Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3f1c35-5a68-4786-9181-59f19fa10a1c/1/gGr4plkmXvzXdIo4NbkdcDWfuX8.roa
File: gGr4plkmXvzXdIo4NbkdcDWfuX8.roa (raw, json)
Hash identifier: etyLD2bHB4KUML3Sh9VSUgcAO9gxiWwVd/quhsHCCyg=
Subject key identifier: 80:6A:F8:A6:59:26:5E:FC:D7:74:8A:38:35:B9:1D:70:35:9F:B9:7F
Certificate issuer: /CN=20ebaf554c91468c10524baf742ea4b1a5d0b49c
Certificate serial: 048805BF
Authority key identifier: 20:EB:AF:55:4C:91:46:8C:10:52:4B:AF:74:2E:A4:B1:A5:D0:B4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOuvVUyRRowQUkuvdC6ksaXQtJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3f1c35-5a68-4786-9181-59f19fa10a1c/1/gGr4plkmXvzXdIo4NbkdcDWfuX8.roa
Signing time: Sat 01 Jan 2022 14:01:07 +0000
ROA not before: Sat 01 Jan 2022 14:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212834
IP address blocks: 2001:678:de8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76023231 (0x48805bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ebaf554c91468c10524baf742ea4b1a5d0b49c
Validity
Not Before: Jan 1 14:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=806af8a659265efcd7748a3835b91d70359fb97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:a4:76:c6:6b:0f:f1:6b:ac:67:ba:54:74:
6d:15:95:e5:8c:01:94:fb:e7:81:bb:ec:71:ec:16:
6a:ef:5d:7d:43:3c:df:bc:9d:56:bc:92:52:98:44:
1c:9b:74:e3:6b:b3:85:8d:74:81:16:82:ac:a1:9a:
5f:b3:9c:fc:e3:30:55:f5:5a:37:4f:2a:c0:54:f3:
33:82:ed:e2:c4:c6:17:30:f1:2b:32:fe:c6:08:1f:
4f:c9:ec:98:c6:09:2f:d9:cf:42:b2:b8:63:ff:11:
d6:fb:3e:36:94:ff:e3:0a:7f:8a:f5:82:cc:8b:a5:
cc:d2:b4:34:47:ed:1e:e9:8f:6c:24:9a:8a:6e:3a:
fc:d7:3f:8c:a9:9f:71:b2:32:20:9f:e9:f7:13:ca:
3f:9d:fc:eb:dc:7f:f2:31:3e:b8:f1:a3:3f:32:2b:
63:13:cd:37:19:05:3f:c1:df:44:7f:8d:5e:73:2c:
89:6b:00:a5:d5:0a:f5:7c:7a:6d:53:94:57:b8:64:
d9:a3:23:d4:f2:d7:d2:0d:21:b5:c9:db:4f:16:56:
62:d9:80:44:15:ba:38:90:7b:70:e6:46:04:6b:a1:
91:6b:99:92:c0:2a:8f:24:03:35:11:13:5b:5e:6b:
f6:8b:a8:a7:4c:15:a8:7d:b6:b4:73:6a:da:cc:8e:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6A:F8:A6:59:26:5E:FC:D7:74:8A:38:35:B9:1D:70:35:9F:B9:7F
X509v3 Authority Key Identifier:
keyid:20:EB:AF:55:4C:91:46:8C:10:52:4B:AF:74:2E:A4:B1:A5:D0:B4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOuvVUyRRowQUkuvdC6ksaXQtJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3f1c35-5a68-4786-9181-59f19fa10a1c/1/gGr4plkmXvzXdIo4NbkdcDWfuX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3f1c35-5a68-4786-9181-59f19fa10a1c/1/IOuvVUyRRowQUkuvdC6ksaXQtJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:de8::/48
