Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/20qL2StbP5qtn33Ds42zfzHZeNc.roa
File: 20qL2StbP5qtn33Ds42zfzHZeNc.roa (raw, json)
Hash identifier: N/2llufQwBgXDFJFNg+XqF1p64pHdL5fqMgzsCMSLYQ=
Subject key identifier: DB:4A:8B:D9:2B:5B:3F:9A:AD:9F:7D:C3:B3:8D:B3:7F:31:D9:78:D7
Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Certificate serial: B9E1A2
Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/20qL2StbP5qtn33Ds42zfzHZeNc.roa
Signing time: Sun 13 Feb 2022 19:26:06 +0000
ROA not before: Sun 13 Feb 2022 19:26:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208529
IP address blocks: 2a0c:e304:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12181922 (0xb9e1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Validity
Not Before: Feb 13 19:26:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db4a8bd92b5b3f9aad9f7dc3b38db37f31d978d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:b5:4f:ad:21:89:62:7f:8b:65:2a:a7:cf:
e2:02:df:0c:16:29:0a:ad:76:f9:af:ef:92:ae:b0:
56:0d:49:a5:ca:66:72:52:22:ae:da:b0:f4:a2:12:
c5:82:d8:28:1d:2a:46:6d:27:54:a0:fd:d1:3c:e8:
c0:8d:99:ba:e0:fd:a1:e2:5e:45:f7:44:18:97:08:
88:ec:a3:09:68:27:f1:c4:e8:ee:5b:94:be:05:53:
9c:cb:a7:36:2d:08:fe:41:b7:3d:f8:5f:f8:39:38:
e4:04:ee:16:6a:d9:16:74:99:c3:59:a9:87:db:06:
4b:df:54:65:93:1b:0a:c8:6b:67:d7:a3:33:ae:62:
4c:e9:4e:34:3f:ec:f6:98:c3:23:18:82:8e:d5:cc:
46:8d:71:ed:8b:52:ed:88:e2:1f:60:eb:e9:e4:b5:
ab:cb:c7:b7:9a:a7:a6:42:fd:47:2f:32:26:4a:b8:
3f:43:53:6f:56:ea:3a:90:4c:8e:f8:12:86:f2:2e:
2b:56:6f:b1:c4:b6:69:11:b2:a1:60:55:47:43:c5:
b8:e9:bc:d7:e8:7d:de:53:db:ae:14:ad:42:45:28:
53:ab:6c:02:03:75:a9:75:02:e8:79:6d:7c:c1:0d:
54:8b:8e:9a:65:03:df:4c:0e:7e:2b:74:ed:c3:e1:
d9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4A:8B:D9:2B:5B:3F:9A:AD:9F:7D:C3:B3:8D:B3:7F:31:D9:78:D7
X509v3 Authority Key Identifier:
keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/20qL2StbP5qtn33Ds42zfzHZeNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:e304:1::/48
Signature Algorithm: sha256WithRSAEncryption
1c:cc:06:b5:d8:c2:92:cf:e7:2d:15:85:fe:0c:93:22:2c:25:
1b:6c:b9:46:ce:e6:1a:f8:33:6f:67:25:9c:59:c0:f0:f2:de:
23:46:6c:12:a3:24:bb:d1:d0:58:f3:72:af:4f:8a:73:cc:b8:
6a:bb:f7:c2:cf:fe:d9:6c:07:90:9f:35:e7:cd:06:f0:84:e5:
14:b5:12:bc:34:7f:86:3b:5e:87:47:ff:aa:67:f4:44:d9:4d:
a9:ae:05:fb:b9:4c:7c:28:c2:b3:64:b5:7b:e0:8a:f3:db:0b:
dc:e0:d4:62:13:4b:85:5f:c9:6a:6c:da:6f:87:8d:84:a7:44:
d0:1d:09:b2:e4:31:15:e4:be:8b:28:11:c6:43:a3:ea:18:02:
7e:2f:25:0d:ad:b4:f9:a5:0f:07:3f:9a:b9:a3:74:15:fe:37:
4b:3e:9a:00:d4:be:c1:1e:8b:a9:90:2d:38:a3:58:66:e9:5a:
6a:55:50:c8:99:7b:03:82:5d:5e:da:dc:79:f7:32:96:bb:8e:
8e:1d:48:c4:a2:ad:a2:d7:7f:5e:15:ed:74:82:31:24:3f:4d:
66:e4:a2:97:23:d9:2f:2d:a9:56:99:e3:a6:4f:a8:2f:16:50:
bc:68:45:aa:c8:72:60:12:c0:ea:f0:f0:86:c6:3c:e9:4a:0e:
00:c4:a4:7a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEALnhojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGZlY2ZhMGU2NjkyNTk1Y2ZiZWE1MjY2MDc2ZThlNTNlZmQ5NDYxMB4XDTIyMDIx
MzE5MjYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI0YThiZDkyYjVi
M2Y5YWFkOWY3ZGMzYjM4ZGIzN2YzMWQ5NzhkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe+tU+tIYlif4tlKqfP4gLfDBYpCq12+a/vkq6wVg1Jpcpm
clIirtqw9KISxYLYKB0qRm0nVKD90TzowI2ZuuD9oeJeRfdEGJcIiOyjCWgn8cTo
7luUvgVTnMunNi0I/kG3Pfhf+Dk45ATuFmrZFnSZw1mph9sGS99UZZMbCshrZ9ej
M65iTOlOND/s9pjDIxiCjtXMRo1x7YtS7YjiH2Dr6eS1q8vHt5qnpkL9Ry8yJkq4
P0NTb1bqOpBMjvgShvIuK1ZvscS2aRGyoWBVR0PFuOm81+h93lPbrhStQkUoU6ts
AgN1qXUC6HltfMENVIuOmmUD30wOfit07cPh2T0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTbSovZK1s/mq2ffcOzjbN/Mdl41zAfBgNVHSMEGDAWgBRt/s+g5mkllc++
pSZgdujlPv2UYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JmN1BvT1pwSlpYUHZxVW1ZSGJvNVQ3OWxHRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvZmNmZWM3LWQ2YzMtNGI0MC1iYTJjLWY5ODhkNDhlNTFlOC8x
LzIwcUwyU3RiUDVxdG4zM0RzNDJ6ZnpIWmVOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ZmNmZWM3LWQ2YzMtNGI0MC1iYTJjLWY5ODhkNDhlNTFlOC8xL2JmN1BvT1pwSlpY
UHZxVW1ZSGJvNVQ3OWxHRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoM4wQAATANBgkqhkiG9w0BAQsF
AAOCAQEAHMwGtdjCks/nLRWF/gyTIiwlG2y5Rs7mGvgzb2clnFnA8PLeI0ZsEqMk
u9HQWPNyr0+Kc8y4arv3ws/+2WwHkJ81580G8ITlFLUSvDR/hjteh0f/qmf0RNlN
qa4F+7lMfCjCs2S1e+CK89sL3ODUYhNLhV/Jamzab4eNhKdE0B0JsuQxFeS+iygR
xkOj6hgCfi8lDa20+aUPBz+auaN0Ff43Sz6aANS+wR6LqZAtOKNYZulaalVQyJl7
A4JdXtrcefcylruOjh1IxKKtotd/XhXtdIIxJD9NZuSilyPZLy2pVpnjpk+oLxZQ
vGhFqshyYBLA6vDwhsY86UoOAMSkeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org