Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/oGhmGhaIVY4KNOIeecgq9bYFado.roa
File: oGhmGhaIVY4KNOIeecgq9bYFado.roa (raw, json)
Hash identifier: DwJVZgbU2HytEHjdN14GsqSvNau3K/ok68DiKACyze8=
Subject key identifier: A0:68:66:1A:16:88:55:8E:0A:34:E2:1E:79:C8:2A:F5:B6:05:69:DA
Certificate issuer: /CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Certificate serial: 0188A777964D5D5E3F402D7E155A61DB8E84
Authority key identifier: 8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/oGhmGhaIVY4KNOIeecgq9bYFado.roa
Signing time: Sat 10 Jun 2023 22:40:12 +0000
ROA not before: Sat 10 Jun 2023 22:40:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41948
IP address blocks: 2001:678:4c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a7:77:96:4d:5d:5e:3f:40:2d:7e:15:5a:61:db:8e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Validity
Not Before: Jun 10 22:40:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a068661a1688558e0a34e21e79c82af5b60569da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ad:38:29:98:6a:fb:9c:89:84:03:04:f2:55:
1a:d1:60:46:cf:0c:47:00:7f:8b:a5:61:6e:89:04:
48:01:6f:f4:51:11:67:80:09:b7:77:e0:24:a2:40:
ba:e2:f2:c4:04:06:57:65:55:9d:69:74:4f:0a:a2:
1b:9b:32:f7:a6:95:d6:f7:60:8f:19:da:dc:0a:46:
34:dc:a1:3d:86:ca:00:33:39:28:6b:fa:05:a7:1d:
4a:b4:ed:ce:54:bd:cf:3a:a2:74:cf:ae:7a:b9:69:
99:4a:da:d7:1b:eb:ab:a7:36:55:a5:2c:f5:f1:61:
68:28:80:b1:dc:fd:96:e6:3c:c0:a4:c3:30:d0:b7:
b3:b7:ee:45:52:5f:51:03:bc:df:08:4c:e8:08:e6:
05:99:ec:69:ca:77:44:54:a4:45:f6:df:9e:3c:0c:
2d:60:8b:55:fb:59:a1:b2:01:1f:4f:d4:2f:5f:80:
29:f8:44:34:80:4c:b8:e7:68:fc:b7:e1:82:24:d3:
06:7c:e9:84:75:38:48:f2:0c:55:f0:82:e5:97:68:
77:e7:f2:bd:eb:6c:2d:45:ac:e3:9b:a6:76:a7:23:
ec:93:9b:32:72:b1:71:4a:06:80:23:36:d6:03:a4:
7f:18:c9:46:15:92:8c:ad:db:26:0c:bb:e2:f1:d6:
45:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:68:66:1A:16:88:55:8E:0A:34:E2:1E:79:C8:2A:F5:B6:05:69:DA
X509v3 Authority Key Identifier:
keyid:8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/oGhmGhaIVY4KNOIeecgq9bYFado.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/j4aF263_sB3czmxNgql_M8BA7S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4c0::/48
Signature Algorithm: sha256WithRSAEncryption
6e:1f:a8:a7:49:e3:da:05:d0:3a:df:a9:3f:9e:70:b3:29:df:
5e:09:e9:47:25:3a:e5:f2:24:b1:f6:7b:b5:55:90:eb:73:dd:
82:f7:34:aa:2d:73:df:f8:f8:3d:87:15:e6:e4:6d:78:77:b0:
b1:93:f9:96:18:87:2a:c2:cf:76:63:ae:40:f5:8c:5d:30:23:
71:bb:86:19:87:c9:67:5a:1b:66:a8:b3:a0:9a:35:7b:54:da:
ed:7f:94:5f:09:40:9c:a1:9e:8c:fc:ff:12:5b:4f:9c:26:59:
81:27:6b:81:ca:41:c3:b9:7b:0b:65:bf:7c:b6:a4:d2:27:1a:
5d:c8:42:d8:ba:81:99:a0:90:49:05:f6:b6:1d:f6:31:ce:d9:
c1:bd:46:ad:e4:22:3d:ef:99:7a:89:20:95:55:62:36:a6:8c:
4e:5d:77:17:06:f1:7d:6b:87:c1:92:dc:fa:e5:23:14:55:ac:
2d:ee:5d:e0:53:cf:a9:31:7b:66:3c:66:24:cc:af:fc:02:ca:
79:17:aa:cb:90:73:23:84:cd:7c:98:9d:74:b5:ca:dd:ef:bc:
18:43:ec:ac:e9:50:03:38:c9:42:c2:6f:c9:1e:5f:51:9d:72:
05:39:ca:02:da:92:9f:4d:41:4c:05:18:fc:05:a7:a5:17:3c:
83:67:ad:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYind5ZNXV4/QC1+FVph246EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmODY4NWRiYWRmZmIwMWRkY2NlNmM0ZDgyYTk3ZjMzYzA0
MGVkMmQwHhcNMjMwNjEwMjI0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY4NjYxYTE2ODg1NThlMGEzNGUyMWU3OWM4MmFmNWI2MDU2OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK04KZhq+5yJhAME8lUa0WBGzwxH
AH+LpWFuiQRIAW/0URFngAm3d+AkokC64vLEBAZXZVWdaXRPCqIbmzL3ppXW92CP
GdrcCkY03KE9hsoAMzkoa/oFpx1KtO3OVL3POqJ0z656uWmZStrXG+urpzZVpSz1
8WFoKICx3P2W5jzApMMw0Lezt+5FUl9RA7zfCEzoCOYFmexpyndEVKRF9t+ePAwt
YItV+1mhsgEfT9QvX4Ap+EQ0gEy452j8t+GCJNMGfOmEdThI8gxV8ILll2h35/K9
62wtRazjm6Z2pyPsk5sycrFxSgaAIzbWA6R/GMlGFZKMrdsmDLvi8dZFNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKBoZhoWiFWOCjTiHnnIKvW2BWnaMB8GA1UdIwQY
MBaAFI+Ghdut/7Ad3M5sTYKpfzPAQO0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajRhRjI2M19zQjNjem14TmdxbF9NOEJBN1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MTJmMDMtYWZlOS00ZjY1LWFjZWMt
NjdjZmUzMDY3YjJhLzEvb0dobUdoYUlWWTRLTk9JZWVjZ3E5YllGYWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MTJmMDMtYWZlOS00ZjY1LWFjZWMtNjdjZmUzMDY3YjJh
LzEvajRhRjI2M19zQjNjem14TmdxbF9NOEJBN1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeATA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuH6inSePaBdA636k/nnCzKd9eCelHJTrl8iSx
9nu1VZDrc92C9zSqLXPf+Pg9hxXm5G14d7Cxk/mWGIcqws92Y65A9YxdMCNxu4YZ
h8lnWhtmqLOgmjV7VNrtf5RfCUCcoZ6M/P8SW0+cJlmBJ2uBykHDuXsLZb98tqTS
JxpdyELYuoGZoJBJBfa2HfYxztnBvUat5CI975l6iSCVVWI2poxOXXcXBvF9a4fB
ktz65SMUVawt7l3gU8+pMXtmPGYkzK/8Asp5F6rLkHMjhM18mJ10tcrd77wYQ+ys
6VADOMlCwm/JHl9RnXIFOcoC2pKfTUFMBRj8BaelFzyDZ61s
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:44:06 2025 by rpki-client