Signature Algorithm: sha256WithRSAEncryption
3d:ea:9c:57:54:b6:4b:eb:23:b7:67:72:29:da:0b:15:4a:dc:
03:68:d9:39:19:ed:c8:ac:fb:f1:09:6f:36:3d:d8:b6:32:94:
df:80:b8:f3:21:24:3d:d9:d6:ce:aa:12:2d:c4:2c:5e:6b:1e:
9c:6d:b9:c7:14:d7:19:af:02:49:ab:67:b9:d5:5b:b1:dd:9c:
9c:5b:ab:37:83:8e:7e:7d:9c:f7:c2:b1:53:2a:34:94:47:1b:
b8:56:f9:ff:c4:f9:dd:c1:1f:77:87:1c:17:43:43:d0:ef:fd:
4d:e4:9c:c9:65:55:fe:87:0a:e0:62:7c:8c:10:45:49:29:9f:
97:9d:6c:3c:f3:9a:16:ae:46:29:d2:0c:9e:ba:9f:a7:c6:6a:
6e:d1:ab:07:bb:77:2b:62:a0:55:01:41:d4:d0:0c:52:7a:14:
97:63:e4:bd:d9:8b:40:65:84:4c:e0:b8:73:96:95:f4:1d:bc:
71:f7:da:5f:d8:a7:5d:5e:48:e9:77:ad:28:57:62:59:f8:4d:
e5:be:d7:23:90:37:3b:c8:e5:47:94:d8:31:82:1f:9a:e9:8d:
68:ae:25:c0:93:7d:4a:35:9d:4d:ed:ad:dd:70:34:bf:0a:a6:
7d:16:94:01:2a:ba:03:9b:e2:59:62:de:a8:85:41:35:ff:0a:
f7:86:07:4e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBIgFvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGViYWY1NTRjOTE0NjhjMTA1MjRiYWY3NDJlYTRiMWE1ZDBiNDljMB4XDTIyMDEw
MTE0MDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA2YWY4YTY1OTI2
NWVmY2Q3NzQ4YTM4MzViOTFkNzAzNTlmYjk3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXDpHbGaw/xa6xnulR0bRWV5YwBlPvngbvscewWau9dfUM8
37ydVrySUphEHJt042uzhY10gRaCrKGaX7Oc/OMwVfVaN08qwFTzM4Lt4sTGFzDx
KzL+xggfT8nsmMYJL9nPQrK4Y/8R1vs+NpT/4wp/ivWCzIulzNK0NEftHumPbCSa
im46/Nc/jKmfcbIyIJ/p9xPKP53869x/8jE+uPGjPzIrYxPNNxkFP8HfRH+NXnMs
iWsApdUK9Xx6bVOUV7hk2aMj1PLX0g0htcnbTxZWYtmARBW6OJB7cOZGBGuhkWuZ
ksAqjyQDNRETW15r9ouop0wVqH22tHNq2syOW10CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSAavimWSZe/Nd0ijg1uR1wNZ+5fzAfBgNVHSMEGDAWgBQg669VTJFGjBBS
S690LqSxpdC0nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lPdXZWVXlSUm93UVVrdXZkQzZrc2FYUXRKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvM2YxYzM1LTVhNjgtNDc4Ni05MTgxLTU5ZjE5ZmExMGExYy8x
L2dHcjRwbGttWHZ6WGRJbzROYmtkY0RXZnVYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
M2YxYzM1LTVhNjgtNDc4Ni05MTgxLTU5ZjE5ZmExMGExYy8xL0lPdXZWVXlSUm93
UVVrdXZkQzZrc2FYUXRKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN6DANBgkqhkiG9w0BAQsF
AAOCAQEAPeqcV1S2S+sjt2dyKdoLFUrcA2jZORntyKz78QlvNj3YtjKU34C48yEk
PdnWzqoSLcQsXmsenG25xxTXGa8CSatnudVbsd2cnFurN4OOfn2c98KxUyo0lEcb
uFb5/8T53cEfd4ccF0ND0O/9TeScyWVV/ocK4GJ8jBBFSSmfl51sPPOaFq5GKdIM
nrqfp8ZqbtGrB7t3K2KgVQFB1NAMUnoUl2PkvdmLQGWETOC4c5aV9B28cffaX9in
XV5I6XetKFdiWfhN5b7XI5A3O8jlR5TYMYIfmumNaK4lwJN9SjWdTe2t3XA0vwqm
fRaUASq6A5viWWLeqIVBNf8K94YHTg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:52 2025 by rpki-client