Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/wBoaUZ6x2yNn6z6PYW_imLDzLTk.roa
File: wBoaUZ6x2yNn6z6PYW_imLDzLTk.roa (raw, json)
Hash identifier: VtAJiDQ+c81vDk3S1B8Xk/DDlBQ54JxQlY8VImyt2pE=
Subject key identifier: C0:1A:1A:51:9E:B1:DB:23:67:EB:3E:8F:61:6F:E2:98:B0:F3:2D:39
Certificate issuer: /CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Certificate serial: 018571D7C577846F16BB2F2CE88983AC8108
Authority key identifier: 1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/wBoaUZ6x2yNn6z6PYW_imLDzLTk.roa
Signing time: Mon 02 Jan 2023 09:37:24 +0000
ROA not before: Mon 02 Jan 2023 09:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59474
IP address blocks: 2001:678:24c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c5:77:84:6f:16:bb:2f:2c:e8:89:83:ac:81:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Validity
Not Before: Jan 2 09:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c01a1a519eb1db2367eb3e8f616fe298b0f32d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:ad:b8:d5:1f:5a:cb:91:e6:08:65:e2:f2:
62:40:9d:d8:b5:8d:5d:10:83:a5:36:81:cd:35:31:
a5:66:99:65:ec:b1:86:c5:c1:1c:89:8a:98:8c:02:
ab:02:0f:ca:00:4e:ad:43:90:43:3f:b9:31:73:c5:
fe:14:a0:ad:d4:cc:84:03:99:eb:e3:21:1d:47:cc:
83:f2:b7:88:66:0f:8e:d4:e1:74:d8:76:a4:4c:6e:
f2:0e:fe:ed:1d:07:fc:49:57:5d:47:69:89:2d:06:
fc:13:79:c9:7e:13:54:8d:41:45:0f:9c:f0:08:f5:
86:34:15:79:b7:e2:09:73:0f:44:f2:a0:ad:fd:7a:
1e:f4:20:84:8a:fb:61:ef:ec:d4:3c:32:e7:4b:91:
29:54:2b:f2:43:c2:d9:b7:cb:25:de:54:cc:0d:75:
38:41:17:44:88:55:9c:6c:f5:87:c2:76:55:8a:35:
4d:e3:93:b0:ea:1a:77:58:0b:5f:8b:75:11:81:19:
aa:a9:9a:96:db:c8:da:4f:3d:9c:60:3a:e5:a2:a1:
e2:a5:a8:c9:b0:dc:fe:46:01:1c:10:1e:57:55:1f:
8c:d3:11:6e:9f:dd:4c:d0:d7:21:e9:c3:4e:13:db:
a7:c1:39:45:ce:08:2b:86:57:f4:16:3b:77:d2:80:
6a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:1A:1A:51:9E:B1:DB:23:67:EB:3E:8F:61:6F:E2:98:B0:F3:2D:39
X509v3 Authority Key Identifier:
keyid:1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/wBoaUZ6x2yNn6z6PYW_imLDzLTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/Hox3M21m97AjjmwYTGT6TyTQnwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:24c::/48
Signature Algorithm: sha256WithRSAEncryption
85:55:b3:6c:70:92:5c:08:d4:06:2d:bb:bd:f0:af:4d:02:b2:
6e:7b:0e:33:a9:a1:f9:8c:22:da:45:eb:ea:ca:b7:54:63:57:
19:db:7f:06:5d:83:c9:dd:14:a9:0c:8b:da:d5:aa:6f:95:4d:
c9:a9:38:73:d5:d9:53:d1:fd:61:49:f8:7e:3e:92:df:6f:7a:
c7:50:16:6b:e0:67:2a:52:6f:2f:4f:51:a0:20:e9:13:88:79:
0f:06:2c:4c:3d:be:42:15:5d:7f:92:3a:82:d5:f1:07:26:ec:
e9:8a:b4:f5:43:af:72:f7:fb:55:ae:f2:d7:c3:52:d2:f6:d1:
ad:45:58:22:63:63:2a:8a:e0:2e:68:81:0b:74:c7:9c:c9:20:
54:67:f4:7d:67:b0:47:20:71:2c:ad:df:23:57:ee:da:4a:f5:
1f:73:f9:13:c1:a8:17:bd:0a:c8:06:99:f7:39:31:57:ac:d3:
85:22:c9:43:6d:c7:10:58:c6:c1:7f:71:c5:fe:7b:de:7c:ea:
1e:fe:2e:5e:f4:f1:6a:87:fd:98:55:a5:df:14:c0:c2:62:70:
e8:b6:db:61:65:9a:b5:f2:4e:5c:af:71:14:c6:44:3d:d9:48:
9a:12:fb:d5:07:8b:34:61:3c:fd:12:de:96:32:39:67:3a:ff:
f3:97:c3:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx18V3hG8Wuy8s6ImDrIEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGM3NzMzNmQ2NmY3YjAyMzhlNmMxODRjNjRmYTRmMjRk
MDlmMDEwHhcNMjMwMTAyMDkzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDFhMWE1MTllYjFkYjIzNjdlYjNlOGY2MTZmZTI5OGIwZjMyZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNKtuNUfWsuR5ghl4vJiQJ3YtY1d
EIOlNoHNNTGlZpll7LGGxcEciYqYjAKrAg/KAE6tQ5BDP7kxc8X+FKCt1MyEA5nr
4yEdR8yD8reIZg+O1OF02HakTG7yDv7tHQf8SVddR2mJLQb8E3nJfhNUjUFFD5zw
CPWGNBV5t+IJcw9E8qCt/Xoe9CCEivth7+zUPDLnS5EpVCvyQ8LZt8sl3lTMDXU4
QRdEiFWcbPWHwnZVijVN45Ow6hp3WAtfi3URgRmqqZqW28jaTz2cYDrloqHipajJ
sNz+RgEcEB5XVR+M0xFun91M0Nch6cNOE9unwTlFzggrhlf0Fjt30oBqkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMAaGlGesdsjZ+s+j2Fv4piw8y05MB8GA1UdIwQY
MBaAFB6MdzNtZvewI45sGExk+k8k0J8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2Et
OTk5NTdkZjQ5OTdlLzEvd0JvYVVaNngyeU5uNno2UFlXX2ltTER6TFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2EtOTk5NTdkZjQ5OTdl
LzEvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJM
MA0GCSqGSIb3DQEBCwUAA4IBAQCFVbNscJJcCNQGLbu98K9NArJuew4zqaH5jCLa
RevqyrdUY1cZ238GXYPJ3RSpDIva1apvlU3JqThz1dlT0f1hSfh+PpLfb3rHUBZr
4GcqUm8vT1GgIOkTiHkPBixMPb5CFV1/kjqC1fEHJuzpirT1Q69y9/tVrvLXw1LS
9tGtRVgiY2MqiuAuaIELdMecySBUZ/R9Z7BHIHEsrd8jV+7aSvUfc/kTwagXvQrI
Bpn3OTFXrNOFIslDbccQWMbBf3HF/nvefOoe/i5e9PFqh/2YVaXfFMDCYnDottth
ZZq18k5cr3EUxkQ92UiaEvvVB4s0YTz9Et6WMjlnOv/zl8Oi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:28 2025 by rpki-client