Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/t8-MVRioz4dZveVZt1HOwdmnw0U.roa
File: t8-MVRioz4dZveVZt1HOwdmnw0U.roa (raw, json)
Hash identifier: DbKYANCw091WZwLM8aeUySZCbeU498lYrL7iGFgVhKc=
Subject key identifier: B7:CF:8C:55:18:A8:CF:87:59:BD:E5:59:B7:51:CE:C1:D9:A7:C3:45
Certificate issuer: /CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Certificate serial: 05CD1DF0
Authority key identifier: 1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/t8-MVRioz4dZveVZt1HOwdmnw0U.roa
Signing time: Sat 01 Jan 2022 01:51:36 +0000
ROA not before: Sat 01 Jan 2022 01:51:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58299
IP address blocks: 2001:678:ca0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97328624 (0x5cd1df0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Validity
Not Before: Jan 1 01:51:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7cf8c5518a8cf8759bde559b751cec1d9a7c345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:a2:6c:21:e2:82:37:bc:3a:09:24:30:37:
8a:dd:8b:7d:93:1e:d5:b2:a7:46:d3:2b:4c:69:44:
02:e2:d2:82:6d:2f:45:72:e2:4d:1a:f7:1e:e1:db:
ec:26:f4:98:7a:cd:d3:c6:55:a5:71:83:eb:3a:44:
e6:4f:1c:8e:74:f3:49:63:7a:3c:ed:82:16:74:5f:
61:75:d9:13:ee:06:f8:19:a0:ef:49:64:ca:b9:d1:
cd:3a:e8:14:96:d7:3a:cc:89:40:22:d7:c1:f7:b9:
ce:e8:a6:47:69:2e:29:5c:d7:aa:69:ec:75:c2:85:
5a:09:5e:b4:b9:11:a5:47:96:91:f2:40:6e:35:18:
d6:d1:da:8b:d0:cc:65:45:14:84:78:12:a1:41:28:
77:81:25:27:c6:40:e1:4e:1d:60:f0:26:c7:9c:82:
7d:1e:c9:59:70:8c:65:96:5a:a7:63:63:e8:b8:6d:
e6:f8:90:2f:82:65:46:94:b0:24:4a:40:d1:bf:63:
1e:82:95:cb:eb:64:c0:36:64:ed:a1:e6:b7:78:1f:
cf:7b:e4:72:78:6e:9c:2a:da:32:48:4e:00:1d:6c:
0f:6a:6f:16:9c:27:c6:20:88:8e:c0:04:e5:2a:49:
b3:e4:97:77:ec:e4:4a:c4:bb:a1:c0:8a:9f:d1:42:
05:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CF:8C:55:18:A8:CF:87:59:BD:E5:59:B7:51:CE:C1:D9:A7:C3:45
X509v3 Authority Key Identifier:
keyid:1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/t8-MVRioz4dZveVZt1HOwdmnw0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ca0::/48
Signature Algorithm: sha256WithRSAEncryption
37:fb:f9:20:f9:9e:eb:71:1c:0e:3e:45:44:b0:8d:95:9b:59:
df:c2:9b:3b:25:3c:15:41:87:c1:1b:ef:26:fb:a7:60:b6:a5:
af:21:bc:4d:fd:d4:ec:22:31:fb:62:d2:43:08:68:f1:16:d9:
64:5b:5f:58:64:29:4e:6b:be:39:96:58:3b:1c:8f:25:d4:46:
06:7b:aa:a2:8b:b6:ae:2d:c4:ae:ec:4e:1c:31:07:7e:3d:e5:
df:c2:76:51:4a:48:5c:87:a6:ab:fb:72:c6:6f:c5:f6:b0:c2:
0f:91:96:29:da:fb:27:08:bb:d1:14:f3:c4:a6:f0:62:40:be:
bf:c9:93:b9:40:ea:2e:d3:9d:72:40:94:72:4d:dd:c0:a7:5c:
4d:c2:47:80:6a:ba:03:2f:c3:00:39:2a:88:e7:0d:4a:5d:ce:
d1:e0:7a:2b:fd:39:54:28:57:47:38:4f:63:b2:e0:2f:40:13:
fa:04:36:05:f9:9a:cd:e8:4b:a2:55:d2:63:8c:39:2b:1a:7e:
3a:b3:29:92:75:23:35:fc:3e:6a:5b:c7:f7:e0:ce:f4:f8:76:
49:ca:9f:5d:6d:e1:7e:0c:b3:86:4d:de:54:3f:f7:f3:8c:d3:
42:03:65:f6:be:cb:77:23:e4:77:71:34:e0:e0:e3:fa:29:1f:
97:d1:0a:04
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBc0d8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDkwMzQ0ZGNhZmZiZDMzZTY4ZDg0ODk1ZDg3ZDhhYmY1M2M3NGEzMB4XDTIyMDEw
MTAxNTEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdjZjhjNTUxOGE4
Y2Y4NzU5YmRlNTU5Yjc1MWNlYzFkOWE3YzM0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+Vomwh4oI3vDoJJDA3it2LfZMe1bKnRtMrTGlEAuLSgm0v
RXLiTRr3HuHb7Cb0mHrN08ZVpXGD6zpE5k8cjnTzSWN6PO2CFnRfYXXZE+4G+Bmg
70lkyrnRzTroFJbXOsyJQCLXwfe5zuimR2kuKVzXqmnsdcKFWgletLkRpUeWkfJA
bjUY1tHai9DMZUUUhHgSoUEod4ElJ8ZA4U4dYPAmx5yCfR7JWXCMZZZap2Nj6Lht
5viQL4JlRpSwJEpA0b9jHoKVy+tkwDZk7aHmt3gfz3vkcnhunCraMkhOAB1sD2pv
FpwnxiCIjsAE5SpJs+SXd+zkSsS7ocCKn9FCBY8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS3z4xVGKjPh1m95Vm3Uc7B2afDRTAfBgNVHSMEGDAWgBQdkDRNyv+9M+aN
hIldh9ir9Tx0ozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0haQTBUY3JfdlRQbWpZU0pYWWZZcV9VOGRLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvOWMzZDI4LTA1ZDYtNDdiMC05MWVmLWU1MDY0ZGIyMWIyMC8x
L3Q4LU1WUmlvejRkWnZlVlp0MUhPd2RtbncwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
OWMzZDI4LTA1ZDYtNDdiMC05MWVmLWU1MDY0ZGIyMWIyMC8xL0haQTBUY3JfdlRQ
bWpZU0pYWWZZcV9VOGRLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngMoDANBgkqhkiG9w0BAQsF
AAOCAQEAN/v5IPme63EcDj5FRLCNlZtZ38KbOyU8FUGHwRvvJvunYLalryG8Tf3U
7CIx+2LSQwho8RbZZFtfWGQpTmu+OZZYOxyPJdRGBnuqoou2ri3EruxOHDEHfj3l
38J2UUpIXIemq/tyxm/F9rDCD5GWKdr7Jwi70RTzxKbwYkC+v8mTuUDqLtOdckCU
ck3dwKdcTcJHgGq6Ay/DADkqiOcNSl3O0eB6K/05VChXRzhPY7LgL0AT+gQ2Bfma
zehLolXSY4w5Kxp+OrMpknUjNfw+alvH9+DO9Ph2ScqfXW3hfgyzhk3eVD/384zT
QgNl9r7LdyPkd3E04ODj+ikfl9EKBA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:21 2025 by rpki-client