Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/968a85-01d3-4b0c-b920-66cbf876ab3e/1/CmC6xtZ5MYNRp2IZoCP_oRVcaWA.roa
File: CmC6xtZ5MYNRp2IZoCP_oRVcaWA.roa (raw, json)
Hash identifier: q2sAMU/X2Jr5x663f7PGIqLL/2YZmSQ1eqmRpFnRElQ=
Subject key identifier: 0A:60:BA:C6:D6:79:31:83:51:A7:62:19:A0:23:FF:A1:15:5C:69:60
Certificate issuer: /CN=e01f196dd7edd1131d0220fdb777122621bbbdef
Certificate serial: 01856CB83F6C49507E5ED6013806476F6814
Authority key identifier: E0:1F:19:6D:D7:ED:D1:13:1D:02:20:FD:B7:77:12:26:21:BB:BD:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4B8Zbdft0RMdAiD9t3cSJiG7ve8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/968a85-01d3-4b0c-b920-66cbf876ab3e/1/CmC6xtZ5MYNRp2IZoCP_oRVcaWA.roa
Signing time: Sun 01 Jan 2023 09:44:52 +0000
ROA not before: Sun 01 Jan 2023 09:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202729
IP address blocks: 2001:67c:a6c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3f:6c:49:50:7e:5e:d6:01:38:06:47:6f:68:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e01f196dd7edd1131d0220fdb777122621bbbdef
Validity
Not Before: Jan 1 09:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a60bac6d679318351a76219a023ffa1155c6960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fd:b4:6b:56:28:a0:25:8a:80:0a:10:a9:64:
d4:82:f7:ba:20:66:68:4e:3d:20:fe:6d:be:b0:9b:
87:bd:be:4b:d4:fe:c6:66:5f:26:49:de:20:06:f3:
21:d3:c5:39:32:a4:b3:ff:38:36:a3:2f:9c:f9:b7:
d9:d9:78:3e:e4:a1:e8:3e:72:67:cb:0d:2b:13:65:
b5:f9:59:29:22:e5:b1:01:5b:ce:32:6e:ed:04:ab:
fb:75:16:18:0b:0a:b1:6a:8b:0b:ad:be:ef:6b:7e:
81:87:cb:bf:6b:db:f3:e6:c3:8a:7e:b3:b5:32:f2:
22:1b:1d:a3:da:4d:8e:9c:4e:30:70:92:63:dd:ab:
af:4d:fb:15:30:17:3f:fa:8b:a3:16:21:08:26:65:
db:0e:88:a8:c0:3d:bf:17:74:fd:83:17:25:06:17:
c5:30:12:c2:54:a3:b4:bb:a7:fe:9d:f6:89:89:ef:
eb:f9:5c:3e:e7:a6:05:de:93:61:5a:20:53:da:ad:
57:5a:e6:27:f6:e2:a7:e3:b2:c7:fb:8b:2e:ac:ac:
24:f8:49:fd:b7:8d:f9:62:17:81:da:1e:25:69:4a:
a7:40:39:ac:4a:40:7e:42:68:6f:bd:62:76:59:54:
55:f1:b8:bb:76:8b:d1:32:91:b1:52:aa:69:62:d0:
bd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:60:BA:C6:D6:79:31:83:51:A7:62:19:A0:23:FF:A1:15:5C:69:60
X509v3 Authority Key Identifier:
keyid:E0:1F:19:6D:D7:ED:D1:13:1D:02:20:FD:B7:77:12:26:21:BB:BD:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4B8Zbdft0RMdAiD9t3cSJiG7ve8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/968a85-01d3-4b0c-b920-66cbf876ab3e/1/CmC6xtZ5MYNRp2IZoCP_oRVcaWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/968a85-01d3-4b0c-b920-66cbf876ab3e/1/4B8Zbdft0RMdAiD9t3cSJiG7ve8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a6c::/48
