Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3gDCNGUcuV2usrUUquQL8gBWLgM.roa
File: 3gDCNGUcuV2usrUUquQL8gBWLgM.roa (raw, json)
Hash identifier: ZTFxXHxKRsnuoLZIYSsV7I7xhJ4fc3A4niQcni5AUrs=
Subject key identifier: DE:00:C2:34:65:1C:B9:5D:AE:B2:B5:14:AA:E4:0B:F2:00:56:2E:03
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0183748F8E6B22C4490412D537012F684B1C
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3gDCNGUcuV2usrUUquQL8gBWLgM.roa
Signing time: Sun 25 Sep 2022 12:11:48 +0000
ROA not before: Sun 25 Sep 2022 12:11:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41047
IP address blocks: 2a0e:a6c2::/32 maxlen: 32
2a0e:a6c1::/32 maxlen: 32
2a0e:a6c0::/32 maxlen: 32
2a0e:a6c3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:74:8f:8e:6b:22:c4:49:04:12:d5:37:01:2f:68:4b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Sep 25 12:11:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de00c234651cb95daeb2b514aae40bf200562e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:90:3d:3e:9f:25:f8:f3:ba:1d:60:0f:58:a9:
5f:a9:18:1e:79:43:36:7a:19:e8:38:ef:b8:ed:04:
4a:21:c6:1a:60:e2:82:50:e0:38:80:88:3b:dc:67:
2e:4a:58:57:4a:13:6f:13:eb:67:6a:de:a5:b4:16:
8e:fb:11:84:99:e7:8b:ef:d1:14:5c:93:9c:c1:a1:
5d:7f:69:14:8b:69:21:3d:05:db:bb:9a:ab:93:e6:
68:71:9f:4f:aa:9b:26:82:4a:bb:ec:17:25:c5:3d:
e2:2d:2c:6d:78:1d:80:63:14:34:d5:27:66:de:20:
3a:96:26:8c:3e:40:66:be:12:c0:85:a0:0e:09:a4:
34:0c:fe:1c:3a:93:c5:22:92:50:da:54:c5:48:14:
14:17:24:bd:8e:fb:67:e3:be:90:8d:d8:93:14:22:
e6:36:cf:4a:68:d3:d5:33:ae:85:5a:0c:65:b0:70:
c9:cf:95:ef:a3:51:1d:3f:34:b6:6f:9e:0a:a8:8f:
e4:63:e7:82:94:bf:2c:8c:e6:d1:20:88:4d:af:ca:
7e:5b:16:63:57:df:b3:65:3a:76:d7:2c:cb:c7:68:
95:f2:3e:e1:cb:40:ab:78:ad:4a:0a:f3:6a:3f:1e:
a1:76:a9:77:2c:9f:91:8f:7f:e2:f1:7c:05:53:bc:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:00:C2:34:65:1C:B9:5D:AE:B2:B5:14:AA:E4:0B:F2:00:56:2E:03
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/3gDCNGUcuV2usrUUquQL8gBWLgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a6c0::/30
Signature Algorithm: sha256WithRSAEncryption
a7:eb:9c:c8:4a:f6:34:76:e7:6d:48:6b:69:05:94:19:5e:e8:
87:c6:2b:03:9f:8d:05:21:ca:36:36:9e:61:58:27:84:23:2a:
ec:ba:c6:01:de:bd:1b:f6:f2:3a:19:6a:b0:8e:ce:04:56:df:
a3:df:8c:97:2c:ea:fc:94:3d:3a:d8:50:a3:c4:9d:50:ef:96:
e8:2c:0e:6f:37:77:47:79:43:9b:4c:b4:21:83:f2:df:8d:be:
0a:a7:7d:17:c3:48:3b:34:e0:af:b6:24:7e:fd:e1:74:d1:2f:
19:d4:5e:0b:df:bc:44:78:bf:08:fd:0b:f0:f7:41:2d:51:2e:
dd:d7:80:a0:53:72:b0:5e:98:2d:ca:26:52:76:8a:ed:48:84:
55:99:41:84:97:21:ee:e4:a8:7b:09:f0:0a:8b:1b:ef:8c:93:
d5:a5:4a:88:8f:19:00:0f:4b:60:23:b6:57:b5:2c:62:a0:20:
1e:50:81:67:68:91:eb:1c:eb:f6:3a:79:2f:ee:81:e5:d9:0a:
bf:8b:d8:4b:67:35:40:dd:45:64:bf:ae:a4:89:74:d2:62:43:
53:82:73:98:7c:75:00:27:42:c5:e4:fb:c2:fb:d1:00:a5:4a:
3f:e6:08:e6:1c:8c:94:5a:3f:89:f1:0d:ae:0b:ea:92:1c:3b:
fc:f3:b2:f5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYN0j45rIsRJBBLVNwEvaEscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIwOTI1MTIxMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAwYzIzNDY1MWNiOTVkYWViMmI1MTRhYWU0MGJmMjAwNTYyZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZA9Pp8l+PO6HWAPWKlfqRgeeUM2
ehnoOO+47QRKIcYaYOKCUOA4gIg73GcuSlhXShNvE+tnat6ltBaO+xGEmeeL79EU
XJOcwaFdf2kUi2khPQXbu5qrk+ZocZ9Pqpsmgkq77BclxT3iLSxteB2AYxQ01Sdm
3iA6liaMPkBmvhLAhaAOCaQ0DP4cOpPFIpJQ2lTFSBQUFyS9jvtn476QjdiTFCLm
Ns9KaNPVM66FWgxlsHDJz5Xvo1EdPzS2b54KqI/kY+eClL8sjObRIIhNr8p+WxZj
V9+zZTp21yzLx2iV8j7hy0CreK1KCvNqPx6hdql3LJ+Rj3/i8XwFU7w6VwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN4AwjRlHLldrrK1FKrkC/IAVi4DMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvM2dEQ05HVWN1VjJ1c3JVVXF1UUw4Z0JXTGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg6mwDAN
BgkqhkiG9w0BAQsFAAOCAQEAp+ucyEr2NHbnbUhraQWUGV7oh8YrA5+NBSHKNjae
YVgnhCMq7LrGAd69G/byOhlqsI7OBFbfo9+Mlyzq/JQ9OthQo8SdUO+W6CwObzd3
R3lDm0y0IYPy342+Cqd9F8NIOzTgr7Ykfv3hdNEvGdReC9+8RHi/CP0L8PdBLVEu
3deAoFNysF6YLcomUnaK7UiEVZlBhJch7uSoewnwCosb74yT1aVKiI8ZAA9LYCO2
V7UsYqAgHlCBZ2iR6xzr9jp5L+6B5dkKv4vYS2c1QN1FZL+upIl00mJDU4JzmHx1
ACdCxeT7wvvRAKVKP+YI5hyMlFo/ifENrgvqkhw7/POy9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org