Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/9qM4E4EFcZHs1YysCNtyqqGssYQ.roa
File: 9qM4E4EFcZHs1YysCNtyqqGssYQ.roa (raw, json)
Hash identifier: ZvjZVLCf3O7xPdyxQS+IIPS0+ErQzF2BzUTSvh6Z1mM=
Subject key identifier: F6:A3:38:13:81:05:71:91:EC:D5:8C:AC:08:DB:72:AA:A1:AC:B1:84
Certificate issuer: /CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Certificate serial: 035884C6
Authority key identifier: 53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/9qM4E4EFcZHs1YysCNtyqqGssYQ.roa
Signing time: Sat 01 Jan 2022 02:58:11 +0000
ROA not before: Sat 01 Jan 2022 02:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 2001:678:868::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56132806 (0x35884c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Validity
Not Before: Jan 1 02:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6a3381381057191ecd58cac08db72aaa1acb184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:44:35:de:df:dc:d6:1d:7d:89:7a:71:ca:c0:
aa:b4:f1:3b:11:22:2d:b5:cf:56:eb:ad:eb:28:7e:
44:d7:07:84:fd:6e:e6:a6:90:98:db:6f:fd:86:89:
fa:d3:01:da:c0:45:30:54:4c:dd:62:36:a3:7b:33:
a4:58:a8:9f:48:5b:80:b5:c0:a7:fe:97:54:74:93:
35:a8:cc:02:67:55:98:dd:1b:f4:e1:5e:44:0e:b5:
d6:fe:ed:ad:7d:d8:10:42:24:20:66:4a:41:75:6c:
bb:18:a2:49:0b:6c:44:5f:38:52:9d:dd:cf:2c:91:
13:e5:e2:52:fb:f2:3b:09:a4:37:4f:6a:c3:83:9a:
7d:4b:c1:1d:ad:8c:0e:18:cf:9b:90:38:16:6c:70:
c4:0d:bd:2a:61:10:81:34:3d:56:89:a7:02:ff:e0:
e9:58:f5:8a:6b:9f:74:1b:56:55:07:b4:1f:f0:19:
b6:27:0b:73:a9:41:ee:0e:70:58:be:0e:6b:19:27:
0c:cd:24:7d:36:4d:d6:df:dc:47:89:0c:33:a3:b7:
9b:bd:80:de:71:66:10:ef:f3:3f:c6:59:ab:1c:b5:
bd:09:8d:eb:e8:fc:97:86:97:68:56:cf:61:7e:0e:
5a:b7:8f:60:7e:33:90:b7:da:66:30:17:3c:0f:b1:
c6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A3:38:13:81:05:71:91:EC:D5:8C:AC:08:DB:72:AA:A1:AC:B1:84
X509v3 Authority Key Identifier:
keyid:53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/9qM4E4EFcZHs1YysCNtyqqGssYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:868::/48
Signature Algorithm: sha256WithRSAEncryption
98:53:2f:1f:79:86:2f:ff:82:b1:8a:8c:7b:8b:3e:e6:16:35:
23:b5:27:d6:16:5f:67:d9:c1:c8:2f:bb:11:53:fc:d7:12:c0:
70:d6:cb:88:46:c8:16:4f:89:dd:b5:42:58:74:30:4f:3c:2f:
ba:31:ce:b1:c2:0d:4b:68:f8:86:63:2a:68:08:62:d4:9d:25:
6d:2d:73:2e:69:14:95:cd:7a:58:4d:76:e3:3d:73:d3:24:f5:
d8:59:a4:94:29:68:df:e8:7e:d5:45:9c:33:d9:f5:aa:32:a4:
ff:65:39:46:05:09:69:07:0a:45:01:5a:fa:ca:56:be:c0:97:
37:8a:6e:66:01:0c:c1:41:c0:81:ad:76:a8:32:07:f9:f0:60:
8b:3e:43:91:f0:01:35:44:c2:f8:b1:4d:de:da:98:66:c7:b2:
da:37:56:27:42:ad:d1:ed:30:f1:dc:65:4d:8a:90:1c:f5:88:
5e:18:bc:c1:dc:c0:49:6a:f8:0c:82:bc:d4:42:b1:f4:a4:43:
dd:2f:c3:5e:20:4b:22:c3:41:3b:32:13:7c:44:12:51:70:cf:
eb:2e:c6:cb:32:58:91:43:b0:8d:6e:95:0e:b4:1b:b0:35:1b:
e3:6b:74:9f:1b:b0:0c:ec:85:4d:e4:4c:8b:82:3f:13:a7:bd:
30:63:2a:1e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA1iExjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Mzg1NWM4ZWNlOWJkNmY4ZTM5NDAyMDIyMTJjZTA5YjA1ZjVmOGEwMB4XDTIyMDEw
MTAyNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZhMzM4MTM4MTA1
NzE5MWVjZDU4Y2FjMDhkYjcyYWFhMWFjYjE4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFENd7f3NYdfYl6ccrAqrTxOxEiLbXPVuut6yh+RNcHhP1u
5qaQmNtv/YaJ+tMB2sBFMFRM3WI2o3szpFion0hbgLXAp/6XVHSTNajMAmdVmN0b
9OFeRA611v7trX3YEEIkIGZKQXVsuxiiSQtsRF84Up3dzyyRE+XiUvvyOwmkN09q
w4OafUvBHa2MDhjPm5A4FmxwxA29KmEQgTQ9VomnAv/g6Vj1imufdBtWVQe0H/AZ
ticLc6lB7g5wWL4OaxknDM0kfTZN1t/cR4kMM6O3m72A3nFmEO/zP8ZZqxy1vQmN
6+j8l4aXaFbPYX4OWrePYH4zkLfaZjAXPA+xxmsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT2ozgTgQVxkezVjKwI23KqoayxhDAfBgNVHSMEGDAWgBRThVyOzpvW+OOU
AgIhLOCbBfX4oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U0VmNqczZiMXZqamxBSUNJU3pnbXdYMS1LQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvODMzNmIwLWNiZTQtNGRhMi04NDFiLTFjZWZkMWZhMTBhNi8x
LzlxTTRFNEVGY1pIczFZeXNDTnR5cXFHc3NZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
ODMzNmIwLWNiZTQtNGRhMi04NDFiLTFjZWZkMWZhMTBhNi8xL1U0VmNqczZiMXZq
amxBSUNJU3pnbXdYMS1LQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngIaDANBgkqhkiG9w0BAQsF
AAOCAQEAmFMvH3mGL/+CsYqMe4s+5hY1I7Un1hZfZ9nByC+7EVP81xLAcNbLiEbI
Fk+J3bVCWHQwTzwvujHOscINS2j4hmMqaAhi1J0lbS1zLmkUlc16WE124z1z0yT1
2FmklClo3+h+1UWcM9n1qjKk/2U5RgUJaQcKRQFa+spWvsCXN4puZgEMwUHAga12
qDIH+fBgiz5DkfABNUTC+LFN3tqYZsey2jdWJ0Kt0e0w8dxlTYqQHPWIXhi8wdzA
SWr4DIK81EKx9KRD3S/DXiBLIsNBOzITfEQSUXDP6y7GyzJYkUOwjW6VDrQbsDUb
42t0nxuwDOyFTeRMi4I/E6e9MGMqHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:45 2025 by rpki-client