Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/oiBpbLVUl5PVadLy8HO317DwROA.roa
File: oiBpbLVUl5PVadLy8HO317DwROA.roa (raw, json)
Hash identifier: MmlY6ID2lkREIuFx1tlyhfUfZzfuEBh9nkGsvR5wmKY=
Subject key identifier: A2:20:69:6C:B5:54:97:93:D5:69:D2:F2:F0:73:B7:D7:B0:F0:44:E0
Certificate issuer: /CN=b7510b651bfbdf09c8486a8136200005befb497d
Certificate serial: 01857139B191464AB3D133043D5B9F0E3C42
Authority key identifier: B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/oiBpbLVUl5PVadLy8HO317DwROA.roa
Signing time: Mon 02 Jan 2023 06:44:44 +0000
ROA not before: Mon 02 Jan 2023 06:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56997
IP address blocks: 2001:67c:a00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:b1:91:46:4a:b3:d1:33:04:3d:5b:9f:0e:3c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7510b651bfbdf09c8486a8136200005befb497d
Validity
Not Before: Jan 2 06:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a220696cb5549793d569d2f2f073b7d7b0f044e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f8:08:86:4e:59:e3:f2:b8:1f:15:08:5c:d6:
a3:29:e9:e4:8c:e5:4a:0b:04:34:b7:8a:77:76:4f:
73:bf:a0:34:3a:3f:4a:9a:ea:2c:75:a0:bf:5e:8e:
8d:e2:b6:55:8f:cb:6d:8f:49:2e:2f:e2:f2:b2:d3:
ea:a1:45:8f:e8:15:3a:07:4c:2d:fb:83:32:a6:97:
66:56:fe:4b:7c:4c:e5:78:ec:ee:d6:d8:f4:8d:47:
f3:b0:94:a8:d4:1d:b3:c6:10:c5:43:8f:61:6e:a8:
0e:76:e9:78:b6:49:dc:e5:19:be:d7:01:6e:50:07:
1e:92:99:c0:b8:b8:cb:ab:6d:d5:15:10:9a:20:70:
98:9f:a6:62:61:dc:2a:08:31:61:c8:47:a1:9f:5e:
b5:9d:03:fc:d5:3c:a3:9a:ad:36:09:8f:03:f2:8a:
88:07:a0:69:32:14:94:af:92:29:00:c1:90:e9:26:
17:9b:3a:4a:1d:81:eb:a4:10:a7:ad:02:8f:f3:0a:
83:ce:2f:88:57:3a:49:3e:45:a2:ce:79:d1:f3:db:
24:f9:17:2e:b8:51:78:47:49:81:41:aa:15:81:8f:
2d:52:37:35:04:a7:7e:b0:cf:04:aa:45:e6:0d:a2:
2e:33:59:1c:72:bf:b0:5d:21:b4:f1:07:4f:86:95:
16:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:20:69:6C:B5:54:97:93:D5:69:D2:F2:F0:73:B7:D7:B0:F0:44:E0
X509v3 Authority Key Identifier:
keyid:B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/oiBpbLVUl5PVadLy8HO317DwROA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a00::/48
Signature Algorithm: sha256WithRSAEncryption
8f:6a:ab:c4:2a:1a:08:8c:80:74:c7:52:73:67:6c:b7:d3:6b:
87:d1:b3:62:24:49:48:2c:56:a5:ef:88:07:de:ea:72:bd:27:
21:41:40:3b:c3:e6:0d:e8:d4:9c:0e:9f:7e:d6:e9:d7:1a:92:
ec:ad:a6:99:a6:ae:71:67:12:ec:cb:c1:55:71:a6:ac:fd:d4:
dd:de:18:d3:c5:93:87:c7:ad:7a:f3:3b:5b:f1:63:fa:9a:9a:
7f:9b:07:47:6b:db:7c:06:2e:a1:00:73:ae:59:02:3c:3e:dd:
5e:df:d5:a6:78:0b:25:a0:cd:b4:8c:2f:9e:25:63:d0:23:79:
cc:2e:03:f1:67:5f:89:c8:ab:32:f4:26:a8:7f:7a:b5:5a:26:
f9:3c:6d:d6:17:92:14:81:30:28:27:e5:f3:67:0b:6f:b7:5b:
11:c0:09:5d:d8:a1:e6:eb:4f:2c:9e:e4:a9:99:ef:a8:33:46:
8d:70:e3:fc:5d:17:be:82:7a:0b:ee:8d:10:b9:b1:e9:c7:e6:
68:e7:f8:c1:28:72:7c:80:0a:e4:c7:0a:84:03:bf:87:6a:37:
ec:f3:cd:fb:7c:b6:a8:7a:4e:d4:37:00:3f:ef:4b:ac:a5:62:
6d:36:2e:ff:3e:73:d7:9f:e7:f9:38:43:63:ae:eb:56:69:11:
36:d8:65:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxObGRRkqz0TMEPVufDjxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTEwYjY1MWJmYmRmMDljODQ4NmE4MTM2MjAwMDA1YmVm
YjQ5N2QwHhcNMjMwMTAyMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIwNjk2Y2I1NTQ5NzkzZDU2OWQyZjJmMDczYjdkN2IwZjA0NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/gIhk5Z4/K4HxUIXNajKenkjOVK
CwQ0t4p3dk9zv6A0Oj9KmuosdaC/Xo6N4rZVj8ttj0kuL+LystPqoUWP6BU6B0wt
+4MyppdmVv5LfEzleOzu1tj0jUfzsJSo1B2zxhDFQ49hbqgOdul4tknc5Rm+1wFu
UAcekpnAuLjLq23VFRCaIHCYn6ZiYdwqCDFhyEehn161nQP81Tyjmq02CY8D8oqI
B6BpMhSUr5IpAMGQ6SYXmzpKHYHrpBCnrQKP8wqDzi+IVzpJPkWiznnR89sk+Rcu
uFF4R0mBQaoVgY8tUjc1BKd+sM8EqkXmDaIuM1kccr+wXSG08QdPhpUWMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKIgaWy1VJeT1WnS8vBzt9ew8ETgMB8GA1UdIwQY
MBaAFLdRC2Ub+98JyEhqgTYgAAW++0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjct
MmNiODg3N2ZkOTcwLzEvb2lCcGJMVlVsNVBWYWRMeThITzMxN0R3Uk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjctMmNiODg3N2ZkOTcw
LzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPaqvEKhoIjIB0x1JzZ2y302uH0bNiJElILFal
74gH3upyvSchQUA7w+YN6NScDp9+1unXGpLsraaZpq5xZxLsy8FVcaas/dTd3hjT
xZOHx6168ztb8WP6mpp/mwdHa9t8Bi6hAHOuWQI8Pt1e39WmeAsloM20jC+eJWPQ
I3nMLgPxZ1+JyKsy9Caof3q1Wib5PG3WF5IUgTAoJ+XzZwtvt1sRwAld2KHm608s
nuSpme+oM0aNcOP8XRe+gnoL7o0QubHpx+Zo5/jBKHJ8gArkxwqEA7+Hajfs8837
fLaoek7UNwA/70uspWJtNi7/PnPXn+f5OENjrutWaRE22GU6
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:36 2025 by rpki-client