Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa
File: aPRYGJjruQWXDfNnQfC2fmFM9W0.roa (raw, json)
Hash identifier: iOxC++ENhOlMiXYRclyxsD60prl9FhsovrUhg3E+VG4=
Subject key identifier: 68:F4:58:18:98:EB:B9:05:97:0D:F3:67:41:F0:B6:7E:61:4C:F5:6D
Certificate issuer: /CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
Certificate serial: 01856C781D7F719F8FD39BFF91FE751A7FDA
Authority key identifier: 5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa
Signing time: Sun 01 Jan 2023 08:34:49 +0000
ROA not before: Sun 01 Jan 2023 08:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50345
IP address blocks: 2001:67c:1058::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:1d:7f:71:9f:8f:d3:9b:ff:91:fe:75:1a:7f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
Validity
Not Before: Jan 1 08:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f4581898ebb905970df36741f0b67e614cf56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:00:33:1c:e8:0e:c8:74:85:ea:b3:a2:0c:3e:
ac:7c:f1:11:58:82:51:80:eb:25:5f:89:e2:5c:93:
c3:f3:6d:c0:ca:59:43:21:66:cf:be:39:3f:3a:74:
ab:5d:91:d6:1a:36:27:9d:b1:cc:5b:c8:1b:3b:3b:
29:95:80:2d:55:0b:c1:dc:5f:39:96:88:df:de:8d:
74:5e:8c:85:81:09:58:e1:8b:ce:3f:59:4d:24:71:
8c:af:94:ea:95:5d:6a:57:1b:55:b1:27:19:5e:48:
0f:b9:1d:aa:cc:aa:d1:7c:2f:bf:0b:a5:21:0b:22:
ae:b9:7c:9a:f4:12:bc:ba:19:8e:ba:a5:81:62:dc:
62:21:c8:76:e7:ab:d3:6a:c7:7a:2d:6f:38:e2:e4:
4f:42:2e:16:42:03:11:d3:87:1d:b0:c2:f9:c2:50:
23:ac:3c:74:71:c8:7d:c2:6b:6a:ad:aa:42:ee:70:
b8:1a:d0:dc:fc:3e:00:5a:5b:c5:7e:29:a7:1c:0c:
23:d9:2a:42:eb:b9:d6:e8:66:0a:30:8d:32:d3:b6:
68:41:b5:38:63:6c:25:29:c2:dc:35:4d:7b:63:18:
aa:ed:4c:2c:06:8c:22:b4:a5:3d:68:0d:18:68:f5:
f1:4c:de:45:0e:5f:2d:e3:31:21:3c:23:cf:2d:04:
d0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F4:58:18:98:EB:B9:05:97:0D:F3:67:41:F0:B6:7E:61:4C:F5:6D
X509v3 Authority Key Identifier:
keyid:5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/aPRYGJjruQWXDfNnQfC2fmFM9W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/XLgT4JyZVeC9pwQfg3Oo_F2ua50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1058::/48
Signature Algorithm: sha256WithRSAEncryption
26:1d:3f:ec:0b:47:19:2b:7c:71:5f:90:b8:f1:c4:7b:82:31:
2f:69:ed:07:87:1c:5b:62:2d:b5:4b:61:97:ad:a6:5e:54:78:
7f:f4:4f:fa:e8:7d:4b:77:9d:78:f5:ee:74:af:8a:d9:be:1e:
1d:e0:78:2d:f5:a6:7f:b5:b9:ec:3b:92:5d:7c:ae:19:44:e8:
71:36:77:69:5c:08:3c:d3:79:23:a7:bb:a9:66:a6:c6:23:1b:
31:34:b4:ab:7c:98:60:9b:28:79:3e:a9:11:bb:d6:5b:8b:0f:
61:8d:4d:1b:72:7c:c3:9d:22:53:c5:e1:78:e8:b2:18:b5:9d:
ba:16:ac:9f:01:7b:42:60:f1:2f:45:7e:1d:d7:9a:9c:0f:7f:
c3:c0:3a:bc:b8:5a:4a:a3:7f:c9:ff:f4:7c:33:ee:7f:72:f6:
c4:01:0a:40:97:c8:cc:83:ec:29:50:d6:28:36:43:d0:57:63:
1b:e4:13:15:76:d6:60:c8:b1:8b:2f:02:c1:70:7d:af:9d:40:
33:31:36:a4:b4:45:3e:4d:b6:e0:22:0b:ed:c5:ce:a8:4b:a6:
04:57:13:dc:57:10:ff:3b:ff:fb:14:0e:43:97:e4:2a:57:2b:
17:22:bb:5e:39:17:6a:28:99:08:3f:19:be:96:4e:35:95:ed:
8a:f3:8b:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVseB1/cZ+P05v/kf51Gn/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjgxM2UwOWM5OTU1ZTBiZGE3MDQxZjgzNzNhOGZjNWRh
ZTZiOWQwHhcNMjMwMTAxMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY0NTgxODk4ZWJiOTA1OTcwZGYzNjc0MWYwYjY3ZTYxNGNmNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAAzHOgOyHSF6rOiDD6sfPERWIJR
gOslX4niXJPD823AyllDIWbPvjk/OnSrXZHWGjYnnbHMW8gbOzsplYAtVQvB3F85
lojf3o10XoyFgQlY4YvOP1lNJHGMr5TqlV1qVxtVsScZXkgPuR2qzKrRfC+/C6Uh
CyKuuXya9BK8uhmOuqWBYtxiIch256vTasd6LW844uRPQi4WQgMR04cdsML5wlAj
rDx0cch9wmtqrapC7nC4GtDc/D4AWlvFfimnHAwj2SpC67nW6GYKMI0y07ZoQbU4
Y2wlKcLcNU17Yxiq7UwsBowitKU9aA0YaPXxTN5FDl8t4zEhPCPPLQTQJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGj0WBiY67kFlw3zZ0Hwtn5hTPVtMB8GA1UdIwQY
MBaAFFy4E+CcmVXgvacEH4NzqPxdrmudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEt
NmM2MmI5MzY2NzA1LzEvYVBSWUdKanJ1UVdYRGZOblFmQzJmbUZNOVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEtNmM2MmI5MzY2NzA1
LzEvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBBY
MA0GCSqGSIb3DQEBCwUAA4IBAQAmHT/sC0cZK3xxX5C48cR7gjEvae0HhxxbYi21
S2GXraZeVHh/9E/66H1Ld5149e50r4rZvh4d4Hgt9aZ/tbnsO5JdfK4ZROhxNndp
XAg803kjp7upZqbGIxsxNLSrfJhgmyh5PqkRu9Zbiw9hjU0bcnzDnSJTxeF46LIY
tZ26FqyfAXtCYPEvRX4d15qcD3/DwDq8uFpKo3/J//R8M+5/cvbEAQpAl8jMg+wp
UNYoNkPQV2Mb5BMVdtZgyLGLLwLBcH2vnUAzMTaktEU+TbbgIgvtxc6oS6YEVxPc
VxD/O//7FA5Dl+QqVysXIrteORdqKJkIPxm+lk41le2K84u8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:32 2025 by rpki-client