Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/XyChDuGJ9VQ4qvDllv3qxXo6K8c.roa
File: XyChDuGJ9VQ4qvDllv3qxXo6K8c.roa (raw, json)
Hash identifier: 2n5qVCSzx1NAejgIkiMwV+pA9nGAco76d0fozdQWd78=
Subject key identifier: 5F:20:A1:0E:E1:89:F5:54:38:AA:F0:E5:96:FD:EA:C5:7A:3A:2B:C7
Certificate issuer: /CN=d71fbe3820f6f18ea1b3336da9f072b8fd2a0df2
Certificate serial: 0500B18A
Authority key identifier: D7:1F:BE:38:20:F6:F1:8E:A1:B3:33:6D:A9:F0:72:B8:FD:2A:0D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1x--OCD28Y6hszNtqfByuP0qDfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/XyChDuGJ9VQ4qvDllv3qxXo6K8c.roa
Signing time: Sat 01 Jan 2022 00:53:17 +0000
ROA not before: Sat 01 Jan 2022 00:53:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213199
IP address blocks: 2001:67c:285c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83931530 (0x500b18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d71fbe3820f6f18ea1b3336da9f072b8fd2a0df2
Validity
Not Before: Jan 1 00:53:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f20a10ee189f55438aaf0e596fdeac57a3a2bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:cc:70:b4:7a:70:f5:ba:ed:e6:eb:8a:81:
20:dc:aa:15:c2:13:a7:62:f8:e1:9d:c1:98:a9:16:
30:7f:af:db:92:61:f5:7e:30:88:64:0b:77:14:c7:
e9:15:1b:0a:b9:64:f5:1e:38:9c:29:66:16:d5:bc:
98:a6:57:28:cb:4a:d5:1a:2e:16:76:6f:d6:cf:cf:
21:40:eb:7e:5b:28:3a:e9:fb:96:14:4d:7a:3e:2d:
6f:47:12:4d:15:b6:8d:c1:df:7a:88:63:2d:ed:6d:
cc:a4:67:af:9b:4c:b5:ee:be:07:05:3d:6a:70:c0:
e1:50:4a:0a:bc:98:29:7b:28:a4:8c:72:d3:60:47:
b8:54:4c:94:25:be:c9:26:bb:3b:5d:ed:cd:18:19:
59:34:32:20:a3:45:bb:88:1a:7d:33:f8:10:9d:86:
e4:07:f0:77:0d:f7:cc:f8:20:e6:d5:d6:eb:ad:d7:
bb:b0:d7:4f:34:8c:e0:dc:d5:c9:11:f9:65:f2:64:
11:21:8b:6c:a9:f5:6c:bf:4e:80:2e:a6:50:cd:9c:
44:11:9d:7c:ec:4e:da:d1:2c:fe:1e:a2:95:1c:d2:
3a:10:2d:1a:79:05:0b:2d:c0:4f:aa:56:03:71:95:
25:cf:27:83:cb:53:87:b4:0c:4a:68:c6:a9:b6:a0:
de:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:20:A1:0E:E1:89:F5:54:38:AA:F0:E5:96:FD:EA:C5:7A:3A:2B:C7
X509v3 Authority Key Identifier:
keyid:D7:1F:BE:38:20:F6:F1:8E:A1:B3:33:6D:A9:F0:72:B8:FD:2A:0D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1x--OCD28Y6hszNtqfByuP0qDfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/XyChDuGJ9VQ4qvDllv3qxXo6K8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/1x--OCD28Y6hszNtqfByuP0qDfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:285c::/48
Signature Algorithm: sha256WithRSAEncryption
