Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/cc8ffe-36b4-4c80-a907-aeaa9df01a9d/1/gN2G3O3PU7YafUkRorUcF2AZjMo.roa
File: gN2G3O3PU7YafUkRorUcF2AZjMo.roa (raw, json)
Hash identifier: C2nXu6af73E6/stFUof46EnSl2SzF5fFdUF+m7YykDM=
Subject key identifier: 80:DD:86:DC:ED:CF:53:B6:1A:7D:49:11:A2:B5:1C:17:60:19:8C:CA
Certificate issuer: /CN=c024bdbded6e5d2fe0fb526500b3ff87665b600e
Certificate serial: 085BC193
Authority key identifier: C0:24:BD:BD:ED:6E:5D:2F:E0:FB:52:65:00:B3:FF:87:66:5B:60:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wCS9ve1uXS_g-1JlALP_h2ZbYA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/cc8ffe-36b4-4c80-a907-aeaa9df01a9d/1/gN2G3O3PU7YafUkRorUcF2AZjMo.roa
Signing time: Sat 01 Jan 2022 14:55:55 +0000
ROA not before: Sat 01 Jan 2022 14:55:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208818
IP address blocks: 2001:67c:277c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140231059 (0x85bc193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c024bdbded6e5d2fe0fb526500b3ff87665b600e
Validity
Not Before: Jan 1 14:55:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80dd86dcedcf53b61a7d4911a2b51c1760198cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:28:7b:62:f7:6a:29:86:99:69:53:e3:44:
ee:16:57:60:cd:f1:0a:8f:11:4e:ec:65:f6:d3:9a:
30:c1:5b:b8:29:17:8c:44:6e:13:9e:34:75:a7:59:
a0:db:5c:8a:2f:48:ff:d9:74:57:64:ff:f7:fe:ef:
d4:6a:53:ba:a7:01:1a:e8:35:45:b4:9a:97:53:58:
40:e6:93:eb:03:d7:53:af:23:f7:a7:ca:0c:97:31:
32:37:41:50:af:a1:5d:bb:56:cb:af:3c:f1:99:46:
0a:41:e2:40:44:ce:99:53:17:44:c1:7f:c2:78:97:
97:35:fa:d1:ef:63:82:18:ff:e2:a3:1f:20:4d:89:
14:fd:a6:93:3f:cf:ff:dc:28:0e:1e:07:0c:03:cd:
57:84:b4:60:f3:79:2a:22:1c:07:0a:e2:7f:de:2a:
2e:ea:d4:d5:e0:b1:3b:75:dd:a1:8b:92:18:2d:f8:
5b:1e:0a:56:cb:a6:85:77:57:25:be:0f:6b:4b:04:
ac:0a:b9:7e:6f:67:bc:2d:07:bc:5c:0b:f6:3a:f1:
35:59:c3:93:fa:d0:2d:6d:32:b6:34:de:7b:df:8b:
0a:7f:76:fe:e3:fe:a3:23:11:19:fc:19:b2:09:8e:
c4:06:62:45:f2:4d:98:c0:11:2b:3e:69:96:34:b6:
de:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DD:86:DC:ED:CF:53:B6:1A:7D:49:11:A2:B5:1C:17:60:19:8C:CA
X509v3 Authority Key Identifier:
keyid:C0:24:BD:BD:ED:6E:5D:2F:E0:FB:52:65:00:B3:FF:87:66:5B:60:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wCS9ve1uXS_g-1JlALP_h2ZbYA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/cc8ffe-36b4-4c80-a907-aeaa9df01a9d/1/gN2G3O3PU7YafUkRorUcF2AZjMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/cc8ffe-36b4-4c80-a907-aeaa9df01a9d/1/wCS9ve1uXS_g-1JlALP_h2ZbYA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:277c::/48