Signature Algorithm: sha256WithRSAEncryption
0e:68:cd:b2:f9:23:5f:09:7f:77:bb:13:ae:d0:b3:f0:2c:7a:
37:2b:96:83:5a:c2:bc:25:77:fd:fd:ef:47:fc:e0:ef:2c:b4:
4b:af:91:08:ff:da:92:94:db:e7:fa:9a:71:36:ea:3e:aa:c0:
46:1e:49:34:b0:76:31:da:bb:b4:2f:b8:2d:1b:37:b7:4e:56:
7c:d2:e3:03:5c:ad:9c:8c:e0:10:f8:eb:d5:4a:bd:b5:c4:e8:
19:f3:cb:e8:ad:2b:6a:83:a0:d1:f7:94:9f:58:83:8c:98:02:
e3:b1:5a:0b:1c:db:7a:b5:07:44:b9:70:41:26:4c:48:24:48:
e9:47:0a:f0:90:33:78:bd:e3:5d:12:a0:d7:6f:15:b6:a7:48:
4a:c2:60:49:d6:44:3d:b6:62:44:f0:c2:75:9d:0e:b0:0b:1d:
d4:3d:36:49:b0:11:36:2f:ed:66:bc:4e:72:b1:3a:54:65:d7:
5f:b5:dc:b8:6e:b3:40:ed:9b:49:f1:2c:f3:51:5b:c3:fd:22:
8f:65:c0:8c:bc:19:4c:b7:ca:6b:4d:2a:26:78:f7:ad:07:e7:
4a:36:1c:b7:4a:0a:1b:aa:ad:8c:36:ea:4a:91:55:a5:4d:96:
26:f3:e0:ba:a5:e3:23:2a:50:c2:6f:fc:11:86:a1:70:23:a3:
25:a5:50:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsuD9sSVB+XtYBOAZHb2gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWYxOTZkZDdlZGQxMTMxZDAyMjBmZGI3NzcxMjI2MjFi
YmJkZWYwHhcNMjMwMTAxMDk0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTYwYmFjNmQ2NzkzMTgzNTFhNzYyMTlhMDIzZmZhMTE1NWM2OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP20a1YooCWKgAoQqWTUgve6IGZo
Tj0g/m2+sJuHvb5L1P7GZl8mSd4gBvMh08U5MqSz/zg2oy+c+bfZ2Xg+5KHoPnJn
yw0rE2W1+VkpIuWxAVvOMm7tBKv7dRYYCwqxaosLrb7va36Bh8u/a9vz5sOKfrO1
MvIiGx2j2k2OnE4wcJJj3auvTfsVMBc/+oujFiEIJmXbDoiowD2/F3T9gxclBhfF
MBLCVKO0u6f+nfaJie/r+Vw+56YF3pNhWiBT2q1XWuYn9uKn47LH+4surKwk+En9
t435YheB2h4laUqnQDmsSkB+QmhvvWJ2WVRV8bi7dovRMpGxUqppYtC9RQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFApgusbWeTGDUadiGaAj/6EVXGlgMB8GA1UdIwQY
MBaAFOAfGW3X7dETHQIg/bd3EiYhu73vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEI4WmJkZnQwUk1kQWlEOXQzY1NKaUc3dmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85NjhhODUtMDFkMy00YjBjLWI5MjAt
NjZjYmY4NzZhYjNlLzEvQ21DNnh0WjVNWU5ScDJJWm9DUF9vUlZjYVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85NjhhODUtMDFkMy00YjBjLWI5MjAtNjZjYmY4NzZhYjNl
LzEvNEI4WmJkZnQwUk1kQWlEOXQzY1NKaUc3dmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAps
MA0GCSqGSIb3DQEBCwUAA4IBAQAOaM2y+SNfCX93uxOu0LPwLHo3K5aDWsK8JXf9
/e9H/ODvLLRLr5EI/9qSlNvn+ppxNuo+qsBGHkk0sHYx2ru0L7gtGze3TlZ80uMD
XK2cjOAQ+OvVSr21xOgZ88vorStqg6DR95SfWIOMmALjsVoLHNt6tQdEuXBBJkxI
JEjpRwrwkDN4veNdEqDXbxW2p0hKwmBJ1kQ9tmJE8MJ1nQ6wCx3UPTZJsBE2L+1m
vE5ysTpUZddftdy4brNA7ZtJ8SzzUVvD/SKPZcCMvBlMt8prTSomePetB+dKNhy3
Sgobqq2MNupKkVWlTZYm8+C6peMjKlDCb/wRhqFwI6MlpVDk
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:23 2025 by rpki-client