Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f2b083-b3b9-4aa6-a149-fbb553b84641/1/kLTaDPCLTi8hL0thEhSkTzAI4to.roa
File: kLTaDPCLTi8hL0thEhSkTzAI4to.roa (raw, json)
Hash identifier: yRdQU35jctrSfWy8X179woeq128pwNM95Eqetywk/ZM=
Subject key identifier: 90:B4:DA:0C:F0:8B:4E:2F:21:2F:4B:61:12:14:A4:4F:30:08:E2:DA
Certificate issuer: /CN=a7ddfaf13b7dbe05daa32b5878b8b68024045971
Certificate serial: 01857203586D9139733B9A07AACA484DE778
Authority key identifier: A7:DD:FA:F1:3B:7D:BE:05:DA:A3:2B:58:78:B8:B6:80:24:04:59:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9368Tt9vgXaoytYeLi2gCQEWXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f2b083-b3b9-4aa6-a149-fbb553b84641/1/kLTaDPCLTi8hL0thEhSkTzAI4to.roa
Signing time: Mon 02 Jan 2023 10:24:59 +0000
ROA not before: Mon 02 Jan 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202560
IP address blocks: 2001:67c:74::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:58:6d:91:39:73:3b:9a:07:aa:ca:48:4d:e7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ddfaf13b7dbe05daa32b5878b8b68024045971
Validity
Not Before: Jan 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90b4da0cf08b4e2f212f4b611214a44f3008e2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f8:e8:b3:29:5a:87:08:be:07:93:84:6c:6a:
99:03:3c:bf:9e:b2:33:0b:f3:41:b6:13:99:49:e6:
fe:a3:3f:6b:c6:34:17:10:a1:f7:d7:73:04:d1:00:
9b:09:22:f3:85:46:c4:de:c8:37:aa:88:0e:34:43:
aa:41:70:8b:2a:29:82:b2:50:67:d9:15:31:a4:e2:
92:21:7f:8b:49:8e:16:59:36:98:bc:c8:50:fd:fb:
ab:7e:77:d4:17:11:9e:2f:f5:95:a4:7a:a6:47:e6:
3d:8a:ff:6b:85:3b:ca:f4:05:cf:d9:23:b3:0c:d6:
9e:77:2f:f8:a3:ab:48:bd:d8:2e:7f:44:3f:f6:33:
35:6a:60:c1:d6:dd:83:9e:cc:b0:05:46:bd:a1:3d:
78:b2:a9:63:42:1f:55:6c:02:f5:09:fd:79:9f:75:
ed:65:f8:4b:3e:c5:51:6b:f7:88:16:18:0c:b2:a0:
54:d9:f6:a4:91:76:6e:83:9c:21:12:fb:d3:2f:fd:
c3:88:e8:1b:82:34:d9:77:e9:fd:f3:3e:2d:8b:79:
f2:1e:2a:d8:3f:8b:f8:ec:b3:a9:e2:03:0e:e7:d5:
50:a3:2f:0c:29:f3:91:41:d0:e2:35:36:cf:19:8e:
04:98:b1:af:a1:89:32:3d:b6:00:b7:22:cd:90:5a:
41:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B4:DA:0C:F0:8B:4E:2F:21:2F:4B:61:12:14:A4:4F:30:08:E2:DA
X509v3 Authority Key Identifier:
keyid:A7:DD:FA:F1:3B:7D:BE:05:DA:A3:2B:58:78:B8:B6:80:24:04:59:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9368Tt9vgXaoytYeLi2gCQEWXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f2b083-b3b9-4aa6-a149-fbb553b84641/1/kLTaDPCLTi8hL0thEhSkTzAI4to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f2b083-b3b9-4aa6-a149-fbb553b84641/1/p9368Tt9vgXaoytYeLi2gCQEWXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:74::/48
