Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/624546-4ac8-4dbe-8697-aace878bab65/1/POXjDcd-cNQYUcX_93mCoNSbtH4.roa
File: POXjDcd-cNQYUcX_93mCoNSbtH4.roa (raw, json)
Hash identifier: jrcNj146ORkMpyDqLov4jY8Kk1X3GQ45U6b4uwz0OPM=
Subject key identifier: 3C:E5:E3:0D:C7:7E:70:D4:18:51:C5:FF:F7:79:82:A0:D4:9B:B4:7E
Certificate issuer: /CN=f9cb9094cb7cda138bd010013eb9ecc331903041
Certificate serial: 0185718C15C4D92BD003E794C41D4A285995
Authority key identifier: F9:CB:90:94:CB:7C:DA:13:8B:D0:10:01:3E:B9:EC:C3:31:90:30:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cuQlMt82hOL0BABPrnswzGQMEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/624546-4ac8-4dbe-8697-aace878bab65/1/POXjDcd-cNQYUcX_93mCoNSbtH4.roa
Signing time: Mon 02 Jan 2023 08:14:44 +0000
ROA not before: Mon 02 Jan 2023 08:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60391
IP address blocks: 2001:67c:12ac::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:15:c4:d9:2b:d0:03:e7:94:c4:1d:4a:28:59:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9cb9094cb7cda138bd010013eb9ecc331903041
Validity
Not Before: Jan 2 08:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ce5e30dc77e70d41851c5fff77982a0d49bb47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:34:4c:45:7a:6c:9e:6f:b9:b6:fe:94:6d:6c:
db:08:b7:73:0e:47:1e:4e:1d:a1:72:ab:88:9d:51:
57:2b:22:31:01:3f:82:49:ec:80:67:88:49:c4:1a:
58:10:bb:4c:78:38:bf:5c:da:05:70:3f:9e:e0:2c:
04:53:44:ef:5a:72:26:00:34:2f:db:f5:96:3c:b5:
27:95:6f:8f:ff:9b:50:ba:80:ff:85:b8:31:44:45:
46:81:3f:6a:a2:57:20:22:15:c4:a3:cb:6c:98:5c:
51:bb:52:5b:cc:88:86:17:43:71:e6:c0:f1:aa:7e:
fd:0f:53:aa:88:cb:d7:03:7e:2a:20:b2:69:f4:40:
17:4c:43:d1:10:72:10:9d:84:3a:59:31:b8:e7:73:
26:9d:82:46:23:18:02:a1:48:1e:af:78:a2:5b:e9:
ea:ea:c7:04:fb:c5:71:9f:9b:51:14:13:70:34:3f:
8e:2a:fc:43:be:64:19:7e:ba:bf:82:8c:79:83:84:
ae:e9:cc:ff:fa:ba:43:c5:9c:62:ff:13:dd:f2:2d:
30:22:8f:b2:79:70:5a:f8:12:3c:87:7e:c9:ee:5f:
5c:eb:59:12:b0:45:43:c8:72:ed:1d:3c:c0:e4:2f:
26:5f:08:1c:13:e2:c1:c8:e4:45:ad:8a:52:27:4b:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E5:E3:0D:C7:7E:70:D4:18:51:C5:FF:F7:79:82:A0:D4:9B:B4:7E
X509v3 Authority Key Identifier:
keyid:F9:CB:90:94:CB:7C:DA:13:8B:D0:10:01:3E:B9:EC:C3:31:90:30:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cuQlMt82hOL0BABPrnswzGQMEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/624546-4ac8-4dbe-8697-aace878bab65/1/POXjDcd-cNQYUcX_93mCoNSbtH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/624546-4ac8-4dbe-8697-aace878bab65/1/1-cuQlMt82hOL0BABPrnswzGQMEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:12ac::/48
