Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/vVnWdxYxdiW6zdeVPw4f5cZk_Mo.roa
File: vVnWdxYxdiW6zdeVPw4f5cZk_Mo.roa (raw, json)
Hash identifier: Dg/i6uv5GfGISMz3FKH1WnVZd1bwpAOZ1KyxP5ZbzKw=
Subject key identifier: BD:59:D6:77:16:31:76:25:BA:CD:D7:95:3F:0E:1F:E5:C6:64:FC:CA
Certificate issuer: /CN=69d5d452a8ed535287feb36514bc87c022355a43
Certificate serial: 01857070655E45EFD2998B1E6976DEF65E23
Authority key identifier: 69:D5:D4:52:A8:ED:53:52:87:FE:B3:65:14:BC:87:C0:22:35:5A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adXUUqjtU1KH_rNlFLyHwCI1WkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/vVnWdxYxdiW6zdeVPw4f5cZk_Mo.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35332
IP address blocks: 2001:678:880::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:65:5e:45:ef:d2:99:8b:1e:69:76:de:f6:5e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d5d452a8ed535287feb36514bc87c022355a43
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd59d67716317625bacdd7953f0e1fe5c664fcca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:57:43:59:93:e7:94:55:3f:e4:26:31:d6:
1f:68:a1:ea:39:7f:93:da:9d:1b:a9:b6:58:fc:cb:
52:62:7f:67:9b:b3:2e:ea:2e:39:34:21:5c:61:e6:
60:a0:89:06:0f:45:f2:65:28:bf:19:8b:c1:5a:6e:
f4:56:46:15:49:74:eb:c7:2b:d6:80:d2:68:8c:c7:
75:25:32:3d:dd:19:18:42:88:8a:78:f7:cd:8e:76:
17:dd:31:28:76:21:e2:e4:8c:f5:ca:86:d5:5d:a9:
a0:20:d2:0c:41:e7:3d:a6:54:66:73:45:4e:85:2a:
f7:03:61:e2:76:85:ed:c1:19:cc:fa:d8:0d:a9:b2:
fe:b8:93:ef:13:51:c2:e0:42:e5:72:90:41:77:7e:
1f:93:b6:2c:d9:92:73:d0:8e:58:02:73:35:cf:eb:
00:67:b9:27:b5:05:f2:ef:bc:36:55:a5:4c:d3:fd:
ad:a4:ac:da:db:0d:41:be:37:fa:96:78:a4:4b:45:
3c:b9:f0:dc:3c:11:bf:37:b4:33:70:92:23:a8:22:
94:5b:6b:87:38:bd:91:39:35:93:c2:79:cd:d7:60:
a4:ee:d5:b9:bd:c7:d4:12:c0:9a:42:3d:70:b6:3d:
3f:ae:82:f7:88:8f:ed:33:32:ac:99:8c:30:13:b4:
86:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:59:D6:77:16:31:76:25:BA:CD:D7:95:3F:0E:1F:E5:C6:64:FC:CA
X509v3 Authority Key Identifier:
keyid:69:D5:D4:52:A8:ED:53:52:87:FE:B3:65:14:BC:87:C0:22:35:5A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adXUUqjtU1KH_rNlFLyHwCI1WkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/vVnWdxYxdiW6zdeVPw4f5cZk_Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/adXUUqjtU1KH_rNlFLyHwCI1WkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:880::/48
Signature Algorithm: sha256WithRSAEncryption
