Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/TRo0xz8TTBAP_LJecqH-AdUCVJQ.roa
File: TRo0xz8TTBAP_LJecqH-AdUCVJQ.roa (raw, json)
Hash identifier: 47wNQozCT3htL7PWU2AKI29RP5uGcDzcqmWbON+ftM0=
Subject key identifier: 4D:1A:34:C7:3F:13:4C:10:0F:FC:B2:5E:72:A1:FE:01:D5:02:54:94
Certificate issuer: /CN=f0eccc48200cef0216c2ce53869fd192b4a23f54
Certificate serial: 01856C53F796169365285E20E8C3A71CD25E
Authority key identifier: F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/TRo0xz8TTBAP_LJecqH-AdUCVJQ.roa
Signing time: Sun 01 Jan 2023 07:55:20 +0000
ROA not before: Sun 01 Jan 2023 07:55:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50873
IP address blocks: 2001:678:fb4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f7:96:16:93:65:28:5e:20:e8:c3:a7:1c:d2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0eccc48200cef0216c2ce53869fd192b4a23f54
Validity
Not Before: Jan 1 07:55:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d1a34c73f134c100ffcb25e72a1fe01d5025494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:be:b2:df:e8:fc:ac:65:29:50:10:34:99:ac:
db:5f:2b:4a:83:85:15:6d:db:05:f2:31:c5:c8:56:
8f:83:05:a0:51:08:e1:cb:b8:3b:2e:6b:75:4e:fe:
97:40:ae:45:89:e4:a7:c5:5a:d5:3a:7b:58:e8:7c:
be:f8:43:9c:45:61:b9:15:eb:83:08:72:38:a3:58:
48:54:67:5c:50:3e:aa:a4:44:8e:9c:79:92:d3:16:
d8:46:7e:01:f7:a5:13:4d:36:50:56:1e:01:96:c4:
dc:f1:7d:24:6f:d8:c1:5b:1c:20:3a:5f:16:91:99:
c7:66:0e:63:8f:8f:d6:80:b0:ae:1c:02:85:b3:72:
31:67:d8:3f:0e:20:f7:3b:dd:11:40:23:9e:60:f1:
9d:f2:9c:b6:c5:dc:8d:4e:20:0c:7d:6a:85:6f:44:
2b:4d:c5:c6:56:01:a2:82:19:2c:4e:15:c9:5d:e3:
44:ac:dc:32:c3:ed:3b:b8:6a:80:e9:f9:98:6e:4c:
29:82:5c:2b:92:d0:fb:d4:a1:55:12:c2:a2:f8:63:
31:95:a4:f4:89:a5:8a:f2:7b:10:35:01:3d:91:a7:
6b:14:89:21:dc:17:04:80:da:f5:81:4d:e8:59:d2:
20:08:e6:69:cd:15:51:64:48:c3:5a:3e:1f:b7:3e:
cf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1A:34:C7:3F:13:4C:10:0F:FC:B2:5E:72:A1:FE:01:D5:02:54:94
X509v3 Authority Key Identifier:
keyid:F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/TRo0xz8TTBAP_LJecqH-AdUCVJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/8OzMSCAM7wIWws5Thp_RkrSiP1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fb4::/48
Signature Algorithm: sha256WithRSAEncryption
a7:5c:23:69:a5:e5:f9:8f:7e:bb:78:11:fa:fe:21:aa:ea:ee:
38:fe:2b:6d:85:a4:db:fa:c4:15:92:16:2c:51:97:6c:2b:00:
