Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/3PyXcwgE49yZmBjJYc3JyCxSTdk.roa
File: 3PyXcwgE49yZmBjJYc3JyCxSTdk.roa (raw, json)
Hash identifier: kwj1T69P91igMkbC4TeBxWSQcdzrJ19wTx08/oUCJMI=
Subject key identifier: DC:FC:97:73:08:04:E3:DC:99:98:18:C9:61:CD:C9:C8:2C:52:4D:D9
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 0E3A0CBC
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/3PyXcwgE49yZmBjJYc3JyCxSTdk.roa
Signing time: Sat 01 Jan 2022 10:05:54 +0000
ROA not before: Sat 01 Jan 2022 10:05:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34420
IP address blocks: 2a0b:8bc7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238685372 (0xe3a0cbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Jan 1 10:05:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcfc97730804e3dc999818c961cdc9c82c524dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:9c:9d:78:e5:18:5b:8f:8f:6f:45:b8:81:
95:03:b1:8d:42:87:99:0b:8b:b1:c1:df:fb:47:db:
5e:98:65:b0:be:6e:b8:24:42:2a:24:e3:e1:51:19:
2b:0d:99:73:9b:5b:78:3b:c0:23:a7:25:08:11:1f:
cf:1a:35:1e:de:43:02:6a:4a:2d:5f:16:25:3d:61:
c9:75:fd:d0:0a:d5:9e:e7:72:95:77:c8:50:12:f2:
d9:eb:1a:5e:a8:60:a1:2a:34:25:cd:58:5b:0a:a0:
55:36:23:ee:55:bf:61:fc:30:6d:a6:8f:21:c1:93:
8c:d1:3b:83:ff:48:29:71:96:f9:3c:71:5d:e1:32:
2b:03:99:df:94:9d:a3:61:e2:27:62:76:51:60:55:
bd:06:e9:28:51:78:4d:ea:87:57:df:36:ca:88:e8:
3f:c1:44:66:55:b8:c9:3e:e2:3e:68:25:7d:03:6c:
e4:45:b5:0f:f5:e2:c9:64:21:44:90:2e:5b:30:8b:
a1:6e:90:61:7f:19:1d:c5:60:42:d7:b6:e2:d9:6b:
3f:11:dd:78:f6:b1:c4:38:a1:aa:08:77:cb:d4:4d:
52:d1:40:85:3c:d6:32:98:17:b5:30:69:cb:ce:27:
34:df:2e:01:b2:0b:09:07:39:1f:9d:81:94:f7:8c:
de:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FC:97:73:08:04:E3:DC:99:98:18:C9:61:CD:C9:C8:2C:52:4D:D9
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/3PyXcwgE49yZmBjJYc3JyCxSTdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8bc7::/32
Signature Algorithm: sha256WithRSAEncryption
83:f5:10:60:21:ce:b1:e2:c0:35:ff:2f:15:c3:f6:39:73:e5:
84:d3:32:a5:29:13:2c:0a:10:81:67:fd:6a:76:4f:dc:4d:31:
40:db:ba:3c:4e:4b:99:a6:c5:42:8f:35:4e:b4:7e:e6:60:50:
5b:5b:5f:2c:43:47:2f:c3:c8:53:16:3b:56:73:31:31:0a:64:
bb:ea:57:7b:6e:97:42:43:74:fe:78:44:f5:43:fe:2e:46:30:
94:99:4c:16:1c:86:66:ae:3f:54:6c:c7:f7:60:d7:6a:b4:4b:
8f:b6:43:e4:68:d4:82:8d:fd:fd:b4:68:85:dd:9a:8e:32:1e:
6e:a7:21:bc:51:77:8e:15:f7:a0:6e:51:e1:ce:ea:a3:ff:5c:
47:e0:95:ab:1c:b5:43:71:15:71:e0:07:3d:8a:8b:e3:a2:f5:
73:80:bd:58:9e:12:a4:44:93:f7:70:a1:37:f6:78:b7:0e:1e:
c6:9c:3a:be:9d:d9:da:a2:24:7d:af:35:74:7c:18:0e:31:7b:
05:53:ec:ae:3c:5c:14:f5:13:93:24:0b:14:7f:72:2e:e6:02:
64:f5:2f:d8:9f:93:f4:1e:39:75:ca:9e:f4:cd:8d:01:73:c8:
13:6f:87:08:d7:60:6c:91:40:59:94:85:b0:d6:29:35:56:ac:
db:d2:65:75
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDjoMvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTcyNTJlYmJiMzM0ODRhZGNlYzc0MDVhZGVhNGRlMDhhMGFmYjA0MB4XDTIyMDEw
MTEwMDU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNmYzk3NzMwODA0
ZTNkYzk5OTgxOGM5NjFjZGM5YzgyYzUyNGRkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5nnJ145Rhbj49vRbiBlQOxjUKHmQuLscHf+0fbXphlsL5u
uCRCKiTj4VEZKw2Zc5tbeDvAI6clCBEfzxo1Ht5DAmpKLV8WJT1hyXX90ArVnudy
lXfIUBLy2esaXqhgoSo0Jc1YWwqgVTYj7lW/YfwwbaaPIcGTjNE7g/9IKXGW+Txx
XeEyKwOZ35Sdo2HiJ2J2UWBVvQbpKFF4TeqHV982yojoP8FEZlW4yT7iPmglfQNs
5EW1D/XiyWQhRJAuWzCLoW6QYX8ZHcVgQte24tlrPxHdePaxxDihqgh3y9RNUtFA
hTzWMpgXtTBpy84nNN8uAbILCQc5H52BlPeM3h8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTc/JdzCATj3JmYGMlhzcnILFJN2TAfBgNVHSMEGDAWgBRhclLruzNIStzs
dAWt6k3gigr7BDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lYSlM2N3N6U0VyYzdIUUZyZXBONElvSy13US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMzdhOTNiLTg3YjUtNDk5NS05ZThjLTY2MzVkZWJjMzk1Yy8x
LzNQeVhjd2dFNDl5Wm1CakpZYzNKeUN4U1Rkay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MzdhOTNiLTg3YjUtNDk5NS05ZThjLTY2MzVkZWJjMzk1Yy8xL1lYSlM2N3N6U0Vy
YzdIUUZyZXBONElvSy13US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoLi8cwDQYJKoZIhvcNAQELBQAD
ggEBAIP1EGAhzrHiwDX/LxXD9jlz5YTTMqUpEywKEIFn/Wp2T9xNMUDbujxOS5mm
xUKPNU60fuZgUFtbXyxDRy/DyFMWO1ZzMTEKZLvqV3tul0JDdP54RPVD/i5GMJSZ
TBYchmauP1Rsx/dg12q0S4+2Q+Ro1IKN/f20aIXdmo4yHm6nIbxRd44V96BuUeHO
6qP/XEfglasctUNxFXHgBz2Ki+Oi9XOAvVieEqREk/dwoTf2eLcOHsacOr6d2dqi
JH2vNXR8GA4xewVT7K48XBT1E5MkCxR/ci7mAmT1L9ifk/QeOXXKnvTNjQFzyBNv
hwjXYGyRQFmUhbDWKTVWrNvSZXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org