Signature Algorithm: sha256WithRSAEncryption
6d:c0:88:b6:d2:8e:87:9f:77:83:c8:97:e4:ce:fc:9f:7a:48:
09:97:97:0c:3f:a6:1a:62:29:7f:aa:0c:2f:48:f5:a1:6c:d7:
fe:33:c1:37:c7:bc:b0:ce:8a:96:91:79:1c:f6:98:d3:94:ce:
77:c0:a0:52:32:cc:cf:bc:a0:d5:51:7e:6d:9f:d1:f3:0b:cb:
75:07:da:fb:02:ef:46:66:d0:14:8a:6f:88:8d:de:1b:76:3b:
ef:c5:69:26:02:c4:a4:d3:89:c7:0b:1d:de:44:c2:bd:7e:77:
a1:31:08:01:00:b4:50:2a:96:1f:4d:da:59:8c:63:6a:76:40:
c6:2a:db:ff:d6:43:8a:56:d1:b6:be:ea:40:ec:32:5b:1f:bf:
9c:60:cb:c4:c4:50:cc:aa:fe:b8:52:70:b2:02:30:6e:61:a0:
e8:e5:11:11:7b:7f:66:45:c6:95:48:61:7e:68:19:3b:5d:6b:
cc:d4:f2:13:05:3a:04:c3:e0:ec:41:9f:f9:24:f4:2a:93:9d:
26:04:ff:be:81:91:99:5e:44:a7:0d:f3:85:6f:ce:9b:c9:3d:
26:08:ee:fe:74:f0:ce:6b:38:42:1c:0a:9a:4b:b9:2e:1d:5d:
7a:6e:a7:2d:1b:12:98:be:c3:96:bc:09:40:78:5b:fc:e3:6c:
f2:80:2f:0a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECFvBkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDI0YmRiZGVkNmU1ZDJmZTBmYjUyNjUwMGIzZmY4NzY2NWI2MDBlMB4XDTIyMDEw
MTE0NTU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBkZDg2ZGNlZGNm
NTNiNjFhN2Q0OTExYTJiNTFjMTc2MDE5OGNjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJb+KHti92ophplpU+NE7hZXYM3xCo8RTuxl9tOaMMFbuCkX
jERuE540dadZoNtcii9I/9l0V2T/9/7v1GpTuqcBGug1RbSal1NYQOaT6wPXU68j
96fKDJcxMjdBUK+hXbtWy6888ZlGCkHiQETOmVMXRMF/wniXlzX60e9jghj/4qMf
IE2JFP2mkz/P/9woDh4HDAPNV4S0YPN5KiIcBwrif94qLurU1eCxO3XdoYuSGC34
Wx4KVsumhXdXJb4Pa0sErAq5fm9nvC0HvFwL9jrxNVnDk/rQLW0ytjTee9+LCn92
/uP+oyMRGfwZsgmOxAZiRfJNmMARKz5pljS23vECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSA3Ybc7c9Tthp9SRGitRwXYBmMyjAfBgNVHSMEGDAWgBTAJL297W5dL+D7
UmUAs/+HZltgDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dDUzl2ZTF1WFNfZy0xSmxBTFBfaDJaYllBNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvY2M4ZmZlLTM2YjQtNGM4MC1hOTA3LWFlYWE5ZGYwMWE5ZC8x
L2dOMkczTzNQVTdZYWZVa1JvclVjRjJBWmpNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
Y2M4ZmZlLTM2YjQtNGM4MC1hOTA3LWFlYWE5ZGYwMWE5ZC8xL3dDUzl2ZTF1WFNf
Zy0xSmxBTFBfaDJaYllBNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwnfDANBgkqhkiG9w0BAQsF
AAOCAQEAbcCIttKOh593g8iX5M78n3pICZeXDD+mGmIpf6oML0j1oWzX/jPBN8e8
sM6KlpF5HPaY05TOd8CgUjLMz7yg1VF+bZ/R8wvLdQfa+wLvRmbQFIpviI3eG3Y7
78VpJgLEpNOJxwsd3kTCvX53oTEIAQC0UCqWH03aWYxjanZAxirb/9ZDilbRtr7q
QOwyWx+/nGDLxMRQzKr+uFJwsgIwbmGg6OUREXt/ZkXGlUhhfmgZO11rzNTyEwU6
BMPg7EGf+ST0KpOdJgT/voGRmV5Epw3zhW/Om8k9Jgju/nTwzms4QhwKmku5Lh1d
em6nLRsSmL7DlrwJQHhb/ONs8oAvCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org