69:fd:
f3:ca:a3:e5:fc:5c:25:ad:38:35:b8:4c:e8:c0:99:ad:ba:17:
41:e4:45:24:96:a5:4f:36:5f:7b:60:0a:03:05:43:ec:80:9a:
41:35:2b:ba:1b:35:55:dd:a3:67:17:0b:f8:3e:21:15:40:17:
1d:01:23:64:65:97:0d:17:b8:37:79:5d:f6:b5:1c:f1:23:3d:
4a:1f:b3:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuQcjCJDi08QKghLhlgapvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmFmMzMwMmY2YTQ5ZjdlYjY5MWFjNDk1OWUxYWNmOTVk
YjZjZTcwHhcNMjMwMTAxMTY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA0MzA2YjIxMjRhYTQ4ZDA0YmEzNGFkNDcwZmZmY2QyYjhkZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvPIW63fkkaBvXS/ZeaERN5XGZtz
zwTAAZSuXLCGH4euj8H21RjDFirAPTv7aSmdyIz++ZWU4dBS6tBHCui/u34t6XK1
rYdgpxiTjFAEm2WTy21E1uGhr4MoHJwMaALGEpwvORggaKMcQP34erWP2q18hcmy
o3HwtI570+khRxODR+tpl0VA1khNWxuIICZ7SaM664bdngGw2vLUsCumRjs4tDng
b0texw8OFMHfNA5HStrCl3+RSxcUb/nbDTCZ2vY7K2LDkj4FWiEVz08qppCejNSw
xRzyACZJc0+b27tm6bM7AN6vZnQhLdFLemRI53pGEgROp/Z8+xE9L1yhIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMYEMGshJKpI0EujStRw//zSuN9kMB8GA1UdIwQY
MBaAFBYq8zAvakn362kaxJWeGs+V22znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlyek1DOXFTZmZyYVJyRWxaNGF6NVhiYk9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83ZGIwNjEtMGJjYS00YjBlLTk0ODMt
ZTc3NWQ1ZmFhOWUzLzEveGdRd2F5RWtxa2pRUzZOSzFIRF9fTks0MzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83ZGIwNjEtMGJjYS00YjBlLTk0ODMtZTc3NWQ1ZmFhOWUz
LzEvRmlyek1DOXFTZmZyYVJyRWxaNGF6NVhiYk9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAyY
MA0GCSqGSIb3DQEBCwUAA4IBAQBZXcvjqKBHW/Imz90Zz9z31dQDj+HSy8jahFgB
rZNta/LDDJIjcCk7KLba61sGMhZd9xlTP0vuUJaNK1dKEc7ApNV/L1/mMlDVp6c2
Cjwqehdyrx0hpAOlzDeDKpDTCS2jrIWeZm3/C/xDeUGunLS9XHxKbLK3Sm2ZH7lQ
ljwvj+4S15LcBSv1gybM8s9aihobcBPW0BNOWutKCer3AHo4rhTaSsNmTV38XtbQ
2RCGKpCdaf3zyqPl/FwlrTg1uEzowJmtuhdB5EUklqVPNl97YAoDBUPsgJpBNSu6
GzVV3aNnFwv4PiEVQBcdASNkZZcNF7g3eV32tRzxIz1KH7MT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:20 2025 by rpki-client