Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HDa4vdegGHbs0jr3GkgGK-fo1u0.roa
File: HDa4vdegGHbs0jr3GkgGK-fo1u0.roa (raw, json)
Hash identifier: 7RsVfP+bLtDb261b8+NAE9UXxrBK4cClzVqlZe8yp9M=
Subject key identifier: 1C:36:B8:BD:D7:A0:18:76:EC:D2:3A:F7:1A:48:06:2B:E7:E8:D6:ED
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43487075
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HDa4vdegGHbs0jr3GkgGK-fo1u0.roa
Signing time: Sat 01 Jan 2022 07:59:55 +0000
ROA not before: Sat 01 Jan 2022 07:59:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43289
IP address blocks: 2a03:f80:373::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128820853 (0x43487075)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c36b8bdd7a01876ecd23af71a48062be7e8d6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:70:44:ae:44:b7:bd:ec:39:c8:aa:06:c3:
7f:3a:51:df:29:34:e4:6c:3f:c8:93:49:e2:9b:97:
5b:64:08:2c:d4:3b:c3:e4:fb:70:1e:e6:f6:51:6b:
8f:e2:1c:5d:5a:f5:d4:3e:ed:4b:53:a7:48:7f:4c:
d8:25:c8:fa:f4:5b:4b:57:4c:0f:9d:90:66:30:42:
8b:bb:6c:a4:8a:4a:05:a6:c5:1c:51:99:01:f7:3a:
63:f2:f6:ac:90:91:f0:36:77:4b:9c:1d:1e:09:65:
86:44:bf:e3:12:d8:b8:2b:b8:76:ed:92:f8:9c:42:
19:d9:8a:e5:54:8d:b5:5a:00:b2:ec:82:81:85:0a:
27:23:8a:d7:15:f1:53:38:43:24:93:dd:e7:b9:70:
b1:55:d3:6b:c2:64:33:9a:4e:9b:01:f2:9d:0f:d3:
67:8d:3a:74:23:1a:52:3a:d0:ca:ff:15:cb:d6:20:
68:bf:44:eb:f6:0a:cd:47:82:a2:52:d7:fd:d1:77:
bd:68:a1:ee:e3:15:c3:f6:a7:77:90:fb:bd:73:8e:
b7:7e:79:3b:73:ad:a4:33:b2:bc:f3:0b:30:9d:7d:
b0:24:12:ab:63:03:94:7d:fb:41:52:71:09:2b:e4:
56:b1:d4:51:3b:dd:d2:37:6a:a2:74:44:54:a6:42:
a7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:36:B8:BD:D7:A0:18:76:EC:D2:3A:F7:1A:48:06:2B:E7:E8:D6:ED
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HDa4vdegGHbs0jr3GkgGK-fo1u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:373::/48
Signature Algorithm: sha256WithRSAEncryption
ac:fc:36:99:a8:31:88:00:eb:ec:f2:97:47:c5:8a:08:7c:41:
86:06:cf:2c:5d:13:cb:bd:71:45:8a:7b:11:2f:d1:ea:fd:c9:
44:95:80:83:fd:85:c0:b2:71:76:ad:0e:64:54:bf:f1:6f:b1:
f1:0d:36:8e:65:2b:9d:4c:9e:0b:cf:91:b8:b9:04:57:f0:32:
c9:8c:2b:93:0c:4e:09:c7:58:ac:80:69:11:ea:79:83:e8:a6:
da:e2:86:2d:cc:35:3a:10:fe:2e:8a:e9:15:f2:79:f4:f8:cf:
be:53:e5:cd:30:fd:4b:a0:ac:f0:a0:27:a7:ad:75:b2:df:dc:
71:84:2e:19:ca:88:30:f7:36:b5:de:f3:98:d2:e3:d6:ec:dc:
42:f6:5f:5a:05:d8:82:03:6f:02:a3:5a:b6:5b:a1:db:38:49:
7a:a4:e4:54:aa:8f:dd:75:e6:19:4a:da:43:09:39:59:7e:18:
44:97:11:7d:0c:ab:fa:4d:f0:36:66:18:8c:21:37:f7:91:1c:
5c:02:90:78:76:a3:02:b9:90:0f:95:c0:9e:63:7f:92:79:68:
a1:56:3e:08:e0:d8:67:11:cc:5e:a3:90:52:45:69:82:0f:bf:
0a:b7:e9:1d:7f:4c:c2:c3:d4:80:b6:c5:a0:af:d7:06:9d:d3:
fc:5a:47:5f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ0hwdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMzNmI4YmRkN2Ew
MTg3NmVjZDIzYWY3MWE0ODA2MmJlN2U4ZDZlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzkcESuRLe97DnIqgbDfzpR3yk05Gw/yJNJ4puXW2QILNQ7
w+T7cB7m9lFrj+IcXVr11D7tS1OnSH9M2CXI+vRbS1dMD52QZjBCi7tspIpKBabF
HFGZAfc6Y/L2rJCR8DZ3S5wdHgllhkS/4xLYuCu4du2S+JxCGdmK5VSNtVoAsuyC
gYUKJyOK1xXxUzhDJJPd57lwsVXTa8JkM5pOmwHynQ/TZ406dCMaUjrQyv8Vy9Yg
aL9E6/YKzUeColLX/dF3vWih7uMVw/and5D7vXOOt355O3OtpDOyvPMLMJ19sCQS
q2MDlH37QVJxCSvkVrHUUTvd0jdqonREVKZCp/sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQcNri916AYduzSOvcaSAYr5+jW7TAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L0hEYTR2ZGVnR0hiczBqcjNHa2dHSy1mbzF1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4ADczANBgkqhkiG9w0BAQsF
AAOCAQEArPw2magxiADr7PKXR8WKCHxBhgbPLF0Ty71xRYp7ES/R6v3JRJWAg/2F
wLJxdq0OZFS/8W+x8Q02jmUrnUyeC8+RuLkEV/AyyYwrkwxOCcdYrIBpEep5g+im
2uKGLcw1OhD+LorpFfJ59PjPvlPlzTD9S6Cs8KAnp611st/ccYQuGcqIMPc2td7z
mNLj1uzcQvZfWgXYggNvAqNatluh2zhJeqTkVKqP3XXmGUraQwk5WX4YRJcRfQyr
+k3wNmYYjCE395EcXAKQeHajArmQD5XAnmN/knlooVY+CODYZxHMXqOQUkVpgg+/
CrfpHX9MwsPUgLbFoK/XBp3T/FpHXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org