Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/679b4d-fa3d-4993-a18a-63c9c84ec74f/1/RcIgEI9cHyp7oStWOUiaCdxbG-s.roa
File: RcIgEI9cHyp7oStWOUiaCdxbG-s.roa (raw, json)
Hash identifier: sCN1yhvvcP3ojGRbS6UJmdqrMxRc6RNKKI7krqywMM4=
Subject key identifier: 45:C2:20:10:8F:5C:1F:2A:7B:A1:2B:56:39:48:9A:09:DC:5B:1B:EB
Certificate issuer: /CN=f44024ade5e4802c0a2f61e6f80f4d22dc154853
Certificate serial: 01857295D28D93EA215F3D50E48247BCAD53
Authority key identifier: F4:40:24:AD:E5:E4:80:2C:0A:2F:61:E6:F8:0F:4D:22:DC:15:48:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EAkreXkgCwKL2Hm-A9NItwVSFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/679b4d-fa3d-4993-a18a-63c9c84ec74f/1/RcIgEI9cHyp7oStWOUiaCdxbG-s.roa
Signing time: Mon 02 Jan 2023 13:04:59 +0000
ROA not before: Mon 02 Jan 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212515
IP address blocks: 2001:678:e34::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d2:8d:93:ea:21:5f:3d:50:e4:82:47:bc:ad:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f44024ade5e4802c0a2f61e6f80f4d22dc154853
Validity
Not Before: Jan 2 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45c220108f5c1f2a7ba12b5639489a09dc5b1beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:50:b9:56:21:ea:61:8a:7c:06:fb:15:8f:35:
92:dd:b6:4c:01:d0:45:f9:d9:51:7f:73:ae:44:6f:
6a:38:ae:b4:a8:40:fa:a9:22:d7:0a:1e:23:bf:55:
1f:c4:cd:e4:7e:42:d7:d9:4c:a7:07:9b:54:01:99:
15:82:d5:86:57:a8:d1:af:a3:9e:4d:0f:05:71:0e:
3b:a4:ab:95:e9:bd:a2:74:fa:3a:ad:ac:1f:1e:43:
a1:59:61:ed:92:67:a6:d5:7b:d5:9e:46:44:30:00:
cc:31:6a:2a:9a:1c:2b:7b:f5:bd:f0:58:68:77:62:
a0:ad:a5:4c:3b:f7:9b:8e:52:58:4d:92:db:d0:cc:
21:5a:7d:4c:3b:f6:f9:d9:16:dc:56:37:9e:4b:9b:
8c:9b:0c:f8:f4:a9:30:88:8e:74:2f:5e:c3:7e:3d:
f6:e9:69:bb:f2:1c:ec:05:74:ef:e6:58:dd:d1:40:
36:9b:ce:4d:a9:7e:c4:82:46:a1:f3:e7:90:ea:4c:
7d:f8:35:60:81:9f:d9:ea:65:6c:7f:fe:b3:76:74:
7f:3e:7e:64:03:9a:96:d0:ee:8e:82:a8:86:06:3c:
f1:80:b9:ea:c3:eb:5c:2d:e6:cb:b6:37:26:92:6d:
1a:49:7b:c7:93:54:d9:f8:9e:06:53:c0:4a:e5:89:
f8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C2:20:10:8F:5C:1F:2A:7B:A1:2B:56:39:48:9A:09:DC:5B:1B:EB
X509v3 Authority Key Identifier:
keyid:F4:40:24:AD:E5:E4:80:2C:0A:2F:61:E6:F8:0F:4D:22:DC:15:48:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EAkreXkgCwKL2Hm-A9NItwVSFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/679b4d-fa3d-4993-a18a-63c9c84ec74f/1/RcIgEI9cHyp7oStWOUiaCdxbG-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/679b4d-fa3d-4993-a18a-63c9c84ec74f/1/9EAkreXkgCwKL2Hm-A9NItwVSFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e34::/48
