Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/4df969-57a6-45f7-8082-5ebde8b8ce1d/1/fDwCOJGLDPousSCfyVKFA1tq75k.roa
File: fDwCOJGLDPousSCfyVKFA1tq75k.roa (raw, json)
Hash identifier: cqbpZCPLI/110Lv4tOQrtRT2oaqbNwTpnmAcIyFL1o4=
Subject key identifier: 7C:3C:02:38:91:8B:0C:FA:2E:B1:20:9F:C9:52:85:03:5B:6A:EF:99
Certificate issuer: /CN=b25a5a43bd2384f892d265e558b4411e8b232b55
Certificate serial: 0A53C5D9
Authority key identifier: B2:5A:5A:43:BD:23:84:F8:92:D2:65:E5:58:B4:41:1E:8B:23:2B:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/slpaQ70jhPiS0mXlWLRBHosjK1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/4df969-57a6-45f7-8082-5ebde8b8ce1d/1/fDwCOJGLDPousSCfyVKFA1tq75k.roa
Signing time: Sat 01 Jan 2022 13:55:02 +0000
ROA not before: Sat 01 Jan 2022 13:55:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51861
IP address blocks: 2001:67c:374::/48 maxlen: 48
2001:67c:374:4000::/50 maxlen: 50
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173262297 (0xa53c5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b25a5a43bd2384f892d265e558b4411e8b232b55
Validity
Not Before: Jan 1 13:55:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c3c0238918b0cfa2eb1209fc95285035b6aef99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:21:de:ae:af:14:64:c5:60:f2:0a:9d:73:
77:b8:9d:19:a7:55:22:a7:3f:9d:21:2a:e9:5e:f6:
be:1f:6c:fb:23:fe:ef:4b:aa:b7:9a:1a:cc:dd:a0:
45:31:17:67:ea:49:f3:4c:6f:9b:fa:b7:70:a3:17:
ac:f8:3c:8b:02:49:19:e1:00:0c:88:55:6d:92:0b:
ed:06:c1:3b:01:81:18:be:15:61:f7:fc:ad:46:47:
b7:19:b2:71:3b:10:4a:22:e9:22:e0:3f:d6:64:ad:
4f:1d:ec:ed:6a:5c:67:d3:78:68:aa:23:00:99:82:
8c:58:1e:da:c7:ba:63:5c:61:83:d3:ac:b1:e8:6b:
f6:ee:10:57:ff:1a:4f:81:fe:19:8c:17:b9:e2:8e:
c4:16:7a:2a:0f:4b:67:12:08:6d:2b:f4:07:55:77:
7a:65:56:d1:18:fa:db:a0:5e:23:3a:67:12:f2:2c:
7f:a9:23:05:d2:c7:cb:b9:68:76:f9:9d:13:58:58:
63:78:45:68:56:17:10:80:12:91:38:4b:b6:63:4a:
07:82:2d:1e:34:90:41:a7:02:2d:60:1b:91:07:19:
07:35:f3:75:fe:6c:bd:00:a9:4b:f1:95:1f:ce:01:
a8:b6:49:13:df:7d:4a:65:1b:f1:3f:70:bd:1d:e9:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3C:02:38:91:8B:0C:FA:2E:B1:20:9F:C9:52:85:03:5B:6A:EF:99
X509v3 Authority Key Identifier:
keyid:B2:5A:5A:43:BD:23:84:F8:92:D2:65:E5:58:B4:41:1E:8B:23:2B:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/slpaQ70jhPiS0mXlWLRBHosjK1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/4df969-57a6-45f7-8082-5ebde8b8ce1d/1/fDwCOJGLDPousSCfyVKFA1tq75k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/4df969-57a6-45f7-8082-5ebde8b8ce1d/1/slpaQ70jhPiS0mXlWLRBHosjK1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:374::/48