Signature Algorithm: sha256WithRSAEncryption
af:22:7c:a8:6d:9b:a0:7d:20:9f:d2:cd:5b:4e:5d:b2:67:61:
e9:5d:b2:7c:5a:85:5f:e5:59:fb:6e:68:8a:6b:5d:92:a9:90:
c7:dc:c7:c0:42:b6:be:47:e4:c0:cb:92:b6:d4:26:62:02:7a:
ce:6d:43:cb:47:19:a8:a9:e7:18:60:a8:28:20:e1:54:ff:93:
35:55:dc:ca:24:6c:d5:80:21:a7:71:30:41:47:1e:c1:1d:b5:
4c:a5:af:3b:cf:89:fd:00:10:48:5e:d6:c2:94:6b:2a:c7:fe:
22:89:79:66:6f:bd:3f:1c:87:9f:8e:7b:fa:4c:fd:58:64:6c:
23:c1:14:77:5a:16:de:f9:ce:ce:a5:24:89:45:ff:72:57:a7:
57:c7:2c:ef:dd:0a:40:15:88:73:82:22:0c:c4:c3:0f:07:c8:
64:b0:91:39:86:00:85:b5:8b:a1:6d:6e:eb:3d:fd:21:69:64:
98:eb:af:aa:a0:90:7b:11:46:b2:a1:95:97:8a:11:68:2f:f7:
d9:22:c6:2d:01:3c:be:37:e4:aa:62:08:d4:91:1d:ae:a6:25:
0e:93:64:c2:d9:c8:df:78:25:d8:7b:8f:49:f3:8a:c4:00:8e:
d7:29:92:9b:f6:67:6f:c4:79:29:ac:ae:72:a0:92:d9:52:9a:
34:9a:8b:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyA1htkTlzO5oHqspITed4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZGRmYWYxM2I3ZGJlMDVkYWEzMmI1ODc4YjhiNjgwMjQw
NDU5NzEwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI0ZGEwY2YwOGI0ZTJmMjEyZjRiNjExMjE0YTQ0ZjMwMDhlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPjosylahwi+B5OEbGqZAzy/nrIz
C/NBthOZSeb+oz9rxjQXEKH313ME0QCbCSLzhUbE3sg3qogONEOqQXCLKimCslBn
2RUxpOKSIX+LSY4WWTaYvMhQ/furfnfUFxGeL/WVpHqmR+Y9iv9rhTvK9AXP2SOz
DNaedy/4o6tIvdguf0Q/9jM1amDB1t2DnsywBUa9oT14sqljQh9VbAL1Cf15n3Xt
ZfhLPsVRa/eIFhgMsqBU2fakkXZug5whEvvTL/3DiOgbgjTZd+n98z4ti3nyHirY
P4v47LOp4gMO59VQoy8MKfORQdDiNTbPGY4EmLGvoYkyPbYAtyLNkFpBpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJC02gzwi04vIS9LYRIUpE8wCOLaMB8GA1UdIwQY
MBaAFKfd+vE7fb4F2qMrWHi4toAkBFlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDkzNjhUdDl2Z1hhb3l0WWVMaTJnQ1FFV1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMmIwODMtYjNiOS00YWE2LWExNDkt
ZmJiNTUzYjg0NjQxLzEva0xUYURQQ0xUaThoTDB0aEVoU2tUekFJNHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMmIwODMtYjNiOS00YWE2LWExNDktZmJiNTUzYjg0NjQx
LzEvcDkzNjhUdDl2Z1hhb3l0WWVMaTJnQ1FFV1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAB0
MA0GCSqGSIb3DQEBCwUAA4IBAQCvInyobZugfSCf0s1bTl2yZ2HpXbJ8WoVf5Vn7
bmiKa12SqZDH3MfAQra+R+TAy5K21CZiAnrObUPLRxmoqecYYKgoIOFU/5M1VdzK
JGzVgCGncTBBRx7BHbVMpa87z4n9ABBIXtbClGsqx/4iiXlmb70/HIefjnv6TP1Y
ZGwjwRR3Whbe+c7OpSSJRf9yV6dXxyzv3QpAFYhzgiIMxMMPB8hksJE5hgCFtYuh
bW7rPf0haWSY66+qoJB7EUayoZWXihFoL/fZIsYtATy+N+SqYgjUkR2upiUOk2TC
2cjfeCXYe49J84rEAI7XKZKb9mdvxHkprK5yoJLZUpo0mouC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:05 2025 by rpki-client