Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/Iy2FbbnfjPEvMHGVmk_SpuBsU0w.roa
File: Iy2FbbnfjPEvMHGVmk_SpuBsU0w.roa (raw, json)
Hash identifier: yIdbm5qIMT+G7NPC95F10efBr9pfFPvIiQVryTgjHWw=
Subject key identifier: 23:2D:85:6D:B9:DF:8C:F1:2F:30:71:95:9A:4F:D2:A6:E0:6C:53:4C
Certificate issuer: /CN=320e7c0ceb4ba2a6f4b96fc4bae1abb853035aba
Certificate serial: 0185723A22BC7EA8C2168B695BAC541ECAD5
Authority key identifier: 32:0E:7C:0C:EB:4B:A2:A6:F4:B9:6F:C4:BA:E1:AB:B8:53:03:5A:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mg58DOtLoqb0uW_EuuGruFMDWro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/Iy2FbbnfjPEvMHGVmk_SpuBsU0w.roa
Signing time: Mon 02 Jan 2023 11:24:50 +0000
ROA not before: Mon 02 Jan 2023 11:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56510
IP address blocks: 2001:67c:648::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:22:bc:7e:a8:c2:16:8b:69:5b:ac:54:1e:ca:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320e7c0ceb4ba2a6f4b96fc4bae1abb853035aba
Validity
Not Before: Jan 2 11:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=232d856db9df8cf12f3071959a4fd2a6e06c534c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:0c:f3:54:cf:6e:c5:b1:4f:f3:6e:c2:d8:
13:c1:69:58:46:d0:6e:f2:b8:bd:91:3a:86:fc:46:
f4:1f:c7:2f:97:4b:6d:8b:63:ce:00:5c:a5:74:20:
9d:b3:f7:c4:c1:9d:61:94:41:01:87:00:cd:98:3c:
98:8e:3d:55:54:15:5d:08:5e:fc:97:3c:88:bb:8a:
dd:7c:ee:35:43:79:4b:35:76:7f:55:12:b8:1f:6e:
6a:5e:45:02:05:11:dd:21:95:da:56:39:45:04:e2:
39:68:65:f6:58:9f:36:97:60:d9:5e:96:36:57:c9:
e9:1b:aa:fb:66:30:5f:af:9b:53:c3:c9:31:ef:ee:
d9:37:52:f9:fd:54:09:5a:f5:94:10:0c:99:67:27:
8c:6a:cb:0b:fb:64:5f:0f:f4:d7:14:9f:17:93:d5:
29:e3:bc:17:29:65:1b:bf:ad:22:e4:be:2a:94:47:
15:e9:88:f2:32:82:30:a7:b5:70:00:81:82:70:f2:
b9:18:19:a0:08:05:84:da:89:cc:38:5f:49:84:9e:
de:69:16:d0:4d:57:6f:5f:dc:f3:35:f3:5f:3e:9b:
95:00:71:32:b0:b2:20:6d:20:9e:e7:96:e5:b5:c0:
7a:0c:90:01:19:b1:8e:6e:47:87:45:29:10:8d:9e:
17:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2D:85:6D:B9:DF:8C:F1:2F:30:71:95:9A:4F:D2:A6:E0:6C:53:4C
X509v3 Authority Key Identifier:
keyid:32:0E:7C:0C:EB:4B:A2:A6:F4:B9:6F:C4:BA:E1:AB:B8:53:03:5A:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mg58DOtLoqb0uW_EuuGruFMDWro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/Iy2FbbnfjPEvMHGVmk_SpuBsU0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/Mg58DOtLoqb0uW_EuuGruFMDWro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:648::/48
