Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/fziG8-ER9YgGjI81QZxsw2jYILg.roa
File: fziG8-ER9YgGjI81QZxsw2jYILg.roa (raw, json)
Hash identifier: /BZ2iXnN4cyTvT1oiYFCwx1xANA37+BQi3BgSVMHC2g=
Subject key identifier: 7F:38:86:F3:E1:11:F5:88:06:8C:8F:35:41:9C:6C:C3:68:D8:20:B8
Certificate issuer: /CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71
Certificate serial: 0182A30205B0E9ADC07B08A436D243884571
Authority key identifier: 5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/fziG8-ER9YgGjI81QZxsw2jYILg.roa
Signing time: Mon 15 Aug 2022 19:36:34 +0000
ROA not before: Mon 15 Aug 2022 19:36:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204617
IP address blocks: 2001:67c:a0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a3:02:05:b0:e9:ad:c0:7b:08:a4:36:d2:43:88:45:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71
Validity
Not Before: Aug 15 19:36:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f3886f3e111f588068c8f35419c6cc368d820b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:47:e4:94:50:e9:62:42:89:98:9b:cc:a6:
46:bc:68:3f:79:01:74:30:58:f1:91:46:f5:c7:21:
01:ea:d8:4a:8b:b1:de:fd:25:7f:43:b5:c5:3c:0f:
64:e1:3b:b1:7b:cf:ae:40:04:a2:07:3c:09:ad:0d:
86:fb:ba:f5:d9:4f:09:c3:cf:16:31:0c:5e:b2:7d:
cb:56:7c:15:68:78:c1:5b:61:21:21:49:a5:d0:58:
42:37:3a:4c:89:a8:9f:74:f2:77:03:54:13:c4:1a:
cd:09:2b:0d:e7:89:49:ae:86:92:3d:3a:53:6c:b9:
84:b0:ee:07:cc:90:46:b4:c1:7b:5f:83:16:85:3b:
3f:24:58:b0:cd:f0:b5:ff:98:cc:95:9f:aa:1f:5e:
ee:b6:e4:8b:a3:d2:8a:0d:45:00:bf:e7:0a:30:fb:
27:03:10:c8:95:bc:4c:a7:09:73:d3:57:ed:65:f4:
a1:d4:7c:b5:36:7d:4e:c1:24:96:c0:2c:86:c5:33:
0e:27:85:e3:28:42:af:fa:a0:58:63:e7:51:76:0e:
c4:01:b7:31:8d:d6:69:a6:00:69:60:c1:39:06:e9:
11:6f:c4:fd:f5:80:86:2a:8a:05:fb:0a:b2:3b:68:
6f:21:bc:90:f2:dd:ac:19:1d:0e:60:50:1b:03:40:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:38:86:F3:E1:11:F5:88:06:8C:8F:35:41:9C:6C:C3:68:D8:20:B8
X509v3 Authority Key Identifier:
keyid:5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/fziG8-ER9YgGjI81QZxsw2jYILg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/W0tFLb_UxwS9qcwqTpFfRxkqf3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a0c::/48
Signature Algorithm: sha256WithRSAEncryption
ba:f2:87:9f:47:42:82:9a:04:00:de:0b:0d:d9:8d:27:11:1a:
73:1d:38:bc:fd:13:ba:c2:59:d3:82:b0:6a:76:13:d8:64:e0:
48:00:68:a4:d4:51:4e:5c:db:c8:2b:f9:c1:af:ab:00:c8:65:
0f:cf:b7:d0:1e:f0:76:4d:5b:99:40:d0:8f:22:41:1a:2f:4c:
43:03:5f:20:2d:c9:8c:84:f9:0a:e2:97:37:41:c3:0c:dc:eb:
ca:1b:33:fe:b9:26:3e:5d:0b:f8:fd:d4:a0:85:fe:2c:b1:6d:
79:33:b6:6b:88:08:dd:57:f2:25:c0:91:c3:5d:71:1e:72:35:
b8:82:4d:4f:66:15:fd:86:ab:3a:6c:e0:6f:b7:50:d5:64:92:
36:c9:b1:02:cb:fb:a6:47:20:02:dc:92:43:2e:04:56:dd:f3:
aa:ad:cf:46:4a:74:c5:9e:d7:59:c7:8c:b2:b3:a5:e5:8b:2d:
d0:70:64:7e:56:ff:bc:90:47:06:47:54:84:26:cf:b0:ec:29:
9d:9e:42:27:da:67:4b:c8:22:06:53:2a:4e:0c:63:70:e9:a6:
76:ef:50:61:e2:53:48:6f:e2:dc:bb:36:4c:0d:87:5c:88:59:
37:b1:bf:c0:05:cc:f4:60:ac:83:e9:fe:7e:0d:78:2d:03:4b:
7f:c8:6b:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYKjAgWw6a3AewikNtJDiEVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNGI0NTJkYmZkNGM3MDRiZGE5Y2MyYTRlOTE1ZjQ3MTky
YTdmNzEwHhcNMjIwODE1MTkzNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM4ODZmM2UxMTFmNTg4MDY4YzhmMzU0MTljNmNjMzY4ZDgyMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIhH5JRQ6WJCiZibzKZGvGg/eQF0
MFjxkUb1xyEB6thKi7He/SV/Q7XFPA9k4Tuxe8+uQASiBzwJrQ2G+7r12U8Jw88W
MQxesn3LVnwVaHjBW2EhIUml0FhCNzpMiaifdPJ3A1QTxBrNCSsN54lJroaSPTpT
bLmEsO4HzJBGtMF7X4MWhTs/JFiwzfC1/5jMlZ+qH17utuSLo9KKDUUAv+cKMPsn
AxDIlbxMpwlz01ftZfSh1Hy1Nn1OwSSWwCyGxTMOJ4XjKEKv+qBYY+dRdg7EAbcx
jdZppgBpYME5BukRb8T99YCGKooF+wqyO2hvIbyQ8t2sGR0OYFAbA0CUUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH84hvPhEfWIBoyPNUGcbMNo2CC4MB8GA1UdIwQY
MBaAFFtLRS2/1McEvanMKk6RX0cZKn9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgt
ZTU4ZWRjNDJmMDRjLzEvZnppRzgtRVI5WWdHakk4MVFaeHN3MmpZSUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgtZTU4ZWRjNDJmMDRj
LzEvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoM
MA0GCSqGSIb3DQEBCwUAA4IBAQC68oefR0KCmgQA3gsN2Y0nERpzHTi8/RO6wlnT
grBqdhPYZOBIAGik1FFOXNvIK/nBr6sAyGUPz7fQHvB2TVuZQNCPIkEaL0xDA18g
LcmMhPkK4pc3QcMM3OvKGzP+uSY+XQv4/dSghf4ssW15M7ZriAjdV/IlwJHDXXEe
cjW4gk1PZhX9hqs6bOBvt1DVZJI2ybECy/umRyAC3JJDLgRW3fOqrc9GSnTFntdZ
x4yys6Xliy3QcGR+Vv+8kEcGR1SEJs+w7CmdnkIn2mdLyCIGUypODGNw6aZ271Bh
4lNIb+LcuzZMDYdciFk3sb/ABcz0YKyD6f5+DXgtA0t/yGu0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:53 2025 by rpki-client