Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0eed2b-2057-45e7-9f00-5ee18588df59/1/X_iUsQCwFAKgYgdKyM4pv_a0cq0.roa
File: X_iUsQCwFAKgYgdKyM4pv_a0cq0.roa (raw, json)
Hash identifier: NtGXjwXJzLzCVMldt6KX1TFj5DReYAW+5IuQXL96sJA=
Subject key identifier: 5F:F8:94:B1:00:B0:14:02:A0:62:07:4A:C8:CE:29:BF:F6:B4:72:AD
Certificate issuer: /CN=75245438a2b6209c81675ef35783d89a19b707fa
Certificate serial: 018571DE8AEFDBE887D1EE5C9E727486EADE
Authority key identifier: 75:24:54:38:A2:B6:20:9C:81:67:5E:F3:57:83:D8:9A:19:B7:07:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dSRUOKK2IJyBZ17zV4PYmhm3B_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0eed2b-2057-45e7-9f00-5ee18588df59/1/X_iUsQCwFAKgYgdKyM4pv_a0cq0.roa
Signing time: Mon 02 Jan 2023 09:44:48 +0000
ROA not before: Mon 02 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199852
IP address blocks: 2001:67c:197c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8a:ef:db:e8:87:d1:ee:5c:9e:72:74:86:ea:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75245438a2b6209c81675ef35783d89a19b707fa
Validity
Not Before: Jan 2 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff894b100b01402a062074ac8ce29bff6b472ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:df:18:a4:b2:75:69:4d:71:63:5c:52:60:7a:
7a:c0:01:13:d8:36:23:98:05:b5:65:e7:9f:5f:b3:
e2:d5:ac:41:52:19:81:1f:3c:e4:b6:f6:fb:47:09:
d1:fd:a5:02:60:f2:cb:89:eb:26:10:a9:79:d1:d3:
e3:2c:31:cb:da:03:79:3b:e8:34:06:a7:e2:04:7e:
c3:50:30:15:9a:45:2c:da:80:81:43:ed:76:60:4a:
90:97:e3:f6:5a:56:6e:ac:60:dc:06:2c:d2:ee:54:
d3:81:00:0b:0b:3f:b2:fa:32:9c:d2:d9:6a:fa:be:
5e:69:a9:40:af:11:83:e2:35:21:29:fd:3a:ca:fd:
e0:c5:07:c1:11:b4:62:9f:80:bc:7e:ee:cd:6a:f8:
67:62:3e:1a:cd:52:02:98:bd:47:ba:34:87:e3:2b:
31:4d:9e:74:64:79:59:f9:07:67:8d:1d:45:be:18:
ab:32:f9:b4:83:ec:c7:85:1b:d6:6a:9e:44:83:a8:
aa:77:2b:76:cb:b7:18:90:43:87:0e:de:c6:59:d7:
cc:0d:e4:4f:8f:77:7f:1a:fb:02:52:f5:84:4b:94:
d1:3b:2a:ec:f3:af:6b:f9:40:1c:3b:16:53:71:4e:
f1:14:b9:e3:80:71:6c:be:9b:4f:81:4f:87:81:a3:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F8:94:B1:00:B0:14:02:A0:62:07:4A:C8:CE:29:BF:F6:B4:72:AD
X509v3 Authority Key Identifier:
keyid:75:24:54:38:A2:B6:20:9C:81:67:5E:F3:57:83:D8:9A:19:B7:07:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dSRUOKK2IJyBZ17zV4PYmhm3B_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0eed2b-2057-45e7-9f00-5ee18588df59/1/X_iUsQCwFAKgYgdKyM4pv_a0cq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0eed2b-2057-45e7-9f00-5ee18588df59/1/dSRUOKK2IJyBZ17zV4PYmhm3B_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:197c::/48
Signature Algorithm: sha256WithRSAEncryption
63:16:75:65:6d:a6:6d:41:79:f2:77:25:5b:d1:2b:0b:09:ee:
81:f6:35:f6:50:86:ad:e1:bc:2b:50:44:d7:c9:7e:1b:52:09:
91:e8:cc:0c:24:58:3f:6d:0a:eb:c1:4c:2d:28:f9:f1:db:27:
c6:07:d1:b8:5d:09:8a:60:ef:59:7c:97:49:8e:d1:1f:d1:41:
9c:7e:7e:d0:d2:13:47:f5:14:92:fb:8c:94:38:49:c8:db:20:
d3:74:90:ed:54:47:1e:75:ec:e4:e4:4e:d0:9b:25:18:f5:23:
11:f5:ba:b3:d3:bd:73:c9:76:ab:b1:2f:84:f3:81:74:5a:b2:
cd:d7:8a:02:07:f0:4d:dc:e7:bd:17:37:bb:19:7e:36:72:c4:
a4:18:11:1c:a1:fe:2a:0b:3c:97:67:0d:48:3e:7f:c2:0d:83:
9d:69:17:92:14:54:09:bb:d9:6c:ef:35:93:53:6b:0a:bb:e5:
89:5c:11:6d:dd:07:34:9b:0e:94:2c:99:af:79:9e:15:04:a2:
98:78:75:d0:a2:dd:61:a3:0e:00:2c:0b:e9:5b:78:4a:b0:d5:
15:85:fe:41:e5:3a:0c:94:fb:72:56:90:e5:87:d2:c2:fc:b0:
63:30:f7:f7:cb:88:82:e6:67:24:5e:f2:4a:06:03:7b:a5:db:
f2:ec:30:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx3orv2+iH0e5cnnJ0hureMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MjQ1NDM4YTJiNjIwOWM4MTY3NWVmMzU3ODNkODlhMTli
NzA3ZmEwHhcNMjMwMTAyMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY4OTRiMTAwYjAxNDAyYTA2MjA3NGFjOGNlMjliZmY2YjQ3MmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk98YpLJ1aU1xY1xSYHp6wAET2DYj
mAW1ZeefX7Pi1axBUhmBHzzktvb7RwnR/aUCYPLLiesmEKl50dPjLDHL2gN5O+g0
BqfiBH7DUDAVmkUs2oCBQ+12YEqQl+P2WlZurGDcBizS7lTTgQALCz+y+jKc0tlq
+r5eaalArxGD4jUhKf06yv3gxQfBEbRin4C8fu7NavhnYj4azVICmL1HujSH4ysx
TZ50ZHlZ+QdnjR1FvhirMvm0g+zHhRvWap5Eg6iqdyt2y7cYkEOHDt7GWdfMDeRP
j3d/GvsCUvWES5TROyrs869r+UAcOxZTcU7xFLnjgHFsvptPgU+HgaOaqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF/4lLEAsBQCoGIHSsjOKb/2tHKtMB8GA1UdIwQY
MBaAFHUkVDiitiCcgWde81eD2JoZtwf6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFNSVU9LSzJJSnlCWjE3elY0UFltaG0zQl9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wZWVkMmItMjA1Ny00NWU3LTlmMDAt
NWVlMTg1ODhkZjU5LzEvWF9pVXNRQ3dGQUtnWWdkS3lNNHB2X2EwY3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wZWVkMmItMjA1Ny00NWU3LTlmMDAtNWVlMTg1ODhkZjU5
LzEvZFNSVU9LSzJJSnlCWjE3elY0UFltaG0zQl9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBl8
MA0GCSqGSIb3DQEBCwUAA4IBAQBjFnVlbaZtQXnydyVb0SsLCe6B9jX2UIat4bwr
UETXyX4bUgmR6MwMJFg/bQrrwUwtKPnx2yfGB9G4XQmKYO9ZfJdJjtEf0UGcfn7Q
0hNH9RSS+4yUOEnI2yDTdJDtVEcedezk5E7QmyUY9SMR9bqz071zyXarsS+E84F0
WrLN14oCB/BN3Oe9Fze7GX42csSkGBEcof4qCzyXZw1IPn/CDYOdaReSFFQJu9ls
7zWTU2sKu+WJXBFt3Qc0mw6ULJmveZ4VBKKYeHXQot1how4ALAvpW3hKsNUVhf5B
5ToMlPtyVpDlh9LC/LBjMPf3y4iC5mckXvJKBgN7pdvy7DA4
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:56:48 2025 by rpki-client