Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/cKyhEpBVZytXd16qUlBkQvICzBU.roa
File: cKyhEpBVZytXd16qUlBkQvICzBU.roa (raw, json)
Hash identifier: A1tqdK1zem3vkHnJFgCxTP2kPJL0g7LCOdko7M6O7JA=
Subject key identifier: 70:AC:A1:12:90:55:67:2B:57:77:5E:AA:52:50:64:42:F2:02:CC:15
Certificate issuer: /CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Certificate serial: 01856E1D416A96BE2A5ABF097DC782921C89
Authority key identifier: F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/cKyhEpBVZytXd16qUlBkQvICzBU.roa
Signing time: Sun 01 Jan 2023 16:14:49 +0000
ROA not before: Sun 01 Jan 2023 16:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 2a09:c580:1611::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:41:6a:96:be:2a:5a:bf:09:7d:c7:82:92:1c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Validity
Not Before: Jan 1 16:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70aca1129055672b57775eaa52506442f202cc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:00:27:c5:19:4f:b8:12:e6:96:25:bc:2b:
87:a7:b5:2d:76:51:f7:e7:bd:80:51:7d:94:b1:47:
d9:cd:4f:aa:b7:44:60:e4:03:2f:c8:c8:78:8e:00:
5d:46:19:85:12:62:4f:5d:58:0d:a2:00:70:2f:29:
88:1d:a8:76:56:16:cf:41:5c:a7:dd:4f:5b:b5:d3:
44:a0:ec:48:16:91:00:09:cd:e0:a2:fa:b7:49:cf:
52:6f:b0:95:8d:61:c6:a6:ff:ae:27:56:d2:93:e1:
4d:ee:1a:72:96:f5:28:28:75:68:42:a3:5e:7b:65:
cb:52:8c:67:36:81:35:0e:b7:d0:ee:1e:88:1e:33:
6f:95:15:a4:9b:4e:76:68:c6:25:9e:98:fd:72:50:
2b:cf:35:56:e5:9b:10:82:87:fd:45:64:5e:ca:96:
06:5c:09:2b:90:42:04:d5:e2:38:da:18:3e:d3:5a:
e0:b3:5b:35:ea:da:4b:f0:e4:9b:67:c8:d1:73:6e:
16:17:de:e7:68:60:9a:19:eb:97:c2:ac:c4:a9:d2:
e4:0e:a7:66:bd:e9:72:19:9b:c9:d2:3f:9d:c0:0e:
24:2f:78:d8:3d:8c:32:2d:3f:f1:7a:d1:d2:a4:29:
4b:59:b0:e6:c8:88:01:28:a9:e1:70:bf:47:03:b6:
6e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AC:A1:12:90:55:67:2B:57:77:5E:AA:52:50:64:42:F2:02:CC:15
X509v3 Authority Key Identifier:
keyid:F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/cKyhEpBVZytXd16qUlBkQvICzBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/8d15W-NuS1swnryOBOpzlBNccUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:c580:1611::/48
Signature Algorithm: sha256WithRSAEncryption
27:b4:fd:b8:56:3d:f1:8a:93:9f:60:c8:6b:f8:c2:e7:f4:a0:
57:38:17:1c:5d:6d:cc:56:4c:a4:f6:bc:39:2e:36:38:80:44:
c9:64:70:b3:d5:8a:8d:a6:da:2b:e1:0e:76:ed:86:fd:04:ae:
a5:04:e7:56:23:51:96:51:dc:35:54:d9:ba:7a:d7:28:5c:ec:
7e:9a:f0:fb:ff:8b:a5:f7:80:68:db:30:10:b0:88:91:e8:b1:
41:71:2b:44:ad:30:5c:b5:00:ac:0e:fb:b4:cc:7d:03:87:8a:
1b:48:64:73:3f:dc:4f:01:6b:23:ac:95:71:f3:0d:ae:cd:94:
36:ce:94:b1:2d:06:14:4c:df:f8:c0:a2:be:e3:91:80:90:9c:
e5:ba:38:50:f3:a9:d7:7f:40:5c:e1:28:95:ff:79:13:7e:ee:
f6:42:59:d6:76:24:e1:a3:7a:94:c4:10:dd:a7:35:a7:fb:04:
61:1b:a7:a2:f2:56:13:94:2b:ca:55:8c:20:24:e4:8b:10:29:
ab:2b:2c:c7:f0:b8:6e:bd:ff:2e:81:a0:39:8c:11:e8:bc:f7:
17:6e:94:42:4f:55:96:07:73:75:bf:c2:09:2c:c4:51:66:61:
d3:7a:23:5e:c8:fd:e0:c7:54:36:c6:84:81:4f:b2:a0:cf:90:
bb:7a:26:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuHUFqlr4qWr8JfceCkhyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGQ3OTViZTM2ZTRiNWIzMDllYmM4ZTA0ZWE3Mzk0MTM1
YzcxNGMwHhcNMjMwMTAxMTYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGFjYTExMjkwNTU2NzJiNTc3NzVlYWE1MjUwNjQ0MmYyMDJjYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDgAJ8UZT7gS5pYlvCuHp7UtdlH3
572AUX2UsUfZzU+qt0Rg5AMvyMh4jgBdRhmFEmJPXVgNogBwLymIHah2VhbPQVyn
3U9btdNEoOxIFpEACc3govq3Sc9Sb7CVjWHGpv+uJ1bSk+FN7hpylvUoKHVoQqNe
e2XLUoxnNoE1DrfQ7h6IHjNvlRWkm052aMYlnpj9clArzzVW5ZsQgof9RWReypYG
XAkrkEIE1eI42hg+01rgs1s16tpL8OSbZ8jRc24WF97naGCaGeuXwqzEqdLkDqdm
velyGZvJ0j+dwA4kL3jYPYwyLT/xetHSpClLWbDmyIgBKKnhcL9HA7ZuXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHCsoRKQVWcrV3deqlJQZELyAswVMB8GA1UdIwQY
MBaAFPHdeVvjbktbMJ68jgTqc5QTXHFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYt
ZmU0NDc3MmQ1YWUxLzEvY0t5aEVwQlZaeXRYZDE2cVVsQmtRdklDekJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYtZmU0NDc3MmQ1YWUx
LzEvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgnFgBYR
MA0GCSqGSIb3DQEBCwUAA4IBAQAntP24Vj3xipOfYMhr+MLn9KBXOBccXW3MVkyk
9rw5LjY4gETJZHCz1YqNptor4Q527Yb9BK6lBOdWI1GWUdw1VNm6etcoXOx+mvD7
/4ul94Bo2zAQsIiR6LFBcStErTBctQCsDvu0zH0Dh4obSGRzP9xPAWsjrJVx8w2u
zZQ2zpSxLQYUTN/4wKK+45GAkJzlujhQ86nXf0Bc4SiV/3kTfu72QlnWdiTho3qU
xBDdpzWn+wRhG6ei8lYTlCvKVYwgJOSLECmrKyzH8Lhuvf8ugaA5jBHovPcXbpRC
T1WWB3N1v8IJLMRRZmHTeiNeyP3gx1Q2xoSBT7Kgz5C7eibm
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:49:09 2025 by rpki-client