Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/459CZbkWBXxhyqVpMPtfzeWpQVw.roa
File: 459CZbkWBXxhyqVpMPtfzeWpQVw.roa (raw, json)
Hash identifier: klFGy/44rzxCQxt3CWU9ae/Jh0usAMkyUdcc0rjqRBg=
Subject key identifier: E3:9F:42:65:B9:16:05:7C:61:CA:A5:69:30:FB:5F:CD:E5:A9:41:5C
Certificate issuer: /CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Certificate serial: 018ADAA1BC1A340035C7D45B3C37D55F136B
Authority key identifier: 67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/459CZbkWBXxhyqVpMPtfzeWpQVw.roa
Signing time: Thu 28 Sep 2023 07:12:27 +0000
ROA not before: Thu 28 Sep 2023 07:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2001:67c:a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:a1:bc:1a:34:00:35:c7:d4:5b:3c:37:d5:5f:13:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Validity
Not Before: Sep 28 07:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e39f4265b916057c61caa56930fb5fcde5a9415c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f4:fe:c1:0b:e7:d9:72:a5:25:91:0d:84:78:
02:7b:33:b4:90:53:fc:25:ac:db:57:17:fb:12:a7:
cc:9a:33:a8:b6:fa:e8:96:06:26:ed:e2:c5:66:a8:
21:81:88:c9:79:41:ff:f5:5d:54:0a:c5:ef:7a:95:
e0:87:c8:74:e7:17:24:09:4b:b0:81:47:f8:3d:e8:
21:e2:69:7e:00:d1:8d:9a:96:fa:a9:77:d4:4b:eb:
91:09:1b:ce:0d:24:29:71:81:39:e1:8d:ce:e1:f6:
6a:78:a4:45:39:d2:fa:c9:05:f7:5f:cb:df:57:3e:
c5:d2:2c:42:49:8e:1e:c2:20:8c:ef:15:09:e3:df:
8f:1b:89:85:34:41:6a:d2:44:36:01:d6:12:08:78:
0a:43:cf:b7:4b:34:fa:3c:dd:36:fc:08:63:ba:da:
31:4a:9d:b7:5c:85:7b:af:2d:4b:64:ec:cf:59:06:
0e:6b:25:19:c4:76:e9:16:fd:73:c4:f0:4f:2f:7a:
d3:4b:51:7c:1d:60:16:87:be:00:2e:fa:5a:c2:86:
c8:46:b4:de:1d:e4:d2:39:9f:60:14:ac:76:66:9f:
2e:bb:96:b2:8c:98:d6:4b:fe:79:e6:c7:5a:a1:27:
39:3a:19:1a:f7:11:06:de:65:76:3a:68:df:eb:4a:
f1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:9F:42:65:B9:16:05:7C:61:CA:A5:69:30:FB:5F:CD:E5:A9:41:5C
X509v3 Authority Key Identifier:
keyid:67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/459CZbkWBXxhyqVpMPtfzeWpQVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a0::/48
Signature Algorithm: sha256WithRSAEncryption
92:fe:21:9a:f2:00:f2:44:23:9b:6e:b9:0d:ba:b4:82:4f:36:
5b:9a:7a:7f:c0:31:0c:9e:97:b1:3b:d4:fa:36:2d:2c:b6:fd:
4b:c2:8c:cf:5d:ec:a7:95:36:5d:89:dd:26:ea:0f:ea:f4:a4:
f3:fd:88:a9:83:e1:fa:9c:8f:0e:21:4e:92:7c:40:18:7c:55:
b5:1f:09:2e:fc:db:13:32:dc:0d:23:b8:c8:b5:23:a0:28:f7:
16:11:54:31:ba:e3:95:1e:7f:05:ca:33:ac:8d:30:bd:2c:7d:
e2:95:38:43:66:9e:aa:e6:b7:5d:5d:f5:40:75:30:34:67:ea:
8e:01:0d:b0:4c:6b:a2:4e:60:37:2e:86:54:ae:90:f2:8f:dd:
1e:28:79:2c:34:54:0d:ba:21:e8:f1:89:2e:95:33:6e:d3:d2:
e9:f7:49:f7:bb:66:ad:42:87:27:75:6f:ce:02:77:c2:70:1c:
0e:7e:92:ba:3f:a8:45:ea:dd:1b:04:58:e0:28:c4:91:5b:37:
f2:5b:e2:48:71:42:32:7a:7c:61:a4:e4:15:1a:dd:e6:ac:0d:
61:3b:14:0b:cb:6c:13:6e:86:d0:a1:9e:1a:6f:e7:10:a4:f4:
13:79:b7:53:4f:3e:62:dd:92:07:b0:48:ae:b3:1c:e9:5b:a2:
eb:97:df:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYraobwaNAA1x9RbPDfVXxNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWJhOWFmYTM3ZDliY2U0MDdmZTIzYzc5MTk4OTJkOWQ5
YzA5MzkwHhcNMjMwOTI4MDcxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzlmNDI2NWI5MTYwNTdjNjFjYWE1NjkzMGZiNWZjZGU1YTk0MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfT+wQvn2XKlJZENhHgCezO0kFP8
JazbVxf7EqfMmjOotvrolgYm7eLFZqghgYjJeUH/9V1UCsXvepXgh8h05xckCUuw
gUf4Pegh4ml+ANGNmpb6qXfUS+uRCRvODSQpcYE54Y3O4fZqeKRFOdL6yQX3X8vf
Vz7F0ixCSY4ewiCM7xUJ49+PG4mFNEFq0kQ2AdYSCHgKQ8+3SzT6PN02/Ahjutox
Sp23XIV7ry1LZOzPWQYOayUZxHbpFv1zxPBPL3rTS1F8HWAWh74ALvpawobIRrTe
HeTSOZ9gFKx2Zp8uu5ayjJjWS/555sdaoSc5Ohka9xEG3mV2Omjf60rxsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOOfQmW5FgV8YcqlaTD7X83lqUFcMB8GA1UdIwQY
MBaAFGerqa+jfZvOQH/iPHkZiS2dnAk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAt
YjAxZDhmMjk1YzE5LzEvNDU5Q1pia1dCWHhoeXFWcE1QdGZ6ZVdwUVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAtYjAxZDhmMjk1YzE5
LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfACg
MA0GCSqGSIb3DQEBCwUAA4IBAQCS/iGa8gDyRCObbrkNurSCTzZbmnp/wDEMnpex
O9T6Ni0stv1LwozPXeynlTZdid0m6g/q9KTz/Yipg+H6nI8OIU6SfEAYfFW1Hwku
/NsTMtwNI7jItSOgKPcWEVQxuuOVHn8FyjOsjTC9LH3ilThDZp6q5rddXfVAdTA0
Z+qOAQ2wTGuiTmA3LoZUrpDyj90eKHksNFQNuiHo8YkulTNu09Lp90n3u2atQocn
dW/OAnfCcBwOfpK6P6hF6t0bBFjgKMSRWzfyW+JIcUIyenxhpOQVGt3mrA1hOxQL
y2wTbobQoZ4ab+cQpPQTebdTTz5i3ZIHsEiusxzpW6Lrl997
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:16 2025 by rpki-client