Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa
File: CIJXNNGxzfHTzRynyMHGgsIfoyo.roa (raw, json)
Hash identifier: IzLOaD6PH2fdbUQL54bJU1vYfCzhViqFxUOHz8x0UqM=
Subject key identifier: 08:82:57:34:D1:B1:CD:F1:D3:CD:1C:A7:C8:C1:C6:82:C2:1F:A3:2A
Certificate issuer: /CN=971a799c6a663439d74450dfb38993571f98e15d
Certificate serial: 01856E01D805B41ED00A402FDCE714F278BD
Authority key identifier: 97:1A:79:9C:6A:66:34:39:D7:44:50:DF:B3:89:93:57:1F:98:E1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa
Signing time: Sun 01 Jan 2023 15:44:52 +0000
ROA not before: Sun 01 Jan 2023 15:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12816
IP address blocks: 2001:4ca0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:d8:05:b4:1e:d0:0a:40:2f:dc:e7:14:f2:78:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a799c6a663439d74450dfb38993571f98e15d
Validity
Not Before: Jan 1 15:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08825734d1b1cdf1d3cd1ca7c8c1c682c21fa32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:63:51:7b:a2:95:31:a6:57:6b:5f:71:e1:7e:
1b:d2:a5:0c:8e:b7:66:5e:eb:5b:2f:ad:62:09:3d:
cf:b0:a1:ef:6c:eb:ca:31:91:be:fb:11:b7:35:3d:
a8:30:6f:85:ae:02:eb:1d:27:1c:32:4c:37:df:31:
44:d4:4d:e5:14:2e:eb:3c:0f:b0:c9:9f:ce:b3:10:
7f:0a:ca:5e:f9:ad:c8:64:a4:98:41:74:d2:ec:4a:
5e:9c:ea:04:eb:93:24:d8:ca:c1:cd:08:89:2f:84:
f9:4e:85:82:84:43:35:20:e7:a4:c0:b8:3b:05:2c:
46:17:a5:66:30:f7:6c:87:be:7a:3e:4c:73:64:63:
94:21:0b:c1:7e:cc:1f:b2:57:1c:98:d9:ca:4c:03:
8c:b0:a1:0e:aa:28:16:83:65:43:36:cb:04:28:a8:
41:a5:91:6e:85:48:52:a3:e8:01:48:32:70:fe:92:
db:7b:40:7f:ab:8a:9e:23:bf:c2:80:52:05:90:dd:
57:c4:70:38:d2:71:51:40:32:e8:e6:28:24:93:9a:
89:87:92:3a:a8:04:77:0e:ca:0a:1f:0e:75:11:73:
1c:a1:58:6a:92:a1:93:79:41:c9:7a:83:0c:de:ae:
0a:a0:d1:15:3e:f6:9a:b2:ef:85:a6:d3:ba:8a:87:
66:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:82:57:34:D1:B1:CD:F1:D3:CD:1C:A7:C8:C1:C6:82:C2:1F:A3:2A
X509v3 Authority Key Identifier:
keyid:97:1A:79:9C:6A:66:34:39:D7:44:50:DF:B3:89:93:57:1F:98:E1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/CIJXNNGxzfHTzRynyMHGgsIfoyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/8e4bdc-e6eb-4208-9b13-a2efae3f9cab/1/lxp5nGpmNDnXRFDfs4mTVx-Y4V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4ca0::/29
Signature Algorithm: sha256WithRSAEncryption
36:34:0c:63:5d:eb:ff:47:53:4c:77:b7:a3:ff:3c:21:8d:27:
