Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/6msdYz2QgNLLejIXyLUALsznzhA.roa
File: 6msdYz2QgNLLejIXyLUALsznzhA.roa (raw, json)
Hash identifier: TxfrX+Y8A+bv1v/IYKDvTmrX0cgP7ljJ1Pma4tiGv4s=
Subject key identifier: EA:6B:1D:63:3D:90:80:D2:CB:7A:32:17:C8:B5:00:2E:CC:E7:CE:10
Certificate issuer: /CN=948948f0dd5e2fb0a902b979ca9c5c1a44f98fa1
Certificate serial: 01856BB802ACBBF177CC23C0FF111F0E43F2
Authority key identifier: 94:89:48:F0:DD:5E:2F:B0:A9:02:B9:79:CA:9C:5C:1A:44:F9:8F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIlI8N1eL7CpArl5ypxcGkT5j6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/6msdYz2QgNLLejIXyLUALsznzhA.roa
Signing time: Sun 01 Jan 2023 05:04:59 +0000
ROA not before: Sun 01 Jan 2023 05:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212977
IP address blocks: 2001:67c:1298::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b8:02:ac:bb:f1:77:cc:23:c0:ff:11:1f:0e:43:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948948f0dd5e2fb0a902b979ca9c5c1a44f98fa1
Validity
Not Before: Jan 1 05:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea6b1d633d9080d2cb7a3217c8b5002ecce7ce10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:80:78:66:2b:29:9f:2f:1d:80:c7:da:87:
47:1e:8f:9d:b1:f2:3d:ee:01:46:8b:61:e6:c4:01:
51:ef:1e:24:d8:71:8c:5b:ff:ec:08:be:65:92:13:
83:78:d1:83:4a:83:66:52:3c:2f:7c:94:43:54:01:
69:11:e8:37:67:52:f0:47:be:cc:91:b0:11:37:aa:
c9:e2:3b:58:d4:c6:8d:e4:82:ba:9e:45:88:16:69:
c1:a9:32:75:cc:d2:ae:3c:c0:86:7a:f3:56:36:3c:
b5:48:45:89:82:d8:6e:fb:5e:c5:d8:b7:7c:c3:e8:
68:f0:f4:0d:2b:ec:13:8f:ca:2b:51:69:ec:d5:0b:
13:4d:9d:76:13:cc:82:89:f5:98:99:07:0d:db:3f:
23:94:e3:3a:4f:a8:d8:89:14:fe:91:79:15:8d:49:
aa:29:22:f6:d9:1e:73:51:6d:d3:39:c7:50:54:e5:
9f:d7:93:09:14:95:5a:74:24:44:48:92:91:ff:40:
32:69:45:58:7f:af:cd:d9:38:88:d9:89:bb:a5:3b:
d7:ef:2f:9a:3a:f1:5f:02:6a:dd:d3:00:cb:66:44:
34:12:ff:8e:a1:8e:92:e2:2b:a9:3a:41:e5:97:58:
72:a2:07:e4:36:23:44:52:06:48:9f:bd:c0:ec:6b:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6B:1D:63:3D:90:80:D2:CB:7A:32:17:C8:B5:00:2E:CC:E7:CE:10
X509v3 Authority Key Identifier:
keyid:94:89:48:F0:DD:5E:2F:B0:A9:02:B9:79:CA:9C:5C:1A:44:F9:8F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIlI8N1eL7CpArl5ypxcGkT5j6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/6msdYz2QgNLLejIXyLUALsznzhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abb885-a794-4bd5-861e-8961c7a3bbab/1/lIlI8N1eL7CpArl5ypxcGkT5j6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1298::/48