Signature Algorithm: sha256WithRSAEncryption
16:d8:a3:2c:1a:a1:72:98:bd:c7:34:3f:21:9f:5c:34:88:9f:
08:ae:bd:5e:94:27:74:6f:b8:f2:f6:ba:5f:65:47:72:0f:e3:
29:8a:56:10:fb:4f:86:33:53:f0:f6:59:d9:3a:b9:99:ba:dc:
95:a8:f9:e7:ce:f1:ce:82:6e:69:67:d7:1d:0b:d4:0a:b2:47:
b1:89:ba:dc:ec:2a:91:98:33:d2:04:7b:70:5b:ad:85:5f:c8:
ac:50:1b:49:fe:24:de:3a:8a:2e:8e:4b:9d:c8:a2:90:12:95:
a7:64:2d:ff:d2:da:2e:61:c5:5c:ad:d2:00:58:84:fd:1f:0b:
5a:cf:c8:57:bf:ce:e1:a9:7f:25:ec:5c:c9:5e:c1:ab:82:48:
d3:04:5a:4a:9d:a2:55:7b:c2:9f:47:bf:1d:a9:ea:04:b4:bf:
96:f3:f1:1a:24:5b:3f:c1:93:59:c1:ac:8c:dd:59:69:a4:ec:
d4:7b:ba:8a:ee:fe:6b:15:99:93:c0:ad:e9:c3:43:d5:bf:3d:
b4:99:6d:e8:b0:b4:aa:2b:03:ee:e0:ee:2f:65:67:55:82:5c:
e7:1d:3f:e2:29:f2:35:0a:08:e0:0a:ff:9b:32:59:0b:f3:6c:
ff:e6:31:ad:0f:b0:9c:b7:72:63:42:5c:48:f2:97:cf:d9:82:
1f:31:00:4c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVxjBXE2SvQA+eUxB1KKFmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5Y2I5MDk0Y2I3Y2RhMTM4YmQwMTAwMTNlYjllY2MzMzE5
MDMwNDEwHhcNMjMwMTAyMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U1ZTMwZGM3N2U3MGQ0MTg1MWM1ZmZmNzc5ODJhMGQ0OWJiNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzRMRXpsnm+5tv6UbWzbCLdzDkce
Th2hcquInVFXKyIxAT+CSeyAZ4hJxBpYELtMeDi/XNoFcD+e4CwEU0TvWnImADQv
2/WWPLUnlW+P/5tQuoD/hbgxREVGgT9qolcgIhXEo8tsmFxRu1JbzIiGF0Nx5sDx
qn79D1OqiMvXA34qILJp9EAXTEPREHIQnYQ6WTG453MmnYJGIxgCoUger3iiW+nq
6scE+8Vxn5tRFBNwND+OKvxDvmQZfrq/gox5g4Su6cz/+rpDxZxi/xPd8i0wIo+y
eXBa+BI8h37J7l9c61kSsEVDyHLtHTzA5C8mXwgcE+LByORFrYpSJ0ujeQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFDzl4w3HfnDUGFHF//d5gqDUm7R+MB8GA1UdIwQY
MBaAFPnLkJTLfNoTi9AQAT657MMxkDBBMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jdVFsTXQ4MmhPTDBCQUJQcm5zd3pHUU1FRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvNjI0NTQ2LTRhYzgtNGRiZS04Njk3
LWFhY2U4NzhiYWI2NS8xL1BPWGpEY2QtY05RWVVjWF85M21Db05TYnRINC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvNjI0NTQ2LTRhYzgtNGRiZS04Njk3LWFhY2U4NzhiYWI2
NS8xLzEtY3VRbE10ODJoT0wwQkFCUHJuc3d6R1FNRUUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ8
EqwwDQYJKoZIhvcNAQELBQADggEBABbYoywaoXKYvcc0PyGfXDSInwiuvV6UJ3Rv
uPL2ul9lR3IP4ymKVhD7T4YzU/D2Wdk6uZm63JWo+efO8c6Cbmln1x0L1AqyR7GJ
utzsKpGYM9IEe3BbrYVfyKxQG0n+JN46ii6OS53IopASladkLf/S2i5hxVyt0gBY
hP0fC1rPyFe/zuGpfyXsXMlewauCSNMEWkqdolV7wp9Hvx2p6gS0v5bz8RokWz/B
k1nBrIzdWWmk7NR7uoru/msVmZPArenDQ9W/PbSZbeiwtKorA+7g7i9lZ1WCXOcd
P+Ip8jUKCOAK/5syWQvzbP/mMa0PsJy3cmNCXEjyl8/Zgh8xAEw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:40 2025 by rpki-client