59:c0:80:df:cd:bc:c6:fe:3b:5d:26:52:48:94:cd:33:a6:3f:
81:e7:52:c1:74:d1:92:aa:f1:c2:2f:a8:95:11:f0:1b:5d:da:
cf:61:9d:d8:e3:38:74:ed:b5:6b:3b:bf:17:2d:d8:47:96:54:
a5:91:24:3f:bb:98:01:b5:03:bc:0f:fe:d9:a5:63:e7:95:d6:
fc:76:0d:29:78:0b:b8:a0:e1:48:fc:04:3e:91:b1:ae:aa:86:
4a:80:90:b4:50:55:f0:df:83:80:30:fe:21:b6:2f:45:83:e2:
2a:27:96:97:4a:08:91:d3:f1:50:a4:70:f4:a2:12:04:d3:72:
04:45:54:4a:40:2e:3a:f0:67:2e:8a:ce:e8:5f:73:b9:e1:b4:
98:bc:60:5d:20:5b:e5:55:46:69:7c:dd:05:b7:72:92:bc:86:
32:e5:4c:81:16:26:92:df:70:bd:9c:bd:f1:51:02:37:ba:da:
56:fb:7c:07:89:53:e7:ed:2c:c9:88:0d:af:ef:7c:44:c4:ea:
85:1a:2a:7f:a1:27:f2:86:79:e7:f6:c7:3f:16:e4:33:c8:26:
09:60:22:d3:32:1a:7a:08:08:e4:eb:54:cd:a0:e3:71:cf:15:
35:d3:7f:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuAdgFtB7QCkAv3OcU8ni9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE3OTljNmE2NjM0MzlkNzQ0NTBkZmIzODk5MzU3MWY5
OGUxNWQwHhcNMjMwMTAxMTU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODgyNTczNGQxYjFjZGYxZDNjZDFjYTdjOGMxYzY4MmMyMWZhMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmNRe6KVMaZXa19x4X4b0qUMjrdm
XutbL61iCT3PsKHvbOvKMZG++xG3NT2oMG+FrgLrHSccMkw33zFE1E3lFC7rPA+w
yZ/OsxB/Cspe+a3IZKSYQXTS7EpenOoE65Mk2MrBzQiJL4T5ToWChEM1IOekwLg7
BSxGF6VmMPdsh756PkxzZGOUIQvBfswfslccmNnKTAOMsKEOqigWg2VDNssEKKhB
pZFuhUhSo+gBSDJw/pLbe0B/q4qeI7/CgFIFkN1XxHA40nFRQDLo5igkk5qJh5I6
qAR3DsoKHw51EXMcoVhqkqGTeUHJeoMM3q4KoNEVPvaasu+FptO6iodmeQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAiCVzTRsc3x080cp8jBxoLCH6MqMB8GA1UdIwQY
MBaAFJcaeZxqZjQ510RQ37OJk1cfmOFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwNW5HcG1ORG5YUkZEZnM0bVRWeC1ZNFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS84ZTRiZGMtZTZlYi00MjA4LTliMTMt
YTJlZmFlM2Y5Y2FiLzEvQ0lKWE5OR3h6ZkhUelJ5bnlNSEdnc0lmb3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS84ZTRiZGMtZTZlYi00MjA4LTliMTMtYTJlZmFlM2Y5Y2Fi
LzEvbHhwNW5HcG1ORG5YUkZEZnM0bVRWeC1ZNFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAFMoDAN
BgkqhkiG9w0BAQsFAAOCAQEANjQMY13r/0dTTHe3o/88IY0nWcCA3828xv47XSZS
SJTNM6Y/gedSwXTRkqrxwi+olRHwG13az2Gd2OM4dO21azu/Fy3YR5ZUpZEkP7uY
AbUDvA/+2aVj55XW/HYNKXgLuKDhSPwEPpGxrqqGSoCQtFBV8N+DgDD+IbYvRYPi
KieWl0oIkdPxUKRw9KISBNNyBEVUSkAuOvBnLorO6F9zueG0mLxgXSBb5VVGaXzd
BbdykryGMuVMgRYmkt9wvZy98VECN7raVvt8B4lT5+0syYgNr+98RMTqhRoqf6En
8oZ55/bHPxbkM8gmCWAi0zIaeggI5OtUzaDjcc8VNdN/YA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:37 2025 by rpki-client