Signature Algorithm: sha256WithRSAEncryption
2e:46:5a:da:55:16:be:f0:2d:bf:04:6d:a3:43:bc:ac:4f:ec:
5c:dc:09:f2:10:72:a6:75:f4:8f:d5:de:c6:80:d6:0d:21:33:
48:46:d7:ab:d9:29:ea:16:94:b4:f9:7a:4b:94:37:d8:90:f4:
64:1e:b8:2f:e6:2e:13:2e:b5:18:d0:76:4e:5c:19:57:44:b4:
85:b0:df:a3:79:86:22:8d:bd:7e:a6:b1:70:32:9c:6e:bc:52:
98:0a:4c:a7:99:d6:e5:54:a8:28:88:0d:6c:b3:10:b1:52:35:
34:cb:6a:c3:be:40:e2:2c:47:a9:13:cb:a4:ed:cf:88:fc:46:
c0:e7:87:5e:2a:58:e1:3f:60:91:17:0a:f8:b4:81:c7:44:87:
ca:84:ff:c5:87:24:79:5a:cd:77:f3:95:48:44:c5:92:60:63:
fb:31:04:03:14:70:77:bc:03:3e:6d:b0:44:15:63:0b:47:ea:
75:a7:a2:95:5f:4e:9b:51:b9:c7:94:cf:f8:30:b4:d4:b2:21:
56:ff:1a:9d:ad:d9:50:2c:0a:4a:0b:b7:11:a2:3f:b2:01:7c:
70:00:91:09:c3:ee:be:63:fa:9c:cf:30:f3:58:b9:f6:cd:3f:
f0:1c:80:45:28:ca:36:b4:d5:b5:c8:fa:91:c9:31:de:8f:8d:
31:10:5c:a6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEClPF2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjVhNWE0M2JkMjM4NGY4OTJkMjY1ZTU1OGI0NDExZThiMjMyYjU1MB4XDTIyMDEw
MTEzNTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MzYzAyMzg5MThi
MGNmYTJlYjEyMDlmYzk1Mjg1MDM1YjZhZWY5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfVId6urxRkxWDyCp1zd7idGadVIqc/nSEq6V72vh9s+yP+
70uqt5oazN2gRTEXZ+pJ80xvm/q3cKMXrPg8iwJJGeEADIhVbZIL7QbBOwGBGL4V
Yff8rUZHtxmycTsQSiLpIuA/1mStTx3s7WpcZ9N4aKojAJmCjFge2se6Y1xhg9Os
sehr9u4QV/8aT4H+GYwXueKOxBZ6Kg9LZxIIbSv0B1V3emVW0Rj626BeIzpnEvIs
f6kjBdLHy7lodvmdE1hYY3hFaFYXEIASkThLtmNKB4ItHjSQQacCLWAbkQcZBzXz
df5svQCpS/GVH84BqLZJE999SmUb8T9wvR3pioECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR8PAI4kYsM+i6xIJ/JUoUDW2rvmTAfBgNVHSMEGDAWgBSyWlpDvSOE+JLS
ZeVYtEEeiyMrVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NscGFRNzBqaFBpUzBtWGxXTFJCSG9zaksxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNGRmOTY5LTU3YTYtNDVmNy04MDgyLTVlYmRlOGI4Y2UxZC8x
L2ZEd0NPSkdMRFBvdXNTQ2Z5VktGQTF0cTc1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NGRmOTY5LTU3YTYtNDVmNy04MDgyLTVlYmRlOGI4Y2UxZC8xL3NscGFRNzBqaFBp
UzBtWGxXTFJCSG9zaksxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwDdDANBgkqhkiG9w0BAQsF
AAOCAQEALkZa2lUWvvAtvwRto0O8rE/sXNwJ8hBypnX0j9XexoDWDSEzSEbXq9kp
6haUtPl6S5Q32JD0ZB64L+YuEy61GNB2TlwZV0S0hbDfo3mGIo29fqaxcDKcbrxS
mApMp5nW5VSoKIgNbLMQsVI1NMtqw75A4ixHqRPLpO3PiPxGwOeHXipY4T9gkRcK
+LSBx0SHyoT/xYckeVrNd/OVSETFkmBj+zEEAxRwd7wDPm2wRBVjC0fqdaeilV9O
m1G5x5TP+DC01LIhVv8ana3ZUCwKSgu3EaI/sgF8cACRCcPuvmP6nM8w81i59s0/
8ByARSjKNrTVtcj6kckx3o+NMRBcpg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:17 2023 by rpki-client on console-fra.rpki-client.org