56:5e:89:71:32:99:48:f8:98:7c:20:49:0b:30:a0:ed:6f:15:
0b:92:0a:8b:44:88:53:61:6e:96:dd:6a:61:2d:90:fb:92:18:
a2:b8:43:03:f8:a2:b4:e4:c3:c1:f5:31:2b:26:12:c4:dd:0f:
03:55:44:07:da:a0:64:a9:1f:04:ea:f4:4a:e1:ff:3a:df:7c:
08:32:9a:a1:b2:de:6e:dc:3b:3e:ae:70:04:eb:7b:d0:7c:67:
84:bb:12:a2:bc:ef:25:f0:37:0f:a8:79:55:c9:ba:10:86:8f:
8e:20:1f:d7:55:0b:d9:ec:fb:74:da:f8:d4:de:4f:8a:b3:58:
3d:5d:6e:6b:ad:37:d6:6b:22:15:89:de:18:b7:e5:fd:84:04:
fa:a7:d9:53:93:16:82:9d:56:4b:c8:4a:1b:58:5d:12:53:e7:
b5:8e:2a:a9:5c:5e:81:01:03:f0:9e:88:dc:30:64:85:c3:8b:
d6:a5:34:94:1f:c5:51:ac:53:0b:fb:2e:99:f5:e3:06:f2:65:
ca:34:a4:8e:0a:e1:be:45:f9:b1:9d:66:f9:ce:b1:23:3c:ec:
3f:72:61:0a:46:cd:d6:83:f0:e9:3d:f7:f7:97:3f:cb:a6:c4:
03:9c:f8:83:04:38:f2:78:65:4b:bb:20:73:6a:a9:03:9c:6b:
4f:79:b3:3c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBQCxijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzFmYmUzODIwZjZmMThlYTFiMzMzNmRhOWYwNzJiOGZkMmEwZGYyMB4XDTIyMDEw
MTAwNTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYyMGExMGVlMTg5
ZjU1NDM4YWFmMGU1OTZmZGVhYzU3YTNhMmJjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbmzHC0enD1uu3m64qBINyqFcITp2L44Z3BmKkWMH+v25Jh
9X4wiGQLdxTH6RUbCrlk9R44nClmFtW8mKZXKMtK1RouFnZv1s/PIUDrflsoOun7
lhRNej4tb0cSTRW2jcHfeohjLe1tzKRnr5tMte6+BwU9anDA4VBKCryYKXsopIxy
02BHuFRMlCW+ySa7O13tzRgZWTQyIKNFu4gafTP4EJ2G5Afwdw33zPgg5tXW663X
u7DXTzSM4NzVyRH5ZfJkESGLbKn1bL9OgC6mUM2cRBGdfOxO2tEs/h6ilRzSOhAt
GnkFCy3AT6pWA3GVJc8ng8tTh7QMSmjGqbag3g8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRfIKEO4Yn1VDiq8OWW/erFejorxzAfBgNVHSMEGDAWgBTXH744IPbxjqGz
M22p8HK4/SoN8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF4LS1PQ0QyOFk2aHN6TnRxZkJ5dVAwcURmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMmYzOTA0LTM4OTgtNDJlZC04ZjQwLTk3MzQ1Y2ExN2Q3Zi8x
L1h5Q2hEdUdKOVZRNHF2RGxsdjNxeFhvNks4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MmYzOTA0LTM4OTgtNDJlZC04ZjQwLTk3MzQ1Y2ExN2Q3Zi8xLzF4LS1PQ0QyOFk2
aHN6TnRxZkJ5dVAwcURmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwoXDANBgkqhkiG9w0BAQsF
AAOCAQEAVl6JcTKZSPiYfCBJCzCg7W8VC5IKi0SIU2Fult1qYS2Q+5IYorhDA/ii
tOTDwfUxKyYSxN0PA1VEB9qgZKkfBOr0SuH/Ot98CDKaobLebtw7Pq5wBOt70Hxn
hLsSorzvJfA3D6h5Vcm6EIaPjiAf11UL2ez7dNr41N5PirNYPV1ua6031msiFYne
GLfl/YQE+qfZU5MWgp1WS8hKG1hdElPntY4qqVxegQED8J6I3DBkhcOL1qU0lB/F
UaxTC/sumfXjBvJlyjSkjgrhvkX5sZ1m+c6xIzzsP3JhCkbN1oPw6T3395c/y6bE
A5z4gwQ48nhlS7sgc2qpA5xrT3mzPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org