Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/xsDlE_-DWRIH04rpMEN_y6hPxrQ.roa
File: xsDlE_-DWRIH04rpMEN_y6hPxrQ.roa (raw, json)
Hash identifier: u7wTC4sWzjy/dCLv8JCOEmalrx4I6Sy2rNyjsURCWUk=
Subject key identifier: C6:C0:E5:13:FF:83:59:12:07:D3:8A:E9:30:43:7F:CB:A8:4F:C6:B4
Certificate issuer: /CN=eba9b39492eb16e7b76e9809651ce5335f30f64f
Certificate serial: 0938F622
Authority key identifier: EB:A9:B3:94:92:EB:16:E7:B7:6E:98:09:65:1C:E5:33:5F:30:F6:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/66mzlJLrFue3bpgJZRzlM18w9k8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/xsDlE_-DWRIH04rpMEN_y6hPxrQ.roa
Signing time: Sat 01 Jan 2022 01:59:16 +0000
ROA not before: Sat 01 Jan 2022 01:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209432
IP address blocks: 2001:678:954::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154727970 (0x938f622)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eba9b39492eb16e7b76e9809651ce5335f30f64f
Validity
Not Before: Jan 1 01:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6c0e513ff83591207d38ae930437fcba84fc6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3c:40:ca:4a:cb:d3:25:5a:fc:38:49:9b:df:
d6:b9:c7:28:98:5e:93:a8:63:1f:f0:a3:07:12:1a:
91:ee:7c:38:36:7e:3f:2f:52:2f:03:60:2d:7f:2d:
08:56:3e:88:7a:68:8a:33:3b:ae:f0:b7:14:f8:15:
b4:bc:bb:9e:d4:55:0f:75:3c:f4:26:0d:65:7d:8b:
33:a0:c4:21:80:23:a3:61:4a:02:9a:0f:1f:30:bd:
ed:a9:23:72:94:b6:60:9a:92:d6:dc:eb:66:75:00:
0f:67:86:b9:b5:b2:5c:db:04:e3:72:8e:2c:97:96:
e2:7a:2e:8b:8b:4f:35:d3:9e:00:2c:ae:5d:83:b2:
bb:e2:a2:15:43:19:5f:c1:ac:97:d3:e9:2f:50:fd:
61:88:8d:d9:93:a9:2d:3d:ff:a9:8d:bf:1c:7c:e9:
85:b6:71:2a:9e:0f:22:c5:c8:45:59:7b:f2:6e:cd:
8d:ca:5c:cf:8d:da:72:b2:e2:2b:8d:b0:65:6a:7b:
d5:f0:63:09:d6:e0:34:5e:10:a2:88:a1:0d:5e:04:
88:a5:8f:e9:d1:57:44:ef:c1:eb:e3:ea:7a:b2:61:
e9:9f:d2:a2:54:23:f8:b6:09:b5:3c:61:56:49:d6:
a5:1c:e7:2b:52:ba:70:22:73:2e:b2:7f:2f:05:f0:
15:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C0:E5:13:FF:83:59:12:07:D3:8A:E9:30:43:7F:CB:A8:4F:C6:B4
X509v3 Authority Key Identifier:
keyid:EB:A9:B3:94:92:EB:16:E7:B7:6E:98:09:65:1C:E5:33:5F:30:F6:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66mzlJLrFue3bpgJZRzlM18w9k8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/xsDlE_-DWRIH04rpMEN_y6hPxrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c0db4c-acfb-48ef-8f31-0b2ec6eef01f/1/66mzlJLrFue3bpgJZRzlM18w9k8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:954::/48
Signature Algorithm: sha256WithRSAEncryption
