Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/bOsyXs70XvvQQrhjPGbwpiipFjo.roa
File: bOsyXs70XvvQQrhjPGbwpiipFjo.roa (raw, json)
Hash identifier: /KP6a1FU6Z5h1/letVAgUiGWwGe/xlehExx04W76zQI=
Subject key identifier: 6C:EB:32:5E:CE:F4:5E:FB:D0:42:B8:63:3C:66:F0:A6:28:A9:16:3A
Certificate issuer: /CN=eef8e980ce1eeb32748d94b1d0cd42489f91f6e9
Certificate serial: 01856F42E1DC94E9023E4BCA99CE10FB8DF6
Authority key identifier: EE:F8:E9:80:CE:1E:EB:32:74:8D:94:B1:D0:CD:42:48:9F:91:F6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/bOsyXs70XvvQQrhjPGbwpiipFjo.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210564
IP address blocks: 2001:67c:20fc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e1:dc:94:e9:02:3e:4b:ca:99:ce:10:fb:8d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eef8e980ce1eeb32748d94b1d0cd42489f91f6e9
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ceb325ecef45efbd042b8633c66f0a628a9163a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:69:fc:10:8f:00:fa:86:14:26:1f:10:e7:
b1:40:06:9a:73:23:c4:63:f3:ca:ef:75:56:ce:9f:
2a:7b:0d:08:e4:97:f3:27:13:74:c7:f2:51:50:43:
77:b8:1f:46:e5:4e:12:cc:e2:a4:2b:d3:15:5b:88:
6f:82:bf:85:74:73:05:08:1a:30:e5:fb:2c:87:22:
d5:b6:81:10:23:29:1b:25:5c:ab:24:47:ba:09:dd:
ab:80:0e:7a:d0:99:c2:b4:f7:69:92:fb:01:89:a8:
85:5e:58:94:96:24:5a:e1:4a:53:41:f3:57:f4:16:
95:57:25:51:4a:51:0c:c4:a5:60:f0:14:32:e8:c0:
15:44:50:5d:c7:ba:4e:b7:4b:9f:41:54:27:37:15:
82:28:fb:23:4f:f8:fc:3e:b5:9e:3d:8a:98:9c:fd:
66:24:c4:11:ae:64:cb:3a:2e:56:6a:c2:0b:15:60:
ba:a5:e4:e9:b1:13:ea:8b:b4:af:a6:fc:e8:e2:7a:
6b:77:33:75:76:4f:a0:17:19:79:50:8e:ab:45:b5:
58:63:84:6f:a9:45:4c:47:06:81:72:78:05:4d:fe:
0b:a1:fc:ff:7c:ac:1f:75:ed:f4:95:64:c6:a2:21:
9b:ec:9e:1d:21:dd:09:a6:9e:a0:1d:4e:32:bd:c2:
ab:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EB:32:5E:CE:F4:5E:FB:D0:42:B8:63:3C:66:F0:A6:28:A9:16:3A
X509v3 Authority Key Identifier:
keyid:EE:F8:E9:80:CE:1E:EB:32:74:8D:94:B1:D0:CD:42:48:9F:91:F6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/bOsyXs70XvvQQrhjPGbwpiipFjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:20fc::/48
Signature Algorithm: sha256WithRSAEncryption
0f:30:70:a6:f3:30:b4:af:9e:34:c9:5d:59:23:7d:d9:5c:b1:
b6:66:31:e7:61:c0:b2:6a:a6:db:69:0e:fe:ee:8a:72:0f:bb:
cc:00:30:ce:f1:f7:92:1c:54:3c:71:04:0b:9a:44:db:d1:0d:
