Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Z3c5s8psZBtbf1_f8K9OGZRebc.roa
File: 7Z3c5s8psZBtbf1_f8K9OGZRebc.roa (raw, json)
Hash identifier: D7geiEXnBQ4yP6iIkHG4QBcaF57tfw5zUTeOwZaJJaI=
Subject key identifier: ED:9D:DC:E6:CF:29:B1:90:6D:6D:FD:7F:7F:C2:BD:38:66:51:79:B7
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43530B4C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Z3c5s8psZBtbf1_f8K9OGZRebc.roa
Signing time: Sat 01 Jan 2022 08:00:24 +0000
ROA not before: Sat 01 Jan 2022 08:00:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196689
IP address blocks: 2a03:f85:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1129515852 (0x43530b4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 08:00:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed9ddce6cf29b1906d6dfd7f7fc2bd38665179b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:60:d5:53:62:3e:65:5a:69:56:37:a4:83:
c0:f2:cc:94:de:4b:41:03:10:c7:70:af:c4:a8:01:
c6:6e:dc:ec:6b:b3:4b:2f:a1:2c:27:39:c7:25:fa:
c3:fc:80:ff:84:18:75:31:24:c7:c9:0e:07:48:59:
77:1a:6f:93:1c:90:96:3b:25:14:4d:b8:d3:1d:e6:
81:d0:ba:5a:6e:63:db:7e:fd:4e:d9:00:fb:9b:f3:
94:b9:9b:b2:44:4a:f8:51:fb:f8:40:62:c7:91:b2:
27:42:c1:d4:99:55:b9:ae:85:9f:d5:c9:0a:73:ad:
f0:fe:34:f8:a7:67:b7:6a:80:48:71:bf:84:c9:b6:
d6:5f:f0:62:a8:ed:54:22:f5:ab:33:39:06:27:34:
1a:1c:bd:8c:6c:4a:02:ee:e3:bb:c1:29:54:03:55:
22:e6:4f:c9:e3:77:20:0b:fe:4e:58:7f:43:31:19:
a7:bb:82:d7:c2:77:43:10:c9:f4:7b:55:1a:b2:a9:
5c:16:ea:ab:c7:7a:57:0b:6b:7d:3b:9d:4d:b4:70:
06:85:10:80:9d:c9:34:67:a1:47:f2:7d:0b:06:e4:
2b:09:1f:ad:1a:98:2a:6c:bb:41:8a:49:75:a4:0c:
54:96:fd:39:2d:5e:0b:7b:88:dc:fa:30:96:a2:51:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9D:DC:E6:CF:29:B1:90:6D:6D:FD:7F:7F:C2:BD:38:66:51:79:B7
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Z3c5s8psZBtbf1_f8K9OGZRebc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:3::/48
Signature Algorithm: sha256WithRSAEncryption
71:16:47:0a:1f:19:e4:2d:d4:93:67:b6:5b:aa:95:2e:4d:7c:
d7:35:71:26:86:fa:4f:3b:9c:1a:0a:26:bc:2d:2f:c3:f9:34:
aa:c3:2f:58:24:8f:9e:1c:6f:31:01:f0:35:d1:86:e5:2d:b5:
05:40:07:a6:5b:c7:71:ff:f0:88:b9:d7:1a:2d:77:a1:4a:fb:
1c:7e:83:61:14:75:f5:86:e4:51:67:d2:97:2e:34:24:33:e0:
d0:30:3c:ff:7e:08:87:f2:64:24:12:e0:7e:1e:14:39:0f:e6:
5e:b5:bd:c7:69:5a:fd:c1:ed:ca:fb:96:90:36:a1:b5:67:2d:
78:ad:9f:7c:55:6b:ec:b2:4b:1b:f6:f1:f8:08:67:14:da:d0:
43:21:38:ab:d0:a1:da:4d:8a:a4:bb:c8:fe:ee:47:98:c7:75:
5f:b3:ab:b3:d8:62:0a:35:89:5c:1f:8c:20:3c:39:99:31:63:
4e:fc:12:d5:de:52:01:12:14:c6:53:7c:6e:28:ee:8b:7c:c6:
82:cc:d1:04:3f:da:d9:58:f6:16:86:57:31:97:ed:61:f0:52:
0d:e9:8c:05:d6:fd:ee:22:31:e1:82:20:b7:3e:73:a9:89:9c:
3e:ca:9c:ff:47:7d:ea:c5:97:a4:05:ae:06:5a:81:1c:d0:53:
aa:4f:1e:58
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ1MLTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA4MDAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ5ZGRjZTZjZjI5
YjE5MDZkNmRmZDdmN2ZjMmJkMzg2NjUxNzliNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ12YNVTYj5lWmlWN6SDwPLMlN5LQQMQx3CvxKgBxm7c7Guz
Sy+hLCc5xyX6w/yA/4QYdTEkx8kOB0hZdxpvkxyQljslFE240x3mgdC6Wm5j2379
TtkA+5vzlLmbskRK+FH7+EBix5GyJ0LB1JlVua6Fn9XJCnOt8P40+Kdnt2qASHG/
hMm21l/wYqjtVCL1qzM5Bic0Ghy9jGxKAu7ju8EpVANVIuZPyeN3IAv+Tlh/QzEZ
p7uC18J3QxDJ9HtVGrKpXBbqq8d6VwtrfTudTbRwBoUQgJ3JNGehR/J9CwbkKwkf
rRqYKmy7QYpJdaQMVJb9OS1eC3uI3PowlqJRbTUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTtndzmzymxkG1t/X9/wr04ZlF5tzAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
LzdaM2M1czhwc1pCdGJmMV9mOEs5T0daUmViYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4UAAzANBgkqhkiG9w0BAQsF
AAOCAQEAcRZHCh8Z5C3Uk2e2W6qVLk181zVxJob6TzucGgomvC0vw/k0qsMvWCSP
nhxvMQHwNdGG5S21BUAHplvHcf/wiLnXGi13oUr7HH6DYRR19YbkUWfSly40JDPg
0DA8/34Ih/JkJBLgfh4UOQ/mXrW9x2la/cHtyvuWkDahtWcteK2ffFVr7LJLG/bx
+AhnFNrQQyE4q9Ch2k2KpLvI/u5HmMd1X7Ors9hiCjWJXB+MIDw5mTFjTvwS1d5S
ARIUxlN8bijui3zGgszRBD/a2Vj2FoZXMZftYfBSDemMBdb97iIx4YIgtz5zqYmc
Psqc/0d96sWXpAWuBlqBHNBTqk8eWA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org