Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/r5lOR5F-dGWgiYfpe5Z_u4zWqNg.roa
File: r5lOR5F-dGWgiYfpe5Z_u4zWqNg.roa (raw, json)
Hash identifier: xMlrfOUGmnYEsIFPwv3JJH+LMssKemnB/0zNbDms0vI=
Subject key identifier: AF:99:4E:47:91:7E:74:65:A0:89:87:E9:7B:96:7F:BB:8C:D6:A8:D8
Certificate issuer: /CN=4aabd1a765ae5cbe1dc93daf024d3a47e72ac918
Certificate serial: 01856FF94A3B6B8A483325BDDE79197CCC75
Authority key identifier: 4A:AB:D1:A7:65:AE:5C:BE:1D:C9:3D:AF:02:4D:3A:47:E7:2A:C9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqvRp2WuXL4dyT2vAk06R-cqyRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/r5lOR5F-dGWgiYfpe5Z_u4zWqNg.roa
Signing time: Mon 02 Jan 2023 00:54:46 +0000
ROA not before: Mon 02 Jan 2023 00:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210961
IP address blocks: 2001:67c:30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4a:3b:6b:8a:48:33:25:bd:de:79:19:7c:cc:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aabd1a765ae5cbe1dc93daf024d3a47e72ac918
Validity
Not Before: Jan 2 00:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af994e47917e7465a08987e97b967fbb8cd6a8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:56:98:76:60:bd:ae:7e:02:26:06:db:87:df:
41:a0:87:9d:0a:1a:7f:55:c0:04:70:a9:07:65:fe:
78:c0:2c:ca:ca:18:cc:f8:5e:77:d0:80:3e:14:3d:
b3:3b:bf:5c:82:ef:ea:cb:8c:1d:66:a4:36:70:5b:
99:42:56:5c:85:50:da:66:e7:41:3d:6b:51:e5:03:
f0:89:62:e5:1b:e0:0d:21:d6:48:04:db:9c:66:f4:
38:31:57:56:b5:e4:6d:dd:ea:ae:33:a5:60:98:6c:
a4:84:aa:31:37:47:30:e5:d5:88:b2:97:52:0b:54:
bf:1f:34:eb:73:32:06:36:cd:4c:8b:a2:df:86:f6:
da:9f:2a:fa:ea:d2:93:b6:3f:b9:fe:29:07:9f:01:
34:b0:95:63:04:ac:05:8e:66:ae:f2:d0:40:f6:84:
80:c5:ed:ac:f5:55:f4:64:62:f5:c1:cf:3f:fd:85:
de:d0:17:ab:4f:97:82:fd:c2:5f:7b:01:2e:6b:85:
62:bf:7d:5a:ef:0e:bf:79:e5:0b:80:de:35:51:2d:
22:95:c4:cd:60:48:fb:c6:0e:83:f3:31:fa:9e:b0:
d5:10:50:80:cd:b2:53:45:f4:e6:77:f1:e1:78:99:
23:c1:6c:25:f7:97:8a:75:f4:03:05:2b:30:54:55:
3d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:99:4E:47:91:7E:74:65:A0:89:87:E9:7B:96:7F:BB:8C:D6:A8:D8
X509v3 Authority Key Identifier:
keyid:4A:AB:D1:A7:65:AE:5C:BE:1D:C9:3D:AF:02:4D:3A:47:E7:2A:C9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqvRp2WuXL4dyT2vAk06R-cqyRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/r5lOR5F-dGWgiYfpe5Z_u4zWqNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/SqvRp2WuXL4dyT2vAk06R-cqyRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:30::/48
