Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/d9to-qGoiwFVgTgM_vvcir5UXSE.roa
File: d9to-qGoiwFVgTgM_vvcir5UXSE.roa (raw, json)
Hash identifier: qHSHRxBabH03G9w16kfRKt/xMM582hefELp/2FNH914=
Subject key identifier: 77:DB:68:FA:A1:A8:8B:01:55:81:38:0C:FE:FB:DC:8A:BE:54:5D:21
Certificate issuer: /CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0
Certificate serial: 01856D418EC8C5A85776D53572DEE30B0527
Authority key identifier: 2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/d9to-qGoiwFVgTgM_vvcir5UXSE.roa
Signing time: Sun 01 Jan 2023 12:14:50 +0000
ROA not before: Sun 01 Jan 2023 12:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199268
IP address blocks: 2001:67c:1328::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:8e:c8:c5:a8:57:76:d5:35:72:de:e3:0b:05:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0
Validity
Not Before: Jan 1 12:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77db68faa1a88b015581380cfefbdc8abe545d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:76:f7:87:21:c0:d4:d0:63:bc:ca:b3:41:00:
7d:b5:f5:be:89:44:1d:24:c0:e7:b8:e1:36:71:84:
0c:f1:0d:e0:dc:62:51:b7:ab:ed:02:b4:46:e9:f8:
fc:f7:b1:9c:75:10:70:b1:ec:d9:39:cc:56:79:b4:
d4:e9:63:04:86:4d:13:5d:a5:92:58:4c:6d:c1:37:
fe:26:80:16:a3:6b:2e:f7:5a:ae:e5:3a:43:3e:be:
22:4f:30:13:b3:0d:90:de:f5:cf:85:89:4c:0d:a7:
b5:14:8e:7c:c8:41:41:da:89:5e:8d:ec:37:33:93:
f3:a2:71:15:9f:7c:86:f6:75:5d:b3:76:f6:1b:7d:
3a:15:2a:15:96:6f:e9:5a:fb:79:67:db:70:f3:ad:
48:05:d0:f1:a6:69:d4:2c:aa:a9:bf:f0:dc:51:43:
54:72:f3:26:e8:d7:b8:2e:bc:96:0c:93:43:fe:2f:
dd:84:31:45:48:bd:4b:f2:29:28:f2:ec:4f:ff:f1:
a6:0d:a2:f6:d3:1f:47:8f:1f:ae:06:90:7f:ac:1b:
39:14:13:ef:54:30:5e:c8:50:df:13:14:b7:6e:31:
4b:ca:58:37:9f:8a:e4:96:82:d6:83:61:8a:6c:c9:
6a:38:d1:e9:1a:f0:0e:6a:6a:76:9f:6c:84:62:2d:
8d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DB:68:FA:A1:A8:8B:01:55:81:38:0C:FE:FB:DC:8A:BE:54:5D:21
X509v3 Authority Key Identifier:
keyid:2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/d9to-qGoiwFVgTgM_vvcir5UXSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1328::/48
Signature Algorithm: sha256WithRSAEncryption
78:40:70:2f:fc:c3:56:e7:4f:2e:87:36:a2:29:8d:58:7a:53:
d6:83:e5:19:a7:d8:36:75:6b:5a:9a:43:d9:52:0c:bc:56:bf:
3d:f0:2d:ae:c2:33:91:8e:d8:41:16:27:64:4c:bd:91:3b:4e:
8c:98:6c:c7:1d:12:89:80:e7:b4:6f:ca:ec:9a:52:12:24:0e:
35:c6:38:f7:b4:4c:2e:3d:52:5b:fa:23:98:0c:84:3e:c0:e8:
63:8e:29:f0:88:c9:3d:d0:66:cc:da:6c:7c:80:fc:2c:1d:a6:
69:62:83:22:8f:cc:fe:bd:2f:ca:d2:91:2d:ad:06:6b:a0:76:
e3:bf:76:c4:06:d7:b9:b7:f0:16:7f:44:05:75:f6:ee:dc:48:
88:5b:f2:3e:6c:47:19:c5:e9:e0:61:02:9d:07:cd:76:15:12:
9b:1a:d9:0e:ff:10:6f:ee:35:08:91:77:80:45:6f:4e:5a:5c:
70:23:a0:e4:af:dd:b9:46:20:58:e5:a8:31:f2:da:fc:18:18:
9a:27:c7:b9:98:65:ad:7b:5c:a1:8e:5f:e7:b7:4d:02:6a:c5:
6c:c3:ec:f3:74:0e:52:e0:b1:16:0c:42:62:54:b4:4a:25:22:
fa:9a:89:34:e4:8b:85:83:7d:84:2e:12:d8:d4:f4:35:31:ce:
02:d3:e7:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtQY7IxahXdtU1ct7jCwUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOGQ4ZDBjZWViY2NkNzViNjA2YmE0OTY4ZjVjNzk0NmU4
ZDQ3YzAwHhcNMjMwMTAxMTIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RiNjhmYWExYTg4YjAxNTU4MTM4MGNmZWZiZGM4YWJlNTQ1ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHb3hyHA1NBjvMqzQQB9tfW+iUQd
JMDnuOE2cYQM8Q3g3GJRt6vtArRG6fj897GcdRBwsezZOcxWebTU6WMEhk0TXaWS
WExtwTf+JoAWo2su91qu5TpDPr4iTzATsw2Q3vXPhYlMDae1FI58yEFB2olejew3
M5PzonEVn3yG9nVds3b2G306FSoVlm/pWvt5Z9tw861IBdDxpmnULKqpv/DcUUNU
cvMm6Ne4LryWDJND/i/dhDFFSL1L8iko8uxP//GmDaL20x9Hjx+uBpB/rBs5FBPv
VDBeyFDfExS3bjFLylg3n4rkloLWg2GKbMlqONHpGvAOamp2n2yEYi2NwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHfbaPqhqIsBVYE4DP773Iq+VF0hMB8GA1UdIwQY
MBaAFC+NjQzuvM11tga6SWj1x5RujUfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDct
M2NiZDUyNTdiMDNlLzEvZDl0by1xR29pd0ZWZ1RnTV92dmNpcjVVWFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDctM2NiZDUyNTdiMDNl
LzEvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBMo
MA0GCSqGSIb3DQEBCwUAA4IBAQB4QHAv/MNW508uhzaiKY1YelPWg+UZp9g2dWta
mkPZUgy8Vr898C2uwjORjthBFidkTL2RO06MmGzHHRKJgOe0b8rsmlISJA41xjj3
tEwuPVJb+iOYDIQ+wOhjjinwiMk90GbM2mx8gPwsHaZpYoMij8z+vS/K0pEtrQZr
oHbjv3bEBte5t/AWf0QFdfbu3EiIW/I+bEcZxengYQKdB812FRKbGtkO/xBv7jUI
kXeARW9OWlxwI6Dkr925RiBY5agx8tr8GBiaJ8e5mGWte1yhjl/nt00CasVsw+zz
dA5S4LEWDEJiVLRKJSL6mok05IuFg32ELhLY1PQ1Mc4C0+fQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:38 2025 by rpki-client