Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/5vecRqN-TgJl2isyZG0gOpldy2k.roa
File: 5vecRqN-TgJl2isyZG0gOpldy2k.roa (raw, json)
Hash identifier: DI4mTUCw2f/Cwbs/ajwEu5An7NwmYtVUD9rGXv2gbBE=
Subject key identifier: E6:F7:9C:46:A3:7E:4E:02:65:DA:2B:32:64:6D:20:3A:99:5D:CB:69
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 33D6A06A
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/5vecRqN-TgJl2isyZG0gOpldy2k.roa
Signing time: Sat 01 Jan 2022 04:55:29 +0000
ROA not before: Sat 01 Jan 2022 04:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1967
IP address blocks: 2001:a98:30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869703786 (0x33d6a06a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6f79c46a37e4e0265da2b32646d203a995dcb69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:86:e5:64:e7:56:57:f3:bf:93:77:f6:a4:
e8:56:73:72:37:66:28:50:10:c9:2c:26:ee:9a:67:
d8:33:a3:f0:08:2d:95:72:1b:db:18:ed:82:0c:fb:
91:e0:db:ff:47:64:f8:8a:65:69:91:10:44:9f:01:
19:9c:4d:5d:f8:b7:d1:17:e0:45:18:73:82:74:4c:
ac:4f:a2:ce:cf:61:6c:e6:65:4f:3a:ae:5e:ec:65:
12:1a:6f:1c:cf:00:76:92:4a:b2:78:67:21:c7:c8:
b9:e0:51:52:c5:75:19:e7:1d:c7:1f:90:92:90:ed:
8b:97:6c:a2:7f:05:6f:2a:ab:f1:27:4b:b8:eb:93:
80:1c:f6:0a:f4:a5:7f:bb:8f:e5:98:45:84:49:7e:
4a:99:23:88:a0:82:e7:df:0c:b9:9d:cd:5b:7b:18:
77:35:2d:fe:96:a4:93:46:4f:c7:4c:f3:e4:28:d8:
c2:47:9b:62:29:90:9f:3d:3a:23:a2:99:4a:59:8c:
7c:72:58:c4:f4:f1:e7:c7:b1:59:f3:56:6b:b1:98:
07:b8:90:d3:3d:ed:be:a1:72:85:50:43:2f:92:4e:
48:3d:e6:a2:71:75:a9:4a:91:15:40:c0:c1:0c:37:
fe:df:9a:69:fd:ea:fa:d4:10:1d:94:96:42:3b:f4:
c8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F7:9C:46:A3:7E:4E:02:65:DA:2B:32:64:6D:20:3A:99:5D:CB:69
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/5vecRqN-TgJl2isyZG0gOpldy2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:a98:30::/48
Signature Algorithm: sha256WithRSAEncryption
52:42:c0:9c:71:b2:b7:99:24:93:77:dd:3f:d9:79:bd:ef:46:
6a:67:3e:be:9b:c8:90:89:d6:27:d1:49:65:f5:27:1e:cf:d8:
1a:1f:9c:60:3e:40:e9:0e:60:bc:65:88:6a:5c:be:6c:1f:d0:
37:b5:bb:a8:8f:91:c9:cf:48:46:76:a2:bf:ec:28:fd:90:0d:
33:f8:1c:94:a4:53:a4:b6:a0:54:56:74:49:21:fc:97:d9:23:
19:09:d3:f9:f3:e4:b8:e2:11:1d:31:18:41:fd:19:3d:bb:cb:
b4:50:68:ee:72:e1:35:ab:b1:3f:3c:6d:44:7e:94:c0:ae:d1:
b1:53:a4:5e:4d:1b:af:8f:c1:05:5b:18:cb:7a:0f:59:95:2b:
f1:75:36:49:c9:b8:a1:ea:31:2f:0d:84:dd:d5:fc:26:a2:e0:
dd:87:5f:8a:02:d4:88:5b:42:e5:05:fa:75:3b:fa:0c:fe:64:
db:a4:0c:08:a2:12:f9:8e:7c:fe:ab:6c:22:82:23:6f:93:31:
ee:83:78:0a:8b:d8:ed:5c:c6:ee:df:97:b9:be:3d:43:f4:ed:
31:fd:0e:fa:ea:ca:bc:79:26:c7:f2:49:b9:f6:e3:a0:00:2c:
62:c2:d3:2c:da:3b:c6:43:32:ae:f8:ef:b4:b6:89:92:20:32:
d8:2b:59:81
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEM9agajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzUxOGQxODA5MjNhN2YzYzAwNjUzZWMxMmJjNzAyYjk1YWFiOTA3MB4XDTIyMDEw
MTA0NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZmNzljNDZhMzdl
NGUwMjY1ZGEyYjMyNjQ2ZDIwM2E5OTVkY2I2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoQhuVk51ZX87+Td/ak6FZzcjdmKFAQySwm7ppn2DOj8Agt
lXIb2xjtggz7keDb/0dk+IplaZEQRJ8BGZxNXfi30RfgRRhzgnRMrE+izs9hbOZl
TzquXuxlEhpvHM8AdpJKsnhnIcfIueBRUsV1Gecdxx+QkpDti5dson8Fbyqr8SdL
uOuTgBz2CvSlf7uP5ZhFhEl+SpkjiKCC598MuZ3NW3sYdzUt/pakk0ZPx0zz5CjY
wkebYimQnz06I6KZSlmMfHJYxPTx58exWfNWa7GYB7iQ0z3tvqFyhVBDL5JOSD3m
onF1qUqRFUDAwQw3/t+aaf3q+tQQHZSWQjv0yIcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTm95xGo35OAmXaKzJkbSA6mV3LaTAfBgNVHSMEGDAWgBQ3UY0YCSOn88AG
U+wSvHArlaq5BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04xR05HQWtqcF9QQUJsUHNFcnh3SzVXcXVRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8x
LzV2ZWNScU4tVGdKbDJpc3laRzBnT3BsZHkyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8xL04xR05HQWtqcF9Q
QUJsUHNFcnh3SzVXcXVRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABCpgAMDANBgkqhkiG9w0BAQsF
AAOCAQEAUkLAnHGyt5kkk3fdP9l5ve9Gamc+vpvIkInWJ9FJZfUnHs/YGh+cYD5A
6Q5gvGWIaly+bB/QN7W7qI+Ryc9IRnaiv+wo/ZANM/gclKRTpLagVFZ0SSH8l9kj
GQnT+fPkuOIRHTEYQf0ZPbvLtFBo7nLhNauxPzxtRH6UwK7RsVOkXk0br4/BBVsY
y3oPWZUr8XU2Scm4oeoxLw2E3dX8JqLg3YdfigLUiFtC5QX6dTv6DP5k26QMCKIS
+Y58/qtsIoIjb5Mx7oN4CovY7VzG7t+Xub49Q/TtMf0O+urKvHkmx/JJufbjoAAs
YsLTLNo7xkMyrvjvtLaJkiAy2CtZgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:39 2024 by rpki-client on console-fra.rpki-client.org