Signature Algorithm: sha256WithRSAEncryption
ca:50:de:0d:d5:3d:b5:30:9f:b8:ed:c5:84:db:65:55:21:c2:
5f:b1:cd:70:fc:8b:39:e8:bd:8f:52:ca:a4:e9:3c:93:77:65:
8f:a4:e9:d9:57:c3:61:ca:18:34:3c:f6:b6:34:82:74:ba:81:
41:98:d8:04:9a:be:1a:fe:bb:7d:e5:0e:9d:a3:54:61:e1:a7:
de:fb:e1:e8:a6:73:51:e2:58:6f:d5:57:22:26:3f:f1:c5:9d:
6b:29:ca:d2:1b:64:12:a4:5c:a3:c9:b8:99:80:fd:86:07:d6:
57:fa:35:60:c3:c9:44:36:c4:13:31:f3:5c:94:70:0b:2c:9c:
fd:d4:f2:aa:8e:20:cc:b6:3e:a7:6e:88:b0:4f:fd:42:a3:84:
d8:0f:64:60:ed:dd:eb:61:b5:59:1e:b0:42:22:44:5b:64:15:
04:cf:45:82:23:25:6e:e4:91:28:d1:80:67:59:ac:d7:de:b9:
ac:92:7a:b2:46:a7:b7:2b:ee:62:ac:23:00:cf:52:dd:68:11:
74:80:07:28:b1:c8:77:4c:ea:31:a4:03:70:a0:08:52:50:83:
55:44:14:6a:a7:5f:92:57:e3:ae:09:f9:05:60:8f:7b:ed:e9:
4f:e8:e3:3b:39:3a:50:df:37:37:35:6f:71:01:80:a0:11:a0:
c2:79:36:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyOiK8fqjCFotpW6xUHsrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGU3YzBjZWI0YmEyYTZmNGI5NmZjNGJhZTFhYmI4NTMw
MzVhYmEwHhcNMjMwMTAyMTEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJkODU2ZGI5ZGY4Y2YxMmYzMDcxOTU5YTRmZDJhNmUwNmM1MzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+4M81TPbsWxT/NuwtgTwWlYRtBu
8ri9kTqG/Eb0H8cvl0tti2POAFyldCCds/fEwZ1hlEEBhwDNmDyYjj1VVBVdCF78
lzyIu4rdfO41Q3lLNXZ/VRK4H25qXkUCBRHdIZXaVjlFBOI5aGX2WJ82l2DZXpY2
V8npG6r7ZjBfr5tTw8kx7+7ZN1L5/VQJWvWUEAyZZyeMassL+2RfD/TXFJ8Xk9Up
47wXKWUbv60i5L4qlEcV6YjyMoIwp7VwAIGCcPK5GBmgCAWE2onMOF9JhJ7eaRbQ
TVdvX9zzNfNfPpuVAHEysLIgbSCe55bltcB6DJABGbGObkeHRSkQjZ4XqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCMthW2534zxLzBxlZpP0qbgbFNMMB8GA1UdIwQY
MBaAFDIOfAzrS6Km9LlvxLrhq7hTA1q6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWc1OERPdExvcWIwdVdfRXV1R3J1Rk1EV3JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9jNjZiYzgtZjIwNi00M2QwLTk0YmUt
MThhYWRkNjU5NTY2LzEvSXkyRmJibmZqUEV2TUhHVm1rX1NwdUJzVTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9jNjZiYzgtZjIwNi00M2QwLTk0YmUtMThhYWRkNjU5NTY2
LzEvTWc1OERPdExvcWIwdVdfRXV1R3J1Rk1EV3JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAZI
MA0GCSqGSIb3DQEBCwUAA4IBAQDKUN4N1T21MJ+47cWE22VVIcJfsc1w/Is56L2P
Usqk6TyTd2WPpOnZV8Nhyhg0PPa2NIJ0uoFBmNgEmr4a/rt95Q6do1Rh4afe++Ho
pnNR4lhv1VciJj/xxZ1rKcrSG2QSpFyjybiZgP2GB9ZX+jVgw8lENsQTMfNclHAL
LJz91PKqjiDMtj6nboiwT/1Co4TYD2Rg7d3rYbVZHrBCIkRbZBUEz0WCIyVu5JEo
0YBnWazX3rmsknqyRqe3K+5irCMAz1LdaBF0gAcosch3TOoxpANwoAhSUINVRBRq
p1+SV+OuCfkFYI977elP6OM7OTpQ3zc3NW9xAYCgEaDCeTYj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:46 2025 by rpki-client