Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/093fcb-fe77-449b-a1af-21bc48ef1660/1/KtPRFkSy8aezOYlDp_9SINqy34o.roa
File: KtPRFkSy8aezOYlDp_9SINqy34o.roa (raw, json)
Hash identifier: 8t6kEQcOJTC7ZSZfSBgMenAkaExbPeJnuJvIj8X4bUM=
Subject key identifier: 2A:D3:D1:16:44:B2:F1:A7:B3:39:89:43:A7:FF:52:20:DA:B2:DF:8A
Certificate issuer: /CN=4978a8641ce785be34685030527723e5fdce562a
Certificate serial: 018C43C15CC17C371C305C8143E904C4C440
Authority key identifier: 49:78:A8:64:1C:E7:85:BE:34:68:50:30:52:77:23:E5:FD:CE:56:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SXioZBznhb40aFAwUncj5f3OVio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/093fcb-fe77-449b-a1af-21bc48ef1660/1/KtPRFkSy8aezOYlDp_9SINqy34o.roa
Signing time: Thu 07 Dec 2023 10:09:54 +0000
ROA not before: Thu 07 Dec 2023 10:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215912
IP address blocks: 2001:67c:d60::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:c1:5c:c1:7c:37:1c:30:5c:81:43:e9:04:c4:c4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4978a8641ce785be34685030527723e5fdce562a
Validity
Not Before: Dec 7 10:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad3d11644b2f1a7b3398943a7ff5220dab2df8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8b:5d:01:05:d7:7c:18:0c:ed:2b:b9:7c:9d:
92:d8:6c:28:b0:e5:ec:cd:38:50:d1:86:61:f8:ea:
3e:10:c9:89:70:61:39:5b:e5:0c:cf:f7:03:2a:65:
a3:c6:a5:91:88:2c:a0:49:2c:ef:d4:97:7b:45:86:
36:a2:5f:64:24:14:ba:da:4d:f9:1b:7b:8d:db:9c:
1f:cc:d7:ab:d6:0a:fe:f8:c5:3b:3f:74:34:f3:01:
e3:00:32:3e:4c:86:a0:1b:52:85:e6:5b:f0:f3:68:
6f:4c:a3:4d:65:74:60:e0:35:14:23:89:de:de:0e:
17:10:ed:e6:58:c1:c0:83:2f:6d:c9:c4:00:ab:63:
99:11:c0:6f:45:41:db:b9:ed:98:17:58:5d:a7:98:
f1:70:46:fb:3e:40:6b:33:da:96:4e:1e:b2:1d:cd:
68:5a:67:b5:69:19:41:c9:47:6d:85:84:5c:9e:cb:
2b:00:88:9f:d3:08:14:53:d9:3c:fd:f9:96:93:8c:
18:b5:7f:68:c6:22:b0:c0:76:8f:d6:85:41:df:8f:
4c:72:f1:d1:97:5b:a2:bc:0a:30:28:29:77:8b:d6:
1a:d1:89:c6:a2:8b:0c:3c:b7:05:6f:33:93:3b:26:
50:7a:5e:e7:79:78:d3:b6:4a:d2:6e:cb:4b:43:6d:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:D1:16:44:B2:F1:A7:B3:39:89:43:A7:FF:52:20:DA:B2:DF:8A
X509v3 Authority Key Identifier:
keyid:49:78:A8:64:1C:E7:85:BE:34:68:50:30:52:77:23:E5:FD:CE:56:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SXioZBznhb40aFAwUncj5f3OVio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/093fcb-fe77-449b-a1af-21bc48ef1660/1/KtPRFkSy8aezOYlDp_9SINqy34o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/093fcb-fe77-449b-a1af-21bc48ef1660/1/SXioZBznhb40aFAwUncj5f3OVio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d60::/48