bf:bc:58:32:83:aa:50:a3:0f:db:2a:cd:69:c2:fc:f1:3a:65:
c0:39:90:48:c8:3d:e0:e7:99:17:27:7f:2b:c4:37:f7:b2:00:
28:82:c2:5b:a0:0c:d9:08:c6:2e:02:32:96:a8:53:3e:d4:74:
ce:5f:12:1b:aa:ca:38:96:a7:52:3b:8b:f6:96:6a:e3:12:f6:
17:d8:ee:67:17:0b:79:bf:ae:80:cc:50:43:c0:92:86:cb:57:
27:12:0e:97:b6:97:7e:89:24:8e:3c:17:d5:fb:51:f9:98:52:
3b:f3:03:18:2a:6f:a1:6b:89:73:b3:7a:2e:3c:a4:db:11:1b:
0e:76:ca:e8:bc:34:7e:94:13:ca:54:6a:e1:50:cb:77:d1:57:
e7:98:d7:3b:0e:89:b5:a4:ad:74:89:fb:37:e4:60:75:9a:f5:
5a:78:4b:35:9f:8a:6f:db:d9:75:e9:65:0d:35:7a:05:41:91:
8a:f4:d1:6d:f2:a1:aa:65:af:a5:ca:14:89:4a:c8:fc:0c:15:
04:2d:1a:ff:e3:91:0a:b6:86:8f:5e:ac:84:75:9d:ef:9b:18:
73:e4:cf:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsU/eWFpNlKF4g6MOnHNJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZWNjYzQ4MjAwY2VmMDIxNmMyY2U1Mzg2OWZkMTkyYjRh
MjNmNTQwHhcNMjMwMTAxMDc1NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFhMzRjNzNmMTM0YzEwMGZmY2IyNWU3MmExZmUwMWQ1MDI1NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L6y3+j8rGUpUBA0mazbXytKg4UV
bdsF8jHFyFaPgwWgUQjhy7g7Lmt1Tv6XQK5FieSnxVrVOntY6Hy++EOcRWG5FeuD
CHI4o1hIVGdcUD6qpESOnHmS0xbYRn4B96UTTTZQVh4BlsTc8X0kb9jBWxwgOl8W
kZnHZg5jj4/WgLCuHAKFs3IxZ9g/DiD3O90RQCOeYPGd8py2xdyNTiAMfWqFb0Qr
TcXGVgGighksThXJXeNErNwyw+07uGqA6fmYbkwpglwrktD71KFVEsKi+GMxlaT0
iaWK8nsQNQE9kadrFIkh3BcEgNr1gU3oWdIgCOZpzRVRZEjDWj4ftz7PuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE0aNMc/E0wQD/yyXnKh/gHVAlSUMB8GA1UdIwQY
MBaAFPDszEggDO8CFsLOU4af0ZK0oj9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE96TVNDQU03d0lXd3M1VGhwX1JrclNpUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jZGI4MDktZDFkNC00NTU3LWI0MzAt
YmI2NWM1OTAwZjc1LzEvVFJvMHh6OFRUQkFQX0xKZWNxSC1BZFVDVkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jZGI4MDktZDFkNC00NTU3LWI0MzAtYmI2NWM1OTAwZjc1
LzEvOE96TVNDQU03d0lXd3M1VGhwX1JrclNpUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+0
MA0GCSqGSIb3DQEBCwUAA4IBAQCnXCNppeX5j367eBH6/iGq6u44/itthaTb+sQV
khYsUZdsKwC/vFgyg6pQow/bKs1pwvzxOmXAOZBIyD3g55kXJ38rxDf3sgAogsJb
oAzZCMYuAjKWqFM+1HTOXxIbqso4lqdSO4v2lmrjEvYX2O5nFwt5v66AzFBDwJKG
y1cnEg6Xtpd+iSSOPBfV+1H5mFI78wMYKm+ha4lzs3ouPKTbERsOdsrovDR+lBPK
VGrhUMt30VfnmNc7Dom1pK10ifs35GB1mvVaeEs1n4pv29l16WUNNXoFQZGK9NFt
8qGqZa+lyhSJSsj8DBUELRr/45EKtoaPXqyEdZ3vmxhz5M9O
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:39 2025 by rpki-client