Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/PkGsGsBIreCa-vB4qXBDNwf7YUc.roa
File: PkGsGsBIreCa-vB4qXBDNwf7YUc.roa (raw, json)
Hash identifier: kwEGK1U9kqriV60Brm3WP0SnDXB8W5bnODIMunTkpoA=
Subject key identifier: 3E:41:AC:1A:C0:48:AD:E0:9A:FA:F0:78:A9:70:43:37:07:FB:61:47
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 433F8AE8
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/PkGsGsBIreCa-vB4qXBDNwf7YUc.roa
Signing time: Sat 01 Jan 2022 07:59:51 +0000
ROA not before: Sat 01 Jan 2022 07:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25560
IP address blocks: 2a03:f85::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128237800 (0x433f8ae8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e41ac1ac048ade09afaf078a970433707fb6147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:f4:ab:6b:5d:fb:4a:aa:16:b6:d6:60:70:
ba:82:58:39:ae:26:d3:09:3b:08:e1:66:6b:92:36:
1c:1e:55:e0:48:04:c2:d2:6a:bd:c9:30:50:d1:82:
1d:d1:4f:fb:51:ac:50:60:ed:95:ef:61:de:3c:3a:
9d:bd:f9:47:91:71:cc:99:f4:5a:61:10:99:67:88:
50:b4:6e:ec:a5:0b:83:55:cd:19:ec:2c:37:8e:ea:
11:a3:c3:d1:07:de:0e:6e:4d:ba:1f:a5:67:4e:6b:
af:7a:34:c5:bf:9c:e2:21:a4:e6:38:95:44:76:1e:
0b:db:30:ce:d1:ea:4c:3b:ce:34:b3:0b:67:bf:fd:
08:80:25:27:76:6b:a0:21:23:09:ea:9e:30:69:74:
66:61:15:27:a8:20:36:93:23:6e:2e:7c:0e:f6:67:
fe:f2:b4:bd:ef:90:2e:f8:9a:78:26:d7:31:d0:a6:
0a:9c:6a:ef:87:79:5d:54:9b:d8:03:c4:04:db:6b:
18:4a:24:0d:78:84:d6:d5:93:9c:80:32:ea:4d:5e:
89:02:a9:07:6c:d8:9f:46:61:00:a8:7a:22:2c:79:
fb:97:d9:40:54:43:bb:c0:7b:4d:bc:10:64:b1:ae:
7e:b6:0c:85:02:92:b3:03:d8:cc:ef:74:d4:73:f5:
26:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:41:AC:1A:C0:48:AD:E0:9A:FA:F0:78:A9:70:43:37:07:FB:61:47
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/PkGsGsBIreCa-vB4qXBDNwf7YUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85::/48
Signature Algorithm: sha256WithRSAEncryption
6a:3f:9c:dd:5e:0b:41:b8:9e:bc:a0:07:72:8e:68:21:3c:cc:
88:b2:e1:20:f0:95:bb:81:fc:b3:c7:38:6b:5e:4c:8a:e7:a1:
3f:d7:86:88:04:7f:0b:61:49:dc:a5:b0:4a:03:ef:e0:8b:b1:
00:42:ad:92:49:44:dd:80:87:d8:93:06:7e:44:1d:98:a2:52:
06:cc:b2:41:39:bc:d0:50:51:5e:ff:72:f4:2e:bd:1f:0c:c1:
06:c0:7b:fe:f0:a5:58:a6:55:54:c2:c1:97:4c:25:c3:a0:1c:
7e:27:9b:59:5a:8d:22:90:0c:54:c5:39:fd:c8:06:70:f7:a7:
74:a2:d5:55:1f:ba:fe:48:ca:ec:37:88:4f:f9:10:9a:60:85:
10:27:c3:d9:d3:5d:a5:07:81:58:ca:ef:90:19:fa:d0:e5:06:
4d:10:bb:4f:66:97:94:9e:f5:19:d2:dd:02:83:85:14:d1:49:
1e:f3:34:d1:47:c5:f8:d6:45:6c:85:d4:c0:fd:ce:67:0d:3a:
c7:cf:9a:3c:89:91:ef:bb:df:38:1b:bf:2c:c9:79:c1:29:8b:
58:93:68:d7:39:f3:c9:a8:32:0d:4b:b9:21:61:b2:cd:ef:3f:
a9:fb:6c:5e:22:4e:a1:68:ff:58:6a:3c:1f:8a:cc:ce:79:fc:
4e:08:f4:b2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQz+K6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U0MWFjMWFjMDQ4
YWRlMDlhZmFmMDc4YTk3MDQzMzcwN2ZiNjE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEG9KtrXftKqha21mBwuoJYOa4m0wk7COFma5I2HB5V4EgE
wtJqvckwUNGCHdFP+1GsUGDtle9h3jw6nb35R5FxzJn0WmEQmWeIULRu7KULg1XN
GewsN47qEaPD0QfeDm5Nuh+lZ05rr3o0xb+c4iGk5jiVRHYeC9swztHqTDvONLML
Z7/9CIAlJ3ZroCEjCeqeMGl0ZmEVJ6ggNpMjbi58DvZn/vK0ve+QLviaeCbXMdCm
Cpxq74d5XVSb2APEBNtrGEokDXiE1tWTnIAy6k1eiQKpB2zYn0ZhAKh6Iix5+5fZ
QFRDu8B7TbwQZLGufrYMhQKSswPYzO901HP1JtMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ+QawawEit4Jr68HipcEM3B/thRzAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L1BrR3NHc0JJcmVDYS12QjRxWEJETndmN1lVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4UAADANBgkqhkiG9w0BAQsF
AAOCAQEAaj+c3V4LQbievKAHco5oITzMiLLhIPCVu4H8s8c4a15MiuehP9eGiAR/
C2FJ3KWwSgPv4IuxAEKtkklE3YCH2JMGfkQdmKJSBsyyQTm80FBRXv9y9C69HwzB
BsB7/vClWKZVVMLBl0wlw6AcfiebWVqNIpAMVMU5/cgGcPendKLVVR+6/kjK7DeI
T/kQmmCFECfD2dNdpQeBWMrvkBn60OUGTRC7T2aXlJ71GdLdAoOFFNFJHvM00UfF
+NZFbIXUwP3OZw06x8+aPImR77vfOBu/LMl5wSmLWJNo1znzyagyDUu5IWGyze8/
qftsXiJOoWj/WGo8H4rMznn8Tgj0sg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org