Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/cckMBP82PbUG3n0QFQAhhZglsHc.roa
File: cckMBP82PbUG3n0QFQAhhZglsHc.roa (raw, json)
Hash identifier: rQhf0zkOfQbPzvvxWXf77+Ld0MzL+n/zuqNilv4WQIg=
Subject key identifier: 71:C9:0C:04:FF:36:3D:B5:06:DE:7D:10:15:00:21:85:98:25:B0:77
Certificate issuer: /CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Certificate serial: 1981E00A
Authority key identifier: 42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/cckMBP82PbUG3n0QFQAhhZglsHc.roa
Signing time: Sat 01 Jan 2022 03:54:44 +0000
ROA not before: Sat 01 Jan 2022 03:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a02:f181:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427941898 (0x1981e00a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Validity
Not Before: Jan 1 03:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71c90c04ff363db506de7d10150021859825b077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:d1:27:89:20:12:2e:f1:a3:a7:30:c9:1a:
f0:41:eb:9f:cc:c6:bb:d0:48:71:27:87:73:d3:c1:
36:e2:a1:f6:e6:11:e9:49:ea:9f:9b:b4:76:d2:cc:
65:cf:11:b5:17:e7:ae:61:2f:78:fa:e2:e4:dc:fa:
7c:ac:94:ff:3d:0a:b0:7c:ec:61:d7:78:d5:4f:27:
ef:df:b4:a6:92:ad:71:02:97:f3:f9:9a:3e:65:88:
e4:87:58:6f:c5:b8:2c:a3:f3:7d:94:34:09:5b:db:
0d:83:75:a5:99:6d:a2:40:ab:5e:53:f8:1f:d2:bb:
4d:de:69:e8:a0:7c:fe:69:0a:22:54:62:7b:54:34:
95:dd:8c:de:53:cd:9c:cf:e3:47:2e:19:5b:0a:01:
6e:3a:92:fc:58:1d:26:0e:34:0e:2a:47:87:9b:b2:
fa:24:56:2f:c5:31:1e:84:bb:e9:e8:ab:e2:28:25:
ee:f0:13:7f:ad:61:83:10:9d:92:7a:a6:87:20:f7:
c6:63:85:9d:76:91:f4:fd:98:ec:8f:61:b6:97:bc:
9c:a7:d5:c1:89:12:72:95:6f:ae:79:ea:fb:d8:c8:
03:0e:da:4e:d6:cf:bb:b9:2d:c0:bf:26:d7:e2:65:
f7:5c:17:de:0c:68:42:bc:ee:dd:33:d0:a9:7b:b1:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C9:0C:04:FF:36:3D:B5:06:DE:7D:10:15:00:21:85:98:25:B0:77
X509v3 Authority Key Identifier:
keyid:42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/cckMBP82PbUG3n0QFQAhhZglsHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f181:1000::/48
Signature Algorithm: sha256WithRSAEncryption
4e:e0:6b:6d:58:54:61:57:e3:06:05:53:cf:74:b9:1a:0a:a6:
6c:dc:48:2b:1d:07:2a:48:eb:45:5d:7e:3d:49:7c:f6:65:27:
fc:94:29:aa:c3:e6:4c:8a:8b:41:41:63:98:de:e1:be:8e:0f:
ff:e0:91:7f:99:34:d3:ef:1c:40:f9:f2:66:4b:59:2e:8a:e3:
a1:ea:87:30:12:e3:6e:bf:c6:b5:eb:31:33:66:8e:e9:c0:ce:
31:cb:d0:f9:b9:7d:7e:57:c7:05:55:ae:29:ea:e4:13:ba:9a:
b7:ac:cc:9e:bc:52:eb:0b:ab:fc:81:16:6c:d1:4b:ba:dc:09:
79:6b:b5:4a:d9:28:53:75:ff:f6:45:87:cb:60:3f:42:74:79:
a3:45:fe:33:6a:04:ae:0a:8c:f3:7f:03:66:c8:8d:de:5c:0a:
56:4f:30:5d:ba:b1:c8:f7:f0:d9:ed:09:58:d8:22:29:9b:2c:
fb:a3:b1:9c:cc:7e:04:24:bf:cf:5d:9a:0a:e7:c5:31:8a:76:
81:e3:72:c0:e4:af:d4:b7:37:1c:30:8d:d5:ca:20:05:57:d8:
43:70:2d:9a:00:b9:bc:71:50:79:c7:51:35:87:2f:52:45:a1:
1b:d5:72:f9:82:ef:71:ea:9a:b5:b1:8d:fc:13:a5:d3:51:3c:
68:4d:c8:1a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGYHgCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjdjZTU3MTljYWE2ODFhZGJkNDkzYThkOWEzOGE2NzVkNmJkNjM5MB4XDTIyMDEw
MTAzNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFjOTBjMDRmZjM2
M2RiNTA2ZGU3ZDEwMTUwMDIxODU5ODI1YjA3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8/0SeJIBIu8aOnMMka8EHrn8zGu9BIcSeHc9PBNuKh9uYR
6Unqn5u0dtLMZc8RtRfnrmEvePri5Nz6fKyU/z0KsHzsYdd41U8n79+0ppKtcQKX
8/maPmWI5IdYb8W4LKPzfZQ0CVvbDYN1pZltokCrXlP4H9K7Td5p6KB8/mkKIlRi
e1Q0ld2M3lPNnM/jRy4ZWwoBbjqS/FgdJg40DipHh5uy+iRWL8UxHoS76eir4igl
7vATf61hgxCdknqmhyD3xmOFnXaR9P2Y7I9htpe8nKfVwYkScpVvrnnq+9jIAw7a
TtbPu7ktwL8m1+Jl91wX3gxoQrzu3TPQqXux7CsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRxyQwE/zY9tQbefRAVACGFmCWwdzAfBgNVHSMEGDAWgBRCfOVxnKpoGtvU
k6jZo4pnXWvWOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FuemxjWnlxYUJyYjFKT28yYU9LWjExcjFqay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvM2UzNTQ4LWZkYjUtNGRlZC1iYTU5LTA5MWMyZDMwM2ZlOC8x
L2Nja01CUDgyUGJVRzNuMFFGUUFoaFpnbHNIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
M2UzNTQ4LWZkYjUtNGRlZC1iYTU5LTA5MWMyZDMwM2ZlOC8xL1FuemxjWnlxYUJy
YjFKT28yYU9LWjExcjFqay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoC8YEQADANBgkqhkiG9w0BAQsF
AAOCAQEATuBrbVhUYVfjBgVTz3S5GgqmbNxIKx0HKkjrRV1+PUl89mUn/JQpqsPm
TIqLQUFjmN7hvo4P/+CRf5k00+8cQPnyZktZLorjoeqHMBLjbr/GtesxM2aO6cDO
McvQ+bl9flfHBVWuKerkE7qat6zMnrxS6wur/IEWbNFLutwJeWu1StkoU3X/9kWH
y2A/QnR5o0X+M2oErgqM838DZsiN3lwKVk8wXbqxyPfw2e0JWNgiKZss+6OxnMx+
BCS/z12aCufFMYp2geNywOSv1Lc3HDCN1cogBVfYQ3AtmgC5vHFQecdRNYcvUkWh
G9Vy+YLvceqatbGN/BOl01E8aE3IGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:14 2024 by rpki-client on console-ams.rpki-client.org