Signature Algorithm: sha256WithRSAEncryption
6b:b3:a5:e4:12:d9:28:d4:e4:e5:87:83:cc:14:24:41:a3:b8:
10:5c:b6:49:87:35:74:74:61:3e:e9:2d:f4:4b:c1:3b:b6:f7:
e3:b6:7d:20:48:e5:a4:aa:a7:9d:b1:c6:e5:b7:4b:9e:fe:30:
5d:3a:69:5e:a7:04:3e:e2:15:db:50:6f:d7:12:b4:15:46:b9:
dc:07:be:af:17:67:a1:b8:8d:bc:98:43:80:ac:0e:87:8c:b5:
0f:94:f7:ce:16:eb:3d:80:ac:80:c1:d9:82:f4:26:bd:f5:de:
c9:76:5c:f1:b7:22:06:9a:9c:56:38:72:c8:1e:72:d5:e6:ac:
aa:db:04:f6:35:73:1b:dd:5f:83:1e:05:92:b8:80:1b:70:a0:
68:8c:07:17:b1:61:9b:66:50:a6:ef:19:59:f4:fd:75:93:04:
2c:1e:c1:ba:1c:1d:b3:0f:ae:f4:fb:6d:f1:e1:47:f8:0d:d2:
5f:19:ac:9d:3e:a2:59:2a:7b:8d:02:0f:3b:53:81:9f:55:1f:
48:cd:2b:7d:e8:e7:25:ce:34:ec:72:c4:87:01:16:cd:20:3c:
23:e7:2c:40:71:11:9a:31:5f:aa:0c:00:ef:fc:fe:0b:8f:0a:
25:af:de:51:59:0d:09:7a:d9:d0:98:34:88:9c:87:2f:04:6b:
49:d5:46:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv+Uo7a4pIMyW93nkZfMx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWJkMWE3NjVhZTVjYmUxZGM5M2RhZjAyNGQzYTQ3ZTcy
YWM5MTgwHhcNMjMwMTAyMDA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk5NGU0NzkxN2U3NDY1YTA4OTg3ZTk3Yjk2N2ZiYjhjZDZhOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1aYdmC9rn4CJgbbh99BoIedChp/
VcAEcKkHZf54wCzKyhjM+F530IA+FD2zO79cgu/qy4wdZqQ2cFuZQlZchVDaZudB
PWtR5QPwiWLlG+ANIdZIBNucZvQ4MVdWteRt3equM6VgmGykhKoxN0cw5dWIspdS
C1S/HzTrczIGNs1Mi6Lfhvbanyr66tKTtj+5/ikHnwE0sJVjBKwFjmau8tBA9oSA
xe2s9VX0ZGL1wc8//YXe0BerT5eC/cJfewEua4Viv31a7w6/eeULgN41US0ilcTN
YEj7xg6D8zH6nrDVEFCAzbJTRfTmd/HheJkjwWwl95eKdfQDBSswVFU9vQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK+ZTkeRfnRloImH6XuWf7uM1qjYMB8GA1UdIwQY
MBaAFEqr0adlrly+Hck9rwJNOkfnKskYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F2UnAyV3VYTDRkeVQydkFrMDZSLWNxeVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mYmYyMzktNWY4YS00ZDZhLWEwY2It
NDRhYzZhZGIzYTQ5LzEvcjVsT1I1Ri1kR1dnaVlmcGU1Wl91NHpXcU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mYmYyMzktNWY4YS00ZDZhLWEwY2ItNDRhYzZhZGIzYTQ5
LzEvU3F2UnAyV3VYTDRkeVQydkFrMDZSLWNxeVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAAw
MA0GCSqGSIb3DQEBCwUAA4IBAQBrs6XkEtko1OTlh4PMFCRBo7gQXLZJhzV0dGE+
6S30S8E7tvfjtn0gSOWkqqedscblt0ue/jBdOmlepwQ+4hXbUG/XErQVRrncB76v
F2ehuI28mEOArA6HjLUPlPfOFus9gKyAwdmC9Ca99d7JdlzxtyIGmpxWOHLIHnLV
5qyq2wT2NXMb3V+DHgWSuIAbcKBojAcXsWGbZlCm7xlZ9P11kwQsHsG6HB2zD670
+23x4Uf4DdJfGaydPqJZKnuNAg87U4GfVR9IzSt96OclzjTscsSHARbNIDwj5yxA
cRGaMV+qDADv/P4Ljwolr95RWQ0JetnQmDSInIcvBGtJ1UZ2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:17 2025 by rpki-client