Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/DhSmnKmOsOAwtqjyImxNwdJrb4k.roa
File: DhSmnKmOsOAwtqjyImxNwdJrb4k.roa (raw, json)
Hash identifier: 40V7qcNirxgOFK8gOkeM7Ew4gSqUKV5yX2AFeIHwbuc=
Subject key identifier: 0E:14:A6:9C:A9:8E:B0:E0:30:B6:A8:F2:22:6C:4D:C1:D2:6B:6F:89
Certificate issuer: /CN=a378118db05e4c93e76fa1f1c95679c705beb208
Certificate serial: 14149233
Authority key identifier: A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/DhSmnKmOsOAwtqjyImxNwdJrb4k.roa
Signing time: Sat 01 Jan 2022 11:53:59 +0000
ROA not before: Sat 01 Jan 2022 11:53:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15542
IP address blocks: 2001:67c:2ef0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336892467 (0x14149233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a378118db05e4c93e76fa1f1c95679c705beb208
Validity
Not Before: Jan 1 11:53:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e14a69ca98eb0e030b6a8f2226c4dc1d26b6f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:dc:3b:de:c8:3b:24:ff:55:fc:54:1b:be:
d9:55:8a:45:7a:e0:a6:30:70:1f:56:8d:ea:80:2e:
6d:d8:d8:a6:12:70:3b:cd:76:fd:ee:a3:d8:5d:4a:
52:69:9b:32:6f:21:8d:77:76:60:91:a5:72:ed:4a:
c8:4e:d4:18:30:3f:73:aa:3a:29:da:77:df:1f:1c:
8f:a4:f7:f9:ad:11:57:f7:3c:88:e8:d9:b5:1c:ee:
3f:ea:cf:c9:db:73:67:8b:10:3f:5b:92:63:5d:25:
31:fb:a5:10:52:31:a0:25:01:32:be:fe:0a:07:25:
70:1e:81:42:8e:3b:06:6a:17:c5:30:c4:66:67:cd:
04:67:66:80:49:8a:3f:39:c2:17:a8:7d:7b:ba:2e:
6a:a0:74:ff:11:05:9a:9c:5c:36:c0:c3:85:46:72:
23:fe:78:57:63:b9:69:aa:26:28:cc:3b:74:42:47:
f6:e7:a0:af:96:53:10:6d:a1:76:b6:ad:ce:f0:06:
9b:ee:ff:a6:7b:30:fe:2f:a0:aa:6b:fc:f1:53:5e:
89:67:0f:24:cf:83:af:dd:da:bf:51:99:76:f1:f8:
33:39:f3:7f:da:2e:6f:9e:07:5b:62:cd:81:97:54:
74:3e:43:df:6c:5c:b7:3f:2a:07:28:10:50:a5:c0:
ad:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:14:A6:9C:A9:8E:B0:E0:30:B6:A8:F2:22:6C:4D:C1:D2:6B:6F:89
X509v3 Authority Key Identifier:
keyid:A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/DhSmnKmOsOAwtqjyImxNwdJrb4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ef0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:10:78:1e:78:d0:a6:7f:80:a3:b9:6d:8a:dd:ba:26:c0:07:
18:9a:33:95:81:05:0b:50:ce:ea:bb:b7:ef:76:9b:76:ea:18:
bd:08:73:1f:0e:4e:f2:07:1e:80:38:ed:3a:ad:c5:13:0b:07:
14:4a:42:7b:6c:41:ba:8d:bc:9d:4a:9d:f4:d2:e8:7b:75:99:
3b:ad:1e:77:ab:93:68:88:af:6a:1a:18:fc:05:44:4e:7c:21:
f9:d6:13:10:2d:2b:a2:af:92:c3:f4:8a:14:ce:33:db:4c:b2:
17:3a:4a:da:83:21:b5:b2:6d:70:ab:4d:ea:0f:1d:0d:27:a7:
21:a9:72:6c:c7:0b:34:89:db:57:17:0f:d8:65:d5:8a:82:3f:
13:17:3e:ca:1b:38:1f:bc:f5:3d:bc:a7:73:ff:ca:ba:2a:c5:
86:68:14:6b:83:6d:46:c7:d8:d5:d5:83:41:09:28:fe:b8:f3:
31:e2:f1:ee:dc:d3:4c:e5:30:9f:4c:fa:97:96:8b:67:e5:6d:
40:55:dd:47:81:78:aa:2c:10:15:77:86:19:16:42:f6:56:bc:
ee:8d:aa:86:df:7b:ac:f2:ed:cf:1a:a5:98:11:43:4a:16:78:
48:a3:21:84:f3:d8:ca:28:a1:a9:43:2e:fc:7e:1e:b0:f2:a2:
05:37:c3:f9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFBSSMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Mzc4MTE4ZGIwNWU0YzkzZTc2ZmExZjFjOTU2NzljNzA1YmViMjA4MB4XDTIyMDEw
MTExNTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGUxNGE2OWNhOThl
YjBlMDMwYjZhOGYyMjI2YzRkYzFkMjZiNmY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRj3DveyDsk/1X8VBu+2VWKRXrgpjBwH1aN6oAubdjYphJw
O812/e6j2F1KUmmbMm8hjXd2YJGlcu1KyE7UGDA/c6o6Kdp33x8cj6T3+a0RV/c8
iOjZtRzuP+rPydtzZ4sQP1uSY10lMfulEFIxoCUBMr7+CgclcB6BQo47BmoXxTDE
ZmfNBGdmgEmKPznCF6h9e7ouaqB0/xEFmpxcNsDDhUZyI/54V2O5aaomKMw7dEJH
9uegr5ZTEG2hdratzvAGm+7/pnsw/i+gqmv88VNeiWcPJM+Dr93av1GZdvH4Mznz
f9oub54HW2LNgZdUdD5D32xctz8qBygQUKXArfMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQOFKacqY6w4DC2qPIibE3B0mtviTAfBgNVHSMEGDAWgBSjeBGNsF5Mk+dv
ofHJVnnHBb6yCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28zZ1JqYkJlVEpQbmI2SHh5Vlo1eHdXLXNnZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvMGYzNTVhLTNhMGEtNDZlYy1iMDdmLTg2NjYwN2FmMmZhNS8x
L0RoU21uS21Pc09Bd3RxanlJbXhOd2RKcmI0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
MGYzNTVhLTNhMGEtNDZlYy1iMDdmLTg2NjYwN2FmMmZhNS8xL28zZ1JqYkJlVEpQ
bmI2SHh5Vlo1eHdXLXNnZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwu8DANBgkqhkiG9w0BAQsF
AAOCAQEACxB4HnjQpn+Ao7ltit26JsAHGJozlYEFC1DO6ru373abduoYvQhzHw5O
8gcegDjtOq3FEwsHFEpCe2xBuo28nUqd9NLoe3WZO60ed6uTaIivahoY/AVETnwh
+dYTEC0roq+Sw/SKFM4z20yyFzpK2oMhtbJtcKtN6g8dDSenIalybMcLNInbVxcP
2GXVioI/Exc+yhs4H7z1Pbync//KuirFhmgUa4NtRsfY1dWDQQko/rjzMeLx7tzT
TOUwn0z6l5aLZ+VtQFXdR4F4qiwQFXeGGRZC9la87o2qht97rPLtzxqlmBFDShZ4
SKMhhPPYyiihqUMu/H4esPKiBTfD+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:03 2024 by rpki-client on console-fra.rpki-client.org