2a:40:b7:8f:50:fb:ca:0c:f3:f2:62:a8:94:75:5b:6c:e6:71:
4e:42:bd:23:04:5d:10:ac:55:c9:05:53:07:e1:63:46:d6:1d:
e4:d0:b3:f0:a6:e8:bb:91:79:2b:61:2d:c3:f8:4a:86:d1:9f:
55:f7:84:ef:39:fd:22:f6:0b:e5:0d:57:b1:71:d2:02:26:b8:
46:a3:c8:21:7c:16:fb:29:e8:0e:e3:8c:86:1e:dd:99:32:2a:
9b:e4:f7:12:26:6b:fd:a0:52:9a:96:01:de:e2:91:7f:c6:ed:
ff:f1:8d:99:75:ee:da:df:e8:a4:e6:74:98:e9:b9:39:3c:25:
12:1c:a3:ce:e3:87:68:59:3d:f3:50:24:92:80:e2:9f:c3:e1:
61:c0:13:f5:24:17:7f:f2:30:45:2c:b9:3a:11:76:db:65:6c:
61:dd:b6:c7:fa:b1:e4:b6:35:59:27:25:41:25:44:f2:07:a7:
70:69:d2:9c:e1:c7:cd:81:15:af:51:b3:44:b1:78:07:ab:94:
cc:89:d9:4d:c1:39:61:7a:ed:8c:b8:c7:49:34:f4:c2:0b:8f:
c0:1a:c8:5f:30:b6:ba:83:33:58:d0:f6:e5:3d:0c:66:4d:4c:
cc:09:ae:65:3f:f1:96:a4:cc:6d:20:04:09:71:1c:3b:e7:49:
69:3c:51:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwcGVeRe/SmYseaXbe9l4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDVkNDUyYThlZDUzNTI4N2ZlYjM2NTE0YmM4N2MwMjIz
NTVhNDMwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDU5ZDY3NzE2MzE3NjI1YmFjZGQ3OTUzZjBlMWZlNWM2NjRmY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiApXQ1mT55RVP+QmMdYfaKHqOX+T
2p0bqbZY/MtSYn9nm7Mu6i45NCFcYeZgoIkGD0XyZSi/GYvBWm70VkYVSXTrxyvW
gNJojMd1JTI93RkYQoiKePfNjnYX3TEodiHi5Iz1yobVXamgINIMQec9plRmc0VO
hSr3A2HidoXtwRnM+tgNqbL+uJPvE1HC4ELlcpBBd34fk7Ys2ZJz0I5YAnM1z+sA
Z7kntQXy77w2VaVM0/2tpKza2w1Bvjf6lnikS0U8ufDcPBG/N7QzcJIjqCKUW2uH
OL2ROTWTwnnN12Ck7tW5vcfUEsCaQj1wtj0/roL3iI/tMzKsmYwwE7SGnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL1Z1ncWMXYlus3XlT8OH+XGZPzKMB8GA1UdIwQY
MBaAFGnV1FKo7VNSh/6zZRS8h8AiNVpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRYVVVxanRVMUtIX3JObEZMeUh3Q0kxV2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84ZTg4YTctMDIzMi00MDU1LWE1Y2Yt
ZGQ5NDQzNTc5ZWQ1LzEvdlZuV2R4WXhkaVc2emRlVlB3NGY1Y1prX01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84ZTg4YTctMDIzMi00MDU1LWE1Y2YtZGQ5NDQzNTc5ZWQ1
LzEvYWRYVVVxanRVMUtIX3JObEZMeUh3Q0kxV2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAqQLePUPvKDPPyYqiUdVts5nFOQr0jBF0QrFXJ
BVMH4WNG1h3k0LPwpui7kXkrYS3D+EqG0Z9V94TvOf0i9gvlDVexcdICJrhGo8gh
fBb7KegO44yGHt2ZMiqb5PcSJmv9oFKalgHe4pF/xu3/8Y2Zde7a3+ik5nSY6bk5
PCUSHKPO44doWT3zUCSSgOKfw+FhwBP1JBd/8jBFLLk6EXbbZWxh3bbH+rHktjVZ
JyVBJUTyB6dwadKc4cfNgRWvUbNEsXgHq5TMidlNwTlheu2MuMdJNPTCC4/AGshf
MLa6gzNY0PblPQxmTUzMCa5lP/GWpMxtIAQJcRw750lpPFEy
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:32:21 2025 by rpki-client