5e:92:0d:0f:2c:10:c8:64:d3:34:22:ef:cd:0b:40:c8:02:9d:
b4:09:02:5c:e8:8b:52:22:3e:26:dc:b8:59:1e:73:8d:36:4b:
34:53:35:a7:fb:30:3c:52:d4:0c:b2:70:a6:e0:23:5c:ea:9b:
a1:c7:a8:ac:51:51:78:0d:7e:81:25:87:5c:f2:18:45:84:b1:
ee:59:93:0e:69:22:a5:6b:4c:c7:87:34:ea:13:4f:2c:eb:36:
80:73:ce:31:5b:e1:a0:79:d9:ca:2f:c6:2d:0b:ad:38:c8:98:
b6:17:63:00:08:c2:61:3c:5c:0c:34:01:fc:b8:bf:71:1b:05:
81:06:50:21:8d:40:ed:db:44:3b:06:29:da:51:d6:0f:c1:fc:
71:2e:3f:e2:44:4a:87:c4:7e:58:95:91:3c:c9:1e:61:ad:e0:
45:9c:ff:bd:da:93:9f:f0:f2:80:a5:2d:89:d9:69:1e:bd:5a:
6e:50:24:cd:02:57:ee:ac:98:74:38:93:2a:1d:f5:b6:88:27:
58:6a:45:aa:b2:5c:1c:be:7d:b5:58:4a:4b:47:d7:89:90:70:
19:30:ad:be:0c:70:48:ac:51:8d:08:6c:05:63:75:9d:71:9e:
cf:22:71:94:91:e2:1c:94:58:c3:7b:4e:23:5e:98:72:ee:e7:
a8:6d:e9:52
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECTj2IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmE5YjM5NDkyZWIxNmU3Yjc2ZTk4MDk2NTFjZTUzMzVmMzBmNjRmMB4XDTIyMDEw
MTAxNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZjMGU1MTNmZjgz
NTkxMjA3ZDM4YWU5MzA0MzdmY2JhODRmYzZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMM8QMpKy9MlWvw4SZvf1rnHKJhek6hjH/CjBxIake58ODZ+
Py9SLwNgLX8tCFY+iHpoijM7rvC3FPgVtLy7ntRVD3U89CYNZX2LM6DEIYAjo2FK
ApoPHzC97akjcpS2YJqS1tzrZnUAD2eGubWyXNsE43KOLJeW4noui4tPNdOeACyu
XYOyu+KiFUMZX8Gsl9PpL1D9YYiN2ZOpLT3/qY2/HHzphbZxKp4PIsXIRVl78m7N
jcpcz43acrLiK42wZWp71fBjCdbgNF4QooihDV4EiKWP6dFXRO/B6+PqerJh6Z/S
olQj+LYJtTxhVknWpRznK1K6cCJzLrJ/LwXwFY0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTGwOUT/4NZEgfTiukwQ3/LqE/GtDAfBgNVHSMEGDAWgBTrqbOUkusW57du
mAllHOUzXzD2TzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY2bXpsSkxyRnVlM2JwZ0paUnpsTTE4dzlrOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYzBkYjRjLWFjZmItNDhlZi04ZjMxLTBiMmVjNmVlZjAxZi8x
L3hzRGxFXy1EV1JJSDA0cnBNRU5feTZoUHhyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YzBkYjRjLWFjZmItNDhlZi04ZjMxLTBiMmVjNmVlZjAxZi8xLzY2bXpsSkxyRnVl
M2JwZ0paUnpsTTE4dzlrOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngJVDANBgkqhkiG9w0BAQsF
AAOCAQEAXpINDywQyGTTNCLvzQtAyAKdtAkCXOiLUiI+Jty4WR5zjTZLNFM1p/sw
PFLUDLJwpuAjXOqboceorFFReA1+gSWHXPIYRYSx7lmTDmkipWtMx4c06hNPLOs2
gHPOMVvhoHnZyi/GLQutOMiYthdjAAjCYTxcDDQB/Li/cRsFgQZQIY1A7dtEOwYp
2lHWD8H8cS4/4kRKh8R+WJWRPMkeYa3gRZz/vdqTn/DygKUtidlpHr1ablAkzQJX
7qyYdDiTKh31tognWGpFqrJcHL59tVhKS0fXiZBwGTCtvgxwSKxRjQhsBWN1nXGe
zyJxlJHiHJRYw3tOI16Ycu7nqG3pUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:47 2023 by rpki-client on console-ams.rpki-client.org