7c:3b:e0:0e:68:11:37:31:10:7d:cc:10:06:59:fa:57:c1:a2:
de:ed:69:0e:96:e0:45:49:6e:98:0e:2f:41:94:25:07:d7:ee:
3d:66:07:96:a8:03:15:c2:28:af:ad:9a:a9:6e:f0:7d:1d:89:
6d:ba:15:a3:cc:b4:c4:c2:7c:29:66:6c:bb:b5:08:72:19:f0:
50:8b:7e:ba:67:dd:bd:b6:b8:7d:9b:f4:1d:7a:b8:68:d0:95:
f8:35:7f:2a:45:b4:6c:13:bb:27:ba:93:7e:a1:f7:12:84:d0:
88:07:2b:26:9d:72:7f:24:4b:30:d9:b3:6e:9f:b3:ee:e5:04:
a8:a5:31:99:17:11:7f:94:f7:46:ee:04:0c:61:28:47:64:5c:
d3:b6:12:e8:18:9b:e1:fd:2f:11:64:6a:50:5f:c1:a3:ce:be:
bf:3a:09:21:e5:81:40:8e:60:ad:75:95:ba:dd:0f:0d:ad:26:
fa:44:c0:b0:4c:41:7c:fb:a7:70:1b:8d:b0:f4:c0:6d:2b:57:
2d:c4:db:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuHclOkCPkvKmc4Q+432MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZjhlOTgwY2UxZWViMzI3NDhkOTRiMWQwY2Q0MjQ4OWY5
MWY2ZTkwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ViMzI1ZWNlZjQ1ZWZiZDA0MmI4NjMzYzY2ZjBhNjI4YTkxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Vp/BCPAPqGFCYfEOexQAaacyPE
Y/PK73VWzp8qew0I5JfzJxN0x/JRUEN3uB9G5U4SzOKkK9MVW4hvgr+FdHMFCBow
5fsshyLVtoEQIykbJVyrJEe6Cd2rgA560JnCtPdpkvsBiaiFXliUliRa4UpTQfNX
9BaVVyVRSlEMxKVg8BQy6MAVRFBdx7pOt0ufQVQnNxWCKPsjT/j8PrWePYqYnP1m
JMQRrmTLOi5WasILFWC6peTpsRPqi7Svpvzo4nprdzN1dk+gFxl5UI6rRbVYY4Rv
qUVMRwaBcngFTf4Lofz/fKwfde30lWTGoiGb7J4dId0Jpp6gHU4yvcKrGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGzrMl7O9F770EK4Yzxm8KYoqRY6MB8GA1UdIwQY
MBaAFO746YDOHusydI2UsdDNQkifkfbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3ZqcGdNNGU2ekowalpTeDBNMUNTSi1SOXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lOGUwNTMtZWExMC00Mjg1LWFkYWEt
YjQ5NWVjY2IwOWM0LzEvYk9zeVhzNzBYdnZRUXJoalBHYndwaWlwRmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lOGUwNTMtZWExMC00Mjg1LWFkYWEtYjQ5NWVjY2IwOWM0
LzEvN3ZqcGdNNGU2ekowalpTeDBNMUNTSi1SOXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCD8
MA0GCSqGSIb3DQEBCwUAA4IBAQAPMHCm8zC0r540yV1ZI33ZXLG2ZjHnYcCyaqbb
aQ7+7opyD7vMADDO8feSHFQ8cQQLmkTb0Q18O+AOaBE3MRB9zBAGWfpXwaLe7WkO
luBFSW6YDi9BlCUH1+49ZgeWqAMVwiivrZqpbvB9HYltuhWjzLTEwnwpZmy7tQhy
GfBQi366Z929trh9m/Qderho0JX4NX8qRbRsE7snupN+ofcShNCIBysmnXJ/JEsw
2bNun7Pu5QSopTGZFxF/lPdG7gQMYShHZFzTthLoGJvh/S8RZGpQX8Gjzr6/Ogkh
5YFAjmCtdZW63Q8NrSb6RMCwTEF8+6dwG42w9MBtK1ctxNsP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:31 2025 by rpki-client