Signature Algorithm: sha256WithRSAEncryption
8a:bc:77:66:0f:1c:6b:94:3e:7e:df:41:85:14:04:dd:07:c2:
34:3a:a6:bc:94:6a:20:c1:76:b2:b2:f4:c6:f0:3b:e6:e0:57:
06:53:87:86:9b:44:93:92:d6:d4:f3:a1:54:8f:b3:e8:81:7c:
2e:25:ce:d9:dc:cd:a0:a1:cd:da:be:67:e8:43:81:3d:8d:2e:
b0:d0:91:0f:f6:00:d6:65:45:f8:76:b5:39:13:9a:cb:3f:e5:
25:7b:0e:a7:03:cc:9a:bf:79:59:64:44:a5:03:1e:0b:d2:8c:
7e:96:ac:e9:e1:d5:2f:34:7d:94:ae:b1:35:6a:80:63:dd:25:
c8:be:5f:5b:04:4b:16:4c:67:74:f4:55:67:9d:0e:3d:de:50:
1c:93:3a:a3:89:d6:34:14:06:b7:64:2c:8c:a3:70:a9:5d:96:
79:9f:5d:68:b2:9a:69:9d:7b:c3:53:2f:7b:3c:6f:78:00:1d:
ad:ac:08:81:a0:51:78:49:f7:f0:ec:46:6d:77:71:b6:c8:be:
85:fc:38:70:94:40:02:bd:cd:f5:0b:78:9f:e2:64:08:c2:5c:
7c:30:22:41:93:e9:93:c0:25:06:5a:e0:0d:3c:f9:da:49:34:
2b:95:89:49:56:20:3b:d9:0a:df:60:32:1d:08:32:bd:b2:33:
c7:ac:84:e9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxDwVzBfDccMFyBQ+kExMRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NzhhODY0MWNlNzg1YmUzNDY4NTAzMDUyNzcyM2U1ZmRj
ZTU2MmEwHhcNMjMxMjA3MTAwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzZDExNjQ0YjJmMWE3YjMzOTg5NDNhN2ZmNTIyMGRhYjJkZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArotdAQXXfBgM7Su5fJ2S2GwosOXs
zThQ0YZh+Oo+EMmJcGE5W+UMz/cDKmWjxqWRiCygSSzv1Jd7RYY2ol9kJBS62k35
G3uN25wfzNer1gr++MU7P3Q08wHjADI+TIagG1KF5lvw82hvTKNNZXRg4DUUI4ne
3g4XEO3mWMHAgy9tycQAq2OZEcBvRUHbue2YF1hdp5jxcEb7PkBrM9qWTh6yHc1o
Wme1aRlByUdthYRcnssrAIif0wgUU9k8/fmWk4wYtX9oxiKwwHaP1oVB349McvHR
l1uivAowKCl3i9Ya0YnGoosMPLcFbzOTOyZQel7neXjTtkrSbstLQ22jJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCrT0RZEsvGnszmJQ6f/UiDast+KMB8GA1UdIwQY
MBaAFEl4qGQc54W+NGhQMFJ3I+X9zlYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1hpb1pCem5oYjQwYUZBd1VuY2o1ZjNPVmlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wOTNmY2ItZmU3Ny00NDliLWExYWYt
MjFiYzQ4ZWYxNjYwLzEvS3RQUkZrU3k4YWV6T1lsRHBfOVNJTnF5MzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wOTNmY2ItZmU3Ny00NDliLWExYWYtMjFiYzQ4ZWYxNjYw
LzEvU1hpb1pCem5oYjQwYUZBd1VuY2o1ZjNPVmlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA1g
MA0GCSqGSIb3DQEBCwUAA4IBAQCKvHdmDxxrlD5+30GFFATdB8I0Oqa8lGogwXay
svTG8Dvm4FcGU4eGm0STktbU86FUj7PogXwuJc7Z3M2goc3avmfoQ4E9jS6w0JEP
9gDWZUX4drU5E5rLP+Ulew6nA8yav3lZZESlAx4L0ox+lqzp4dUvNH2UrrE1aoBj
3SXIvl9bBEsWTGd09FVnnQ493lAckzqjidY0FAa3ZCyMo3CpXZZ5n11ospppnXvD
Uy97PG94AB2trAiBoFF4Sffw7EZtd3G2yL6F/DhwlEACvc31C3if4mQIwlx8MCJB
k+mTwCUGWuANPPnaSTQrlYlJViA72QrfYDIdCDK9sjPHrITp
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:33 2025 by rpki-client