Signature Algorithm: sha256WithRSAEncryption
27:82:db:59:f9:ea:f7:65:9e:82:53:d9:5a:6a:09:26:86:f9:
fe:a5:0e:a0:25:6d:4f:9c:d9:b0:c9:bf:75:aa:9b:bf:cc:3d:
5b:70:f5:ca:17:4f:c5:8d:3a:5a:a0:aa:37:e9:68:4e:2f:dd:
9f:c1:d0:2a:90:3e:2b:e3:5f:5b:7f:fb:56:e8:d5:13:1f:2b:
e8:60:a6:76:02:ba:2b:9b:68:09:5a:17:7b:0d:ac:00:02:97:
09:60:52:41:89:2d:a8:98:ee:8d:11:aa:a5:b8:05:45:fe:6a:
88:d0:1c:b4:91:f9:80:b3:ff:97:cb:6f:48:53:63:44:4d:cc:
fa:4a:3c:ea:cb:83:ed:cf:24:79:fd:89:61:4b:b0:5b:a3:49:
b6:1f:7e:8b:e3:b9:b8:a0:ed:5c:70:f8:d3:70:34:e3:9e:d0:
0e:30:b8:16:0b:52:4a:2f:f0:ef:c5:38:3b:79:4e:4e:d5:7c:
e0:31:07:72:8e:63:fd:98:8d:9e:2b:b1:19:81:ce:38:f4:25:
ea:df:57:8c:ac:30:25:5d:a4:5f:d2:ee:43:c9:6a:66:51:a4:
cc:2c:80:86:62:38:17:d0:01:8f:53:f0:3e:d5:61:cf:2e:0f:
53:0a:0c:8c:d5:6b:43:58:35:ba:7a:a5:ab:e9:61:ff:3d:45:
09:dd:d9:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyldKNk+ohXz1Q5IJHvK1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDAyNGFkZTVlNDgwMmMwYTJmNjFlNmY4MGY0ZDIyZGMx
NTQ4NTMwHhcNMjMwMTAyMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWMyMjAxMDhmNWMxZjJhN2JhMTJiNTYzOTQ4OWEwOWRjNWIxYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1C5ViHqYYp8BvsVjzWS3bZMAdBF
+dlRf3OuRG9qOK60qED6qSLXCh4jv1UfxM3kfkLX2UynB5tUAZkVgtWGV6jRr6Oe
TQ8FcQ47pKuV6b2idPo6rawfHkOhWWHtkmem1XvVnkZEMADMMWoqmhwre/W98Fho
d2KgraVMO/ebjlJYTZLb0MwhWn1MO/b52RbcVjeeS5uMmwz49KkwiI50L17Dfj32
6Wm78hzsBXTv5ljd0UA2m85NqX7Egkah8+eQ6kx9+DVggZ/Z6mVsf/6zdnR/Pn5k
A5qW0O6OgqiGBjzxgLnqw+tcLebLtjcmkm0aSXvHk1TZ+J4GU8BK5Yn4EQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEXCIBCPXB8qe6ErVjlImgncWxvrMB8GA1UdIwQY
MBaAFPRAJK3l5IAsCi9h5vgPTSLcFUhTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVBa3JlWGtnQ3dLTDJIbS1BOU5JdHdWU0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82NzliNGQtZmEzZC00OTkzLWExOGEt
NjNjOWM4NGVjNzRmLzEvUmNJZ0VJOWNIeXA3b1N0V09VaWFDZHhiRy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82NzliNGQtZmEzZC00OTkzLWExOGEtNjNjOWM4NGVjNzRm
LzEvOUVBa3JlWGtnQ3dLTDJIbS1BOU5JdHdWU0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA40
MA0GCSqGSIb3DQEBCwUAA4IBAQAngttZ+er3ZZ6CU9laagkmhvn+pQ6gJW1PnNmw
yb91qpu/zD1bcPXKF0/FjTpaoKo36WhOL92fwdAqkD4r419bf/tW6NUTHyvoYKZ2
Arorm2gJWhd7DawAApcJYFJBiS2omO6NEaqluAVF/mqI0By0kfmAs/+Xy29IU2NE
Tcz6Sjzqy4PtzyR5/YlhS7Bbo0m2H36L47m4oO1ccPjTcDTjntAOMLgWC1JKL/Dv
xTg7eU5O1XzgMQdyjmP9mI2eK7EZgc449CXq31eMrDAlXaRf0u5DyWpmUaTMLICG
YjgX0AGPU/A+1WHPLg9TCgyM1WtDWDW6eqWr6WH/PUUJ3dnj
-----END CERTIFICATE-----
Generated at Sun May 11 09:11:07 2025 by rpki-client