Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/ZjVxA_drCATDBbXY7u1hm8pzUGQ.roa
File: ZjVxA_drCATDBbXY7u1hm8pzUGQ.roa (raw, json)
Hash identifier: O+VQpZ5VNjNDi7+Hcy5ndjxMxORQ6nOZpyskoDqX2lU=
Subject key identifier: 66:35:71:03:F7:6B:08:04:C3:05:B5:D8:EE:ED:61:9B:CA:73:50:64
Certificate issuer: /CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Certificate serial: 0EC44F15
Authority key identifier: 6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/ZjVxA_drCATDBbXY7u1hm8pzUGQ.roa
Signing time: Sat 01 Jan 2022 03:00:55 +0000
ROA not before: Sat 01 Jan 2022 03:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49745
IP address blocks: 2001:678:2b8::/48 maxlen: 48
2001:678:2b9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247746325 (0xec44f15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Validity
Not Before: Jan 1 03:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66357103f76b0804c305b5d8eeed619bca735064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:80:20:46:5f:ea:fa:7e:10:e9:37:d7:46:1a:
86:75:34:4d:ba:70:d8:3c:a9:58:82:d7:b3:e5:03:
8b:d1:90:bf:b5:51:0e:ae:09:0a:76:80:fb:d2:de:
cb:f0:a0:62:1b:13:e5:68:29:b2:53:9d:db:c3:4d:
03:21:d2:48:c6:33:6a:95:e2:91:3a:81:1f:7b:0b:
40:d2:22:fc:39:b5:d7:43:27:a9:6b:8f:0d:8f:80:
25:21:d0:c0:5d:25:78:ca:cf:5d:90:38:66:fe:7d:
3e:e6:d2:37:cb:13:73:05:9a:87:4a:a3:73:14:f5:
d0:8f:bd:7a:b9:f5:dc:79:a1:92:cd:a8:e8:9b:ee:
15:c1:5e:c5:ac:47:64:23:a9:dd:9c:93:83:7d:30:
d8:e6:97:78:72:82:30:ff:8f:bd:0c:3e:ac:e7:6d:
3c:13:ed:a8:b2:d8:16:a8:05:c5:5c:22:4b:0d:c8:
4d:6a:93:69:51:a8:09:48:9a:81:ed:36:7f:d0:cf:
5a:16:09:dd:f0:b3:4a:24:89:a0:29:46:9e:1c:b2:
6d:96:5a:54:e2:07:69:75:6d:34:74:5a:54:b6:23:
2d:2f:be:3b:af:5f:b3:6b:68:77:cc:54:17:5d:b9:
fe:ee:4e:f3:79:a2:2f:bb:a8:67:26:8d:55:1c:39:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:35:71:03:F7:6B:08:04:C3:05:B5:D8:EE:ED:61:9B:CA:73:50:64
X509v3 Authority Key Identifier:
keyid:6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/ZjVxA_drCATDBbXY7u1hm8pzUGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2b8::/47
Signature Algorithm: sha256WithRSAEncryption
68:09:9b:af:e0:f1:de:51:47:9e:b3:5a:d5:4f:a5:81:c0:4d:
69:0d:01:88:2c:72:49:0b:1e:6a:1d:61:90:07:4d:61:84:b6:
14:c8:97:45:85:d2:10:27:dc:71:21:a4:a3:f1:06:93:37:22:
b7:24:7a:32:a5:4b:a0:27:28:21:c9:20:a8:08:7e:02:a5:48:
49:c1:a3:54:15:54:89:55:b7:c3:e6:65:1f:7d:65:c5:82:88:
75:9f:76:c1:fd:70:0f:13:bb:1c:23:a6:93:d3:2b:ac:09:1d:
24:6f:53:0b:ec:40:6e:4d:4b:24:47:8d:3a:55:83:92:82:67:
0d:23:32:27:86:90:39:14:63:40:29:5d:b4:e2:71:9b:f8:50:
fb:05:79:49:d3:ed:29:62:59:22:b5:4d:c3:0d:c8:77:92:64:
d0:c1:50:81:fb:77:05:61:f5:43:00:38:ce:75:5c:1b:7c:22:
19:06:21:4b:b0:ba:62:d2:02:35:6a:a4:ef:58:03:57:c4:b4:
9b:16:6b:a9:32:5b:32:c0:aa:39:e2:9c:a0:ea:46:6d:8a:68:
af:27:9a:79:53:73:01:9f:a1:b2:bf:c5:30:61:77:b6:61:21:
30:31:11:63:e7:07:6c:dc:9f:37:cf:6b:ad:c6:71:f1:6d:10:
56:14:78:66
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDsRPFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjJjMGM2NmI2YjQ2MTJjODk0OTgwMGYwOTI5MWNhZmEzODY1ZmQzMB4XDTIyMDEw
MTAzMDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjYzNTcxMDNmNzZi
MDgwNGMzMDViNWQ4ZWVlZDYxOWJjYTczNTA2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiAIEZf6vp+EOk310YahnU0Tbpw2DypWILXs+UDi9GQv7VR
Dq4JCnaA+9Ley/CgYhsT5WgpslOd28NNAyHSSMYzapXikTqBH3sLQNIi/Dm110Mn
qWuPDY+AJSHQwF0leMrPXZA4Zv59PubSN8sTcwWah0qjcxT10I+9ern13Hmhks2o
6JvuFcFexaxHZCOp3ZyTg30w2OaXeHKCMP+PvQw+rOdtPBPtqLLYFqgFxVwiSw3I
TWqTaVGoCUiage02f9DPWhYJ3fCzSiSJoClGnhyybZZaVOIHaXVtNHRaVLYjLS++
O69fs2tod8xUF125/u5O83miL7uoZyaNVRw5DrcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRmNXED92sIBMMFtdju7WGbynNQZDAfBgNVHSMEGDAWgBRvLAxmtrRhLIlJ
gA8JKRyvo4Zf0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J5d01acmEwWVN5SlNZQVBDU2tjcjZPR1g5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvNGQ4YTc0LTYwYjgtNDEwZS1hYTM1LTM5MmE3NTI0NjRiMS8x
L1pqVnhBX2RyQ0FUREJiWFk3dTFobThwelVHUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
NGQ4YTc0LTYwYjgtNDEwZS1hYTM1LTM5MmE3NTI0NjRiMS8xL2J5d01acmEwWVN5
SlNZQVBDU2tjcjZPR1g5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABBngCuDANBgkqhkiG9w0BAQsF
AAOCAQEAaAmbr+Dx3lFHnrNa1U+lgcBNaQ0BiCxySQseah1hkAdNYYS2FMiXRYXS
ECfccSGko/EGkzcityR6MqVLoCcoIckgqAh+AqVIScGjVBVUiVW3w+ZlH31lxYKI
dZ92wf1wDxO7HCOmk9MrrAkdJG9TC+xAbk1LJEeNOlWDkoJnDSMyJ4aQORRjQCld
tOJxm/hQ+wV5SdPtKWJZIrVNww3Id5Jk0MFQgft3BWH1QwA4znVcG3wiGQYhS7C6
YtICNWqk71gDV8S0mxZrqTJbMsCqOeKcoOpGbYporyeaeVNzAZ+hsr/FMGF3tmEh
MDERY+cHbNyfN89rrcZx8W0QVhR4Zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org