Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/6f5dc2-30cb-4c0c-aa62-8226524e4acf/1/gYuD6o5s3lMr2jg0a-Ca3zNlPrw.roa
File: gYuD6o5s3lMr2jg0a-Ca3zNlPrw.roa (raw, json)
Hash identifier: Ps4VcZkhBD9Lfwn1dkxYSCEeI33+eoC0sRDu9iG+v0Y=
Subject key identifier: 81:8B:83:EA:8E:6C:DE:53:2B:DA:38:34:6B:E0:9A:DF:33:65:3E:BC
Certificate issuer: /CN=9ae2534df509c96ecb811bc85d76d62baadf3d29
Certificate serial: 018570B0A70795A2C63FB0E2D1EEC876F605
Authority key identifier: 9A:E2:53:4D:F5:09:C9:6E:CB:81:1B:C8:5D:76:D6:2B:AA:DF:3D:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/muJTTfUJyW7LgRvIXXbWK6rfPSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/6f5dc2-30cb-4c0c-aa62-8226524e4acf/1/gYuD6o5s3lMr2jg0a-Ca3zNlPrw.roa
Signing time: Mon 02 Jan 2023 04:15:03 +0000
ROA not before: Mon 02 Jan 2023 04:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200305
IP address blocks: 2001:67c:b4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:a7:07:95:a2:c6:3f:b0:e2:d1:ee:c8:76:f6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae2534df509c96ecb811bc85d76d62baadf3d29
Validity
Not Before: Jan 2 04:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=818b83ea8e6cde532bda38346be09adf33653ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:5b:19:74:70:d6:54:71:46:d7:45:dd:2f:
08:09:29:67:73:62:fb:f0:11:e7:6d:ac:76:52:65:
bb:89:c0:c9:35:eb:ae:e7:30:53:52:5b:a7:e7:76:
5f:03:7d:b4:44:f2:cc:82:73:04:10:b4:10:64:d0:
42:b8:47:e5:c1:10:c8:77:fa:0a:ba:94:be:b0:16:
33:f6:8a:47:76:f8:4e:4b:e0:38:43:b8:ab:30:34:
03:76:2c:26:ae:34:df:bf:04:8b:35:f7:86:55:2e:
9b:3a:77:8a:2c:99:bf:6d:c3:81:0d:e5:dc:47:66:
d1:84:d6:b6:69:d8:a7:9e:d2:fb:9c:27:73:76:47:
cb:3e:df:a4:fb:f6:65:99:d6:22:c3:95:c0:5f:80:
98:da:9d:53:1e:d1:f7:94:9f:f9:ec:95:22:98:d8:
ee:3e:c8:65:3c:50:71:b6:75:50:1f:21:12:db:77:
f8:e7:a4:88:fe:20:14:a1:66:2c:6d:08:11:91:79:
d1:5d:1a:7b:b0:da:28:8a:7f:c4:47:05:41:45:6d:
d9:90:4a:69:79:16:33:b1:24:6d:0d:3a:36:ec:11:
ec:1f:d6:2b:27:37:fc:e1:0f:9d:4f:65:9d:c8:98:
8a:8b:31:b1:f6:85:1b:da:88:55:ec:b4:71:d9:59:
c8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8B:83:EA:8E:6C:DE:53:2B:DA:38:34:6B:E0:9A:DF:33:65:3E:BC
X509v3 Authority Key Identifier:
keyid:9A:E2:53:4D:F5:09:C9:6E:CB:81:1B:C8:5D:76:D6:2B:AA:DF:3D:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/muJTTfUJyW7LgRvIXXbWK6rfPSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6f5dc2-30cb-4c0c-aa62-8226524e4acf/1/gYuD6o5s3lMr2jg0a-Ca3zNlPrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6f5dc2-30cb-4c0c-aa62-8226524e4acf/1/muJTTfUJyW7LgRvIXXbWK6rfPSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b4c::/48