Signature Algorithm: sha256WithRSAEncryption
89:95:2c:38:0f:99:78:2d:83:03:f2:09:c7:47:5d:d8:b0:d5:
18:ab:d4:92:ad:01:6b:61:71:1f:ec:e1:0d:45:7b:ee:72:2c:
e4:9a:87:44:6b:79:8e:da:38:ee:ff:24:1d:57:9f:0d:4a:fe:
6a:b9:fd:ec:68:e1:de:8e:2f:77:ed:b7:a3:fe:a6:1e:1b:fc:
12:e1:f6:93:44:95:82:15:dd:11:29:aa:ef:59:eb:a8:59:4b:
36:6f:28:f1:05:5c:85:22:a1:a2:7c:22:63:48:29:3c:45:22:
91:08:b8:39:c3:61:e8:73:62:4f:c6:73:4d:61:2e:94:3a:1f:
ea:24:0a:86:0c:eb:85:bd:fb:70:95:f3:6c:d9:c7:8d:32:5a:
82:ac:6c:b4:2a:a6:24:a6:87:52:83:64:19:11:61:e5:92:32:
a5:8c:d1:fc:cf:87:48:42:34:a4:bf:60:81:46:09:e1:d5:12:
60:36:38:79:c2:47:b4:d8:72:b0:08:4d:3d:07:cf:28:26:a7:
91:f0:e0:a5:15:4e:4e:ab:13:47:95:8d:a9:a5:b9:2f:c0:d8:
79:14:5d:04:34:a0:59:fe:e9:07:f4:cd:a7:1f:f6:23:a0:a9:
b5:59:fd:29:e7:e9:eb:e6:6e:b2:c6:81:c0:21:78:ad:12:a2:
8d:86:dd:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVruAKsu/F3zCPA/xEfDkPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODk0OGYwZGQ1ZTJmYjBhOTAyYjk3OWNhOWM1YzFhNDRm
OThmYTEwHhcNMjMwMTAxMDUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTZiMWQ2MzNkOTA4MGQyY2I3YTMyMTdjOGI1MDAyZWNjZTdjZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsCAeGYrKZ8vHYDH2odHHo+dsfI9
7gFGi2HmxAFR7x4k2HGMW//sCL5lkhODeNGDSoNmUjwvfJRDVAFpEeg3Z1LwR77M
kbARN6rJ4jtY1MaN5IK6nkWIFmnBqTJ1zNKuPMCGevNWNjy1SEWJgthu+17F2Ld8
w+ho8PQNK+wTj8orUWns1QsTTZ12E8yCifWYmQcN2z8jlOM6T6jYiRT+kXkVjUmq
KSL22R5zUW3TOcdQVOWf15MJFJVadCRESJKR/0AyaUVYf6/N2TiI2Ym7pTvX7y+a
OvFfAmrd0wDLZkQ0Ev+OoY6S4iupOkHll1hyogfkNiNEUgZIn73A7Gt47QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOprHWM9kIDSy3oyF8i1AC7M584QMB8GA1UdIwQY
MBaAFJSJSPDdXi+wqQK5ecqcXBpE+Y+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElsSThOMWVMN0NwQXJsNXlweGNHa1Q1ajZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYmI4ODUtYTc5NC00YmQ1LTg2MWUt
ODk2MWM3YTNiYmFiLzEvNm1zZFl6MlFnTkxMZWpJWHlMVUFMc3puemhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYmI4ODUtYTc5NC00YmQ1LTg2MWUtODk2MWM3YTNiYmFi
LzEvbElsSThOMWVMN0NwQXJsNXlweGNHa1Q1ajZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBKY
MA0GCSqGSIb3DQEBCwUAA4IBAQCJlSw4D5l4LYMD8gnHR13YsNUYq9SSrQFrYXEf
7OENRXvucizkmodEa3mO2jju/yQdV58NSv5quf3saOHeji937bej/qYeG/wS4faT
RJWCFd0RKarvWeuoWUs2byjxBVyFIqGifCJjSCk8RSKRCLg5w2Hoc2JPxnNNYS6U
Oh/qJAqGDOuFvftwlfNs2ceNMlqCrGy0KqYkpodSg2QZEWHlkjKljNH8z4dIQjSk
v2CBRgnh1RJgNjh5wke02HKwCE09B88oJqeR8OClFU5OqxNHlY2ppbkvwNh5FF0E
NKBZ/ukH9M2nH/YjoKm1Wf0p5+nr5m6yxoHAIXitEqKNht0q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:44 2025 by rpki-client