Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/J1BU1FmmsjB6xWJswf41HaS68HY.roa
File: J1BU1FmmsjB6xWJswf41HaS68HY.roa (raw, json)
Hash identifier: uD0qbldnSbjfTzRlDK5r/jG83nFbcf7Jt+Mejv8rmzw=
Subject key identifier: 27:50:54:D4:59:A6:B2:30:7A:C5:62:6C:C1:FE:35:1D:A4:BA:F0:76
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018572C37AE620B0C97C8C0BAE18F7FD384A
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/J1BU1FmmsjB6xWJswf41HaS68HY.roa
Signing time: Mon 02 Jan 2023 13:54:51 +0000
ROA not before: Mon 02 Jan 2023 13:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206186
IP address blocks: 2001:678:3b0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:7a:e6:20:b0:c9:7c:8c:0b:ae:18:f7:fd:38:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 2 13:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275054d459a6b2307ac5626cc1fe351da4baf076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f1:8d:36:53:ae:71:28:21:4e:8e:c5:11:9c:
e8:3e:ca:99:b4:8a:3c:53:b7:ee:17:bf:ce:32:e2:
d4:f6:87:94:f0:2d:78:fc:8a:6d:8e:0c:f2:89:7f:
f9:db:0b:ad:1b:69:af:6a:36:b7:e6:5d:e4:a9:67:
89:8c:01:d0:5e:83:11:d0:01:ef:28:28:e8:8f:ff:
3f:4c:ee:5a:fd:ea:80:eb:a0:2f:4d:e5:cd:07:c3:
e6:dc:26:d1:8f:84:1a:5b:c9:7c:36:08:27:51:d9:
0b:eb:9c:1e:c1:3e:03:48:d3:4c:0e:55:03:ce:ac:
7e:23:d4:25:be:1a:c8:34:19:84:d3:de:a2:d3:87:
65:8b:a0:cd:90:12:ac:57:e6:dc:72:c4:ee:23:67:
f6:9e:fb:33:ec:3e:ce:49:6c:10:b5:76:86:2f:1c:
e4:92:77:ca:50:78:d1:7e:4c:a8:f3:97:42:05:9a:
0e:25:f8:e8:6b:71:8c:68:8a:ff:c1:d4:d3:19:44:
60:d6:50:c6:9a:b4:22:2b:a3:04:c3:b0:cc:7a:ce:
64:3d:4e:39:c2:3d:da:2f:df:68:00:dd:7a:bd:fd:
2b:70:31:2c:36:f2:29:9d:d5:85:b3:ed:69:0a:fd:
0f:ec:d8:44:b1:9d:90:a4:41:6d:6b:45:a9:3e:0e:
d1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:50:54:D4:59:A6:B2:30:7A:C5:62:6C:C1:FE:35:1D:A4:BA:F0:76
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/J1BU1FmmsjB6xWJswf41HaS68HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:3b0::/48
Signature Algorithm: sha256WithRSAEncryption
05:d1:29:e1:2e:8a:20:c3:a0:c1:e4:f2:45:6f:af:21:21:d6:
b1:09:1c:4d:29:ed:d6:46:e2:d1:2f:6b:ae:e0:b1:ff:6e:a1:
34:90:ce:1a:90:94:50:03:ab:f5:6b:61:16:7c:5a:e2:91:f2:
88:60:6a:71:ea:7c:89:67:c8:d9:1f:86:d1:86:e8:2d:c8:43:
fe:76:08:9a:81:ac:09:cc:25:4f:75:98:ea:e7:6d:94:30:b7:
a9:b7:58:bd:0d:07:19:56:64:95:5e:f8:26:5e:94:51:9f:d7:
d0:ac:7d:a7:ee:07:1a:66:1c:a9:54:78:e7:6d:81:32:3c:09:
75:cf:f0:c2:55:18:8d:26:3c:56:63:8b:7e:03:9c:e9:5f:4c:
d2:ec:93:cf:7e:52:ca:e7:42:9b:a0:97:48:9d:de:ef:b1:20:
c6:b6:f4:47:58:7c:f8:50:4c:9a:ad:b7:c1:b7:99:62:06:15:
c7:8e:2d:20:13:b2:f0:33:ff:08:a7:85:0a:3a:d8:df:50:34:
b9:a9:78:2e:31:d3:c3:e6:bd:fd:39:86:cf:bd:eb:e8:1d:c1:
f9:0a:ea:63:3d:a9:80:1e:0d:ec:67:bb:94:e4:42:10:59:a9:
64:e9:f4:a6:29:43:d5:0e:94:25:95:d8:32:39:33:1c:66:79:
d1:5b:1d:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyw3rmILDJfIwLrhj3/ThKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwMTAyMTM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzUwNTRkNDU5YTZiMjMwN2FjNTYyNmNjMWZlMzUxZGE0YmFmMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfGNNlOucSghTo7FEZzoPsqZtIo8
U7fuF7/OMuLU9oeU8C14/IptjgzyiX/52wutG2mvaja35l3kqWeJjAHQXoMR0AHv
KCjoj/8/TO5a/eqA66AvTeXNB8Pm3CbRj4QaW8l8NggnUdkL65wewT4DSNNMDlUD
zqx+I9QlvhrINBmE096i04dli6DNkBKsV+bccsTuI2f2nvsz7D7OSWwQtXaGLxzk
knfKUHjRfkyo85dCBZoOJfjoa3GMaIr/wdTTGURg1lDGmrQiK6MEw7DMes5kPU45
wj3aL99oAN16vf0rcDEsNvIpndWFs+1pCv0P7NhEsZ2QpEFta0WpPg7RcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCdQVNRZprIwesVibMH+NR2kuvB2MB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvSjFCVTFGbW1zakI2eFdKc3dmNDFIYVM2OEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAOw
MA0GCSqGSIb3DQEBCwUAA4IBAQAF0SnhLoogw6DB5PJFb68hIdaxCRxNKe3WRuLR
L2uu4LH/bqE0kM4akJRQA6v1a2EWfFrikfKIYGpx6nyJZ8jZH4bRhugtyEP+dgia
gawJzCVPdZjq522UMLept1i9DQcZVmSVXvgmXpRRn9fQrH2n7gcaZhypVHjnbYEy
PAl1z/DCVRiNJjxWY4t+A5zpX0zS7JPPflLK50KboJdInd7vsSDGtvRHWHz4UEya
rbfBt5liBhXHji0gE7LwM/8Ip4UKOtjfUDS5qXguMdPD5r39OYbPvevoHcH5Cupj
PamAHg3sZ7uU5EIQWalk6fSmKUPVDpQlldgyOTMcZnnRWx0L
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:07 2025 by rpki-client