Signature Algorithm: sha256WithRSAEncryption
1c:13:d5:fe:2f:ba:07:95:b2:52:19:26:15:d5:a8:d2:e2:d0:
79:cd:b8:4d:e2:55:77:42:34:8b:1f:d5:f5:eb:63:b5:0a:9e:
d3:49:31:f6:38:8d:f1:72:dc:b9:7b:e1:65:e7:11:b0:28:18:
82:3c:55:8d:1d:9c:fd:4c:4c:c6:21:c5:9b:35:21:ca:dc:d4:
97:ce:20:cd:33:d8:4c:8d:62:f6:0b:e6:ba:ed:a1:d1:28:4f:
b2:d2:aa:86:ec:e8:47:a0:a3:56:d6:65:17:19:64:61:32:70:
1d:b8:15:5c:47:95:5d:69:d4:ae:d3:2a:f0:c6:9e:61:41:00:
05:bf:d0:d3:50:3b:6f:8c:f9:f0:e3:a7:f3:59:f6:1e:8a:59:
0c:68:42:81:37:db:6c:cd:4c:a9:13:93:f9:a5:6b:a5:a7:f1:
04:4d:cd:7b:35:fa:7d:89:8b:97:7c:e5:67:1f:d0:d5:24:bd:
2b:0a:16:22:3a:f5:82:96:2f:ea:41:9a:5b:8f:76:c1:7b:40:
f5:48:5c:3e:38:ea:50:db:f7:b7:18:c3:fe:ac:a5:ed:b0:d5:
87:8b:ee:a7:2f:ff:35:16:c5:fd:34:31:b2:a4:b8:9a:06:8a:
60:89:b3:82:f0:97:ab:0b:ff:e0:7f:e0:73:d2:65:db:cc:97:
5a:51:d5:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwsKcHlaLGP7Di0e7IdvYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTI1MzRkZjUwOWM5NmVjYjgxMWJjODVkNzZkNjJiYWFk
ZjNkMjkwHhcNMjMwMTAyMDQxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThiODNlYThlNmNkZTUzMmJkYTM4MzQ2YmUwOWFkZjMzNjUzZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhddbGXRw1lRxRtdF3S8ICSlnc2L7
8BHnbax2UmW7icDJNeuu5zBTUlun53ZfA320RPLMgnMEELQQZNBCuEflwRDId/oK
upS+sBYz9opHdvhOS+A4Q7irMDQDdiwmrjTfvwSLNfeGVS6bOneKLJm/bcOBDeXc
R2bRhNa2adinntL7nCdzdkfLPt+k+/ZlmdYiw5XAX4CY2p1THtH3lJ/57JUimNju
PshlPFBxtnVQHyES23f456SI/iAUoWYsbQgRkXnRXRp7sNooin/ERwVBRW3ZkEpp
eRYzsSRtDTo27BHsH9YrJzf84Q+dT2WdyJiKizGx9oUb2ohV7LRx2VnI0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIGLg+qObN5TK9o4NGvgmt8zZT68MB8GA1UdIwQY
MBaAFJriU031Ccluy4EbyF121iuq3z0pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVKVFRmVUp5VzdMZ1J2SVhYYldLNnJmUFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS82ZjVkYzItMzBjYi00YzBjLWFhNjIt
ODIyNjUyNGU0YWNmLzEvZ1l1RDZvNXMzbE1yMmpnMGEtQ2Ezek5sUHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS82ZjVkYzItMzBjYi00YzBjLWFhNjItODIyNjUyNGU0YWNm
LzEvbXVKVFRmVUp5VzdMZ1J2SVhYYldLNnJmUFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAtM
MA0GCSqGSIb3DQEBCwUAA4IBAQAcE9X+L7oHlbJSGSYV1ajS4tB5zbhN4lV3QjSL
H9X162O1Cp7TSTH2OI3xcty5e+Fl5xGwKBiCPFWNHZz9TEzGIcWbNSHK3NSXziDN
M9hMjWL2C+a67aHRKE+y0qqG7OhHoKNW1mUXGWRhMnAduBVcR5VdadSu0yrwxp5h
QQAFv9DTUDtvjPnw46fzWfYeilkMaEKBN9tszUypE5P5pWulp/EETc17Nfp9iYuX
fOVnH9DVJL0rChYiOvWCli/qQZpbj3bBe0D1SFw+OOpQ2/e3GMP+rKXtsNWHi+6n
L/81FsX9NDGypLiaBopgibOC8JerC//gf+Bz0mXbzJdaUdVi
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:11 2025 by rpki-client