Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tC3s-dUbG8F7KzVWYfaZgs_pjjw.roa
File: tC3s-dUbG8F7KzVWYfaZgs_pjjw.roa (raw, json)
Hash identifier: M2piKSkKSA0YpjE3C2BTo1HPRSs4gnq3Jf4HJPbk3QY=
Subject key identifier: B4:2D:EC:F9:D5:1B:1B:C1:7B:2B:35:56:61:F6:99:82:CF:E9:8E:3C
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43439311
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tC3s-dUbG8F7KzVWYfaZgs_pjjw.roa
Signing time: Sat 01 Jan 2022 07:59:52 +0000
ROA not before: Sat 01 Jan 2022 07:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36236
IP address blocks: 2a03:f80:852::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128502033 (0x43439311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b42decf9d51b1bc17b2b355661f69982cfe98e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:c6:8d:7a:19:19:44:3f:2a:e0:5e:64:a1:
89:c2:cf:1b:37:57:05:5a:c8:52:86:14:b2:d3:9d:
ff:46:6e:e1:d0:4b:9a:99:0b:65:b3:f4:9f:0a:00:
77:b1:3a:b9:16:75:07:03:33:ea:80:19:65:5b:d8:
4c:a9:53:1f:4d:38:f3:3b:2e:66:ca:f3:5a:21:84:
41:37:18:34:06:9c:7b:e4:d6:a2:e7:d5:b6:39:b2:
7f:95:64:f9:4f:34:45:78:71:96:e1:b8:53:e5:66:
0b:d6:33:af:0b:73:df:7b:2e:f0:e7:3f:5c:80:3d:
83:b3:c4:11:0a:55:70:67:1e:6b:76:9d:0d:ae:90:
64:51:19:a0:df:e5:95:6f:df:77:66:7c:db:3f:66:
79:42:49:59:0b:ae:c2:e0:79:87:8a:d0:d7:0b:3a:
37:73:15:3f:99:ab:e0:f0:c3:20:1e:b5:24:9c:aa:
99:0c:fe:1d:c8:64:94:7c:5d:c6:3b:87:f3:6e:9f:
bc:e1:cc:2f:df:17:83:be:ae:60:58:22:57:7f:a4:
16:60:c2:4d:ce:5e:49:20:fb:2b:74:66:e7:fd:ba:
84:8f:e4:00:6c:57:a3:ed:ae:1e:b6:30:14:6b:63:
e1:e8:f1:39:ee:69:94:af:68:9a:85:ff:f3:bb:6a:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2D:EC:F9:D5:1B:1B:C1:7B:2B:35:56:61:F6:99:82:CF:E9:8E:3C
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tC3s-dUbG8F7KzVWYfaZgs_pjjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:852::/48
Signature Algorithm: sha256WithRSAEncryption
9c:67:e1:d0:8e:08:06:a7:d4:e9:d2:52:ca:89:e6:e9:ff:ec:
b1:87:1f:1d:65:57:6a:dc:b0:d4:55:d9:cc:68:27:c5:8d:73:
db:6d:71:f3:0a:86:f3:5f:40:2e:a6:b9:ba:75:b1:c1:96:d2:
a8:42:5d:2d:65:48:0a:93:70:ce:aa:26:8b:a0:5b:10:72:55:
30:8e:c8:28:17:0d:b6:53:fb:73:1f:97:e0:86:29:1a:f3:98:
0c:00:d7:e1:7c:73:a6:0a:61:ba:1b:c9:a9:38:69:87:32:36:
d2:69:e6:38:7f:22:c1:e9:ec:a0:ad:fb:17:3f:bc:d5:3d:b1:
c1:d8:84:41:fe:fb:37:84:ff:f7:ea:98:72:4d:a7:c2:9a:72:
a1:97:7e:ec:48:68:17:5d:87:8c:4c:56:1c:b9:ff:4b:52:25:
d1:98:ce:ae:bc:b9:84:21:7a:17:53:bf:52:09:d0:c0:8a:50:
e9:87:88:9a:62:28:c7:b0:48:4f:69:f4:36:7c:54:ce:05:be:
1f:01:74:53:12:e5:36:d2:ee:bb:ae:16:16:e0:7f:4b:ea:fd:
99:65:fe:e0:06:67:c1:cb:0b:15:ff:c4:b6:6a:0e:d2:2c:75:
ec:9f:e2:d8:a9:7d:68:dc:5c:96:e6:0e:75:0d:2a:75:4a:8a:
73:ac:d3:b2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ0OTETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQyZGVjZjlkNTFi
MWJjMTdiMmIzNTU2NjFmNjk5ODJjZmU5OGUzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzExo16GRlEPyrgXmShicLPGzdXBVrIUoYUstOd/0