Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/aI7oId2SqdiqQSxMCUe0zRNiP34.roa
File: aI7oId2SqdiqQSxMCUe0zRNiP34.roa (raw, json)
Hash identifier: lbqW7FK7Hz9QuvyKEOZA8iualle9tGR5Fl7NLRkicuw=
Subject key identifier: 68:8E:E8:21:DD:92:A9:D8:AA:41:2C:4C:09:47:B4:CD:13:62:3F:7E
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 0185728345A7D0589BC93D82EC088642659F
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/aI7oId2SqdiqQSxMCUe0zRNiP34.roa
Signing time: Mon 02 Jan 2023 12:44:43 +0000
ROA not before: Mon 02 Jan 2023 12:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 2001:678:804::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:45:a7:d0:58:9b:c9:3d:82:ec:08:86:42:65:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jan 2 12:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=688ee821dd92a9d8aa412c4c0947b4cd13623f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bd:80:4c:3a:d0:34:10:cc:e5:34:e0:91:7b:
58:ef:2d:7b:ae:c9:7f:08:ff:e3:74:5c:7f:7d:1a:
db:8f:95:60:8e:a6:37:25:6b:21:af:76:20:ca:62:
5f:3a:9f:19:de:82:2d:b4:75:11:bf:b0:40:6b:aa:
64:d2:94:e7:4e:5a:a3:f7:8e:9f:5c:13:1b:ba:a1:
c0:02:71:d6:0e:78:7c:53:de:93:db:f8:ab:f6:ae:
fb:52:d1:11:40:61:f6:30:d6:17:be:d5:e3:04:3a:
56:03:5f:f6:ea:ce:eb:9c:47:c4:e8:04:1d:18:a5:
41:03:7f:1a:9b:2d:b9:19:2b:df:38:ca:ac:f0:b0:
22:30:7a:7d:e4:ae:d0:e7:6f:d7:4e:f5:77:d9:53:
c6:36:c0:53:d0:08:5b:a7:d3:ae:c2:41:94:9b:5a:
99:1e:90:c5:47:01:d4:ea:24:01:19:af:75:62:c5:
15:c5:53:2f:15:01:33:29:85:02:5e:2b:da:cf:fe:
96:56:fc:0c:b0:e9:b8:c1:20:9a:93:54:8e:b7:2b:
80:85:8b:ea:3f:19:dc:dd:b8:5d:4f:88:66:ee:3a:
cc:63:7c:b0:8c:06:9c:bd:07:67:e5:8b:3a:3e:89:
c0:dc:38:e6:59:dd:2b:ac:fb:66:06:53:94:85:8c:
91:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8E:E8:21:DD:92:A9:D8:AA:41:2C:4C:09:47:B4:CD:13:62:3F:7E
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/aI7oId2SqdiqQSxMCUe0zRNiP34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:804::/48
Signature Algorithm: sha256WithRSAEncryption
d1:46:69:35:3b:da:bf:13:ce:44:3b:8c:82:49:33:3e:9f:74:
26:2b:eb:56:fa:f2:3a:aa:ba:66:7f:63:11:e9:bb:4d:f9:47:
78:2c:47:61:36:e3:d8:86:b9:83:e3:98:49:09:15:48:fa:c0:
01:8d:dd:d1:8b:77:de:1d:51:2a:b9:69:b0:dc:9e:7f:a0:14:
22:ee:c4:66:20:b6:20:bf:50:a6:87:2f:b9:91:62:a4:4b:91:
67:82:9f:1c:38:69:2c:30:af:72:82:3e:09:cd:6e:b9:ea:54:
bb:b5:fe:7a:f8:d1:b0:a0:90:8e:5d:f5:7f:8c:a7:bb:a5:d8:
cd:b8:19:b5:e5:97:bf:98:bf:15:ba:92:eb:98:49:fe:01:a9:
41:f8:f8:4d:81:7a:b5:a8:ed:e1:99:1d:ee:37:e7:3e:69:40:
ee:d5:aa:56:58:34:c8:7e:ff:3f:44:90:84:0a:f8:aa:7f:e3:
e6:a4:73:3d:f0:10:02:38:94:7f:cd:62:e6:7a:35:b4:3e:48:
10:05:83:79:80:40:ff:51:0d:71:bf:90:0c:51:22:89:0e:2b:
02:bd:a0:5f:b8:f4:d0:fc:54:c2:e6:9b:b1:ea:0c:a2:63:70:
51:a4:87:59:8e:d6:6a:41:31:2d:01:c7:f3:8a:48:b5:35:5a:
cb:c7:d9:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyg0Wn0FibyT2C7AiGQmWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjMwMTAyMTI0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODhlZTgyMWRkOTJhOWQ4YWE0MTJjNGMwOTQ3YjRjZDEzNjIzZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL2ATDrQNBDM5TTgkXtY7y17rsl/
CP/jdFx/fRrbj5VgjqY3JWshr3YgymJfOp8Z3oIttHURv7BAa6pk0pTnTlqj946f
XBMbuqHAAnHWDnh8U96T2/ir9q77UtERQGH2MNYXvtXjBDpWA1/26s7rnEfE6AQd
GKVBA38amy25GSvfOMqs8LAiMHp95K7Q52/XTvV32VPGNsBT0Ahbp9OuwkGUm1qZ
HpDFRwHU6iQBGa91YsUVxVMvFQEzKYUCXivaz/6WVvwMsOm4wSCak1SOtyuAhYvq
Pxnc3bhdT4hm7jrMY3ywjAacvQdn5Ys6PonA3DjmWd0rrPtmBlOUhYyRvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGiO6CHdkqnYqkEsTAlHtM0TYj9+MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvYUk3b0lkMlNxZGlxUVN4TUNVZTB6Uk5pUDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAgE
MA0GCSqGSIb3DQEBCwUAA4IBAQDRRmk1O9q/E85EO4yCSTM+n3QmK+tW+vI6qrpm
f2MR6btN+Ud4LEdhNuPYhrmD45hJCRVI+sABjd3Ri3feHVEquWmw3J5/oBQi7sRm
ILYgv1Cmhy+5kWKkS5Fngp8cOGksMK9ygj4JzW656lS7tf56+NGwoJCOXfV/jKe7
pdjNuBm15Ze/mL8VupLrmEn+AalB+PhNgXq1qO3hmR3uN+c+aUDu1apWWDTIfv8/
RJCECviqf+PmpHM98BACOJR/zWLmejW0PkgQBYN5gED/UQ1xv5AMUSKJDisCvaBf
uPTQ/FTC5pux6gyiY3BRpIdZjtZqQTEtAcfziki1NVrLx9mt
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:10:01 2025 by rpki-client