Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/45df63-95f0-4254-8c9b-b223c72a5593/1/PiSD28SG5zdL7kECERCzWW1tipY.roa
File: PiSD28SG5zdL7kECERCzWW1tipY.roa (raw, json)
Hash identifier: m8qQtRCPyr9RyuYrfkyYx0tS1SmZEvol07j/CM8tGCg=
Subject key identifier: 3E:24:83:DB:C4:86:E7:37:4B:EE:41:02:11:10:B3:59:6D:6D:8A:96
Certificate issuer: /CN=5448b9d5b85171f7264238b27a0306c56cfb6b4f
Certificate serial: 018A40DBB926B76B0C680E0DF22D302B2CFA
Authority key identifier: 54:48:B9:D5:B8:51:71:F7:26:42:38:B2:7A:03:06:C5:6C:FB:6B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEi51bhRcfcmQjiyegMGxWz7a08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/45df63-95f0-4254-8c9b-b223c72a5593/1/PiSD28SG5zdL7kECERCzWW1tipY.roa
Signing time: Tue 29 Aug 2023 10:34:16 +0000
ROA not before: Tue 29 Aug 2023 10:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35332
IP address blocks: 2001:678:5b4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:db:b9:26:b7:6b:0c:68:0e:0d:f2:2d:30:2b:2c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5448b9d5b85171f7264238b27a0306c56cfb6b4f
Validity
Not Before: Aug 29 10:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e2483dbc486e7374bee41021110b3596d6d8a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:85:7b:f7:64:7e:3e:81:38:89:a1:5f:52:
c4:4e:26:fa:8c:c4:da:d5:d5:9a:84:43:0b:09:7f:
ea:72:0e:69:46:24:1c:2c:ba:2b:3f:ad:d1:b5:15:
e3:22:94:1e:74:00:62:f5:46:16:67:c1:7d:6f:bc:
d2:4c:a3:79:6c:28:30:98:3d:3e:87:55:e9:87:89:
1e:30:eb:e8:66:16:43:96:ce:69:ca:d6:a2:fd:31:
c1:f7:56:a9:9f:4e:b6:25:c2:d0:39:9d:b9:59:21:
cd:be:88:22:9a:20:b4:9b:14:38:34:19:8d:54:9f:
7f:99:89:95:e5:a2:8b:5c:16:c2:1b:4d:44:48:3e:
2c:2b:44:bb:21:b8:39:a8:ef:42:0d:9e:97:e0:fa:
20:fb:31:01:e6:86:25:de:86:b8:f4:12:02:ce:ee:
d7:76:57:b4:e4:ed:8f:a7:56:be:cf:9d:55:ed:2f:
d9:5a:8f:a0:a4:ba:1c:13:25:e7:63:2e:31:71:e1:
48:c2:e8:9c:37:bf:5d:f6:6f:47:ce:fd:0f:86:45:
68:b3:92:34:af:15:2d:d4:ec:28:dc:cf:fa:5a:35:
67:bd:42:ec:ad:2b:18:62:5d:db:66:45:d8:72:1c:
c8:e0:d8:c1:6f:f5:03:b3:a8:90:89:f9:fe:d4:33:
e1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:24:83:DB:C4:86:E7:37:4B:EE:41:02:11:10:B3:59:6D:6D:8A:96
X509v3 Authority Key Identifier:
keyid:54:48:B9:D5:B8:51:71:F7:26:42:38:B2:7A:03:06:C5:6C:FB:6B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEi51bhRcfcmQjiyegMGxWz7a08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/45df63-95f0-4254-8c9b-b223c72a5593/1/PiSD28SG5zdL7kECERCzWW1tipY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/45df63-95f0-4254-8c9b-b223c72a5593/1/VEi51bhRcfcmQjiyegMGxWz7a08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5b4::/48
Signature Algorithm: sha256WithRSAEncryption
40:a4:3a:63:b4:72:da:bd:a7:fd:b3:06:ad:d1:84:2b:73:1b:
04:40:f9:25:c4:34:31:be:ae:ac:be:3b:50:23:ec:63:0d:db:
00:d7:bf:08:ac:51:43:eb:c7:21:ff:2c:03:d1:d5:63:9d:8a:
c8:10:b1:22:7e:fd:8b:38:2a:18:e6:ea:a7:b8:f5:fe:37:8f:
c7:1b:a1:6b:43:ad:89:6f:49:66:20:f5:9b:10:3c:56:e6:7a:
32:6d:aa:75:d3:60:c2:c2:65:82:c6:81:04:6e:65:18:1f:35:
d1:07:54:44:85:7e:72:01:74:2e:bc:13:dc:9d:54:37:65:01:
b0:6a:6b:97:ff:12:43:a5:c8:df:7a:98:4a:7a:82:97:ae:ee:
bc:03:7f:12:23:ff:22:cd:8b:ad:05:18:77:d8:00:fc:4e:e4:
ae:46:85:be:e3:cd:92:f6:16:cf:8e:e2:4c:22:8f:61:46:2d:
b4:aa:22:24:20:04:15:ae:b0:5b:cb:7c:94:79:18:7f:4a:c4:
44:4a:87:90:ed:42:7c:c1:c8:6d:eb:92:68:e4:0b:9f:89:a9:
3d:20:8f:b5:a9:52:90:4d:dd:2e:77:72:d2:a1:41:f5:14:6c:
bc:64:34:c6:7b:b8:97:bf:0a:0d:29:19:fd:8f:8a:e3:d0:0e:
6e:78:c3:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYpA27kmt2sMaA4N8i0wKyz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDhiOWQ1Yjg1MTcxZjcyNjQyMzhiMjdhMDMwNmM1NmNm
YjZiNGYwHhcNMjMwODI5MTAzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI0ODNkYmM0ODZlNzM3NGJlZTQxMDIxMTEwYjM1OTZkNmQ4YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk+Fe/dkfj6BOImhX1LETib6jMTa
1dWahEMLCX/qcg5pRiQcLLorP63RtRXjIpQedABi9UYWZ8F9b7zSTKN5bCgwmD0+
h1Xph4keMOvoZhZDls5pytai/THB91apn062JcLQOZ25WSHNvogimiC0mxQ4NBmN
VJ9/mYmV5aKLXBbCG01ESD4sK0S7Ibg5qO9CDZ6X4Pog+zEB5oYl3oa49BICzu7X
dle05O2Pp1a+z51V7S/ZWo+gpLocEyXnYy4xceFIwuicN79d9m9Hzv0PhkVos5I0
rxUt1Owo3M/6WjVnvULsrSsYYl3bZkXYchzI4NjBb/UDs6iQifn+1DPh1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD4kg9vEhuc3S+5BAhEQs1ltbYqWMB8GA1UdIwQY
MBaAFFRIudW4UXH3JkI4snoDBsVs+2tPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVpNTFiaFJjZmNtUWppeWVnTUd4V3o3YTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80NWRmNjMtOTVmMC00MjU0LThjOWIt
YjIyM2M3MmE1NTkzLzEvUGlTRDI4U0c1emRMN2tFQ0VSQ3pXVzF0aXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80NWRmNjMtOTVmMC00MjU0LThjOWItYjIyM2M3MmE1NTkz
LzEvVkVpNTFiaFJjZmNtUWppeWVnTUd4V3o3YTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAW0
MA0GCSqGSIb3DQEBCwUAA4IBAQBApDpjtHLavaf9swat0YQrcxsEQPklxDQxvq6s
vjtQI+xjDdsA178IrFFD68ch/ywD0dVjnYrIELEifv2LOCoY5uqnuPX+N4/HG6Fr
Q62Jb0lmIPWbEDxW5noybap102DCwmWCxoEEbmUYHzXRB1REhX5yAXQuvBPcnVQ3
ZQGwamuX/xJDpcjfephKeoKXru68A38SI/8izYutBRh32AD8TuSuRoW+482S9hbP
juJMIo9hRi20qiIkIAQVrrBby3yUeRh/SsRESoeQ7UJ8wcht65Jo5Aufiak9II+1
qVKQTd0ud3LSoUH1FGy8ZDTGe7iXvwoNKRn9j4rj0A5ueMPy
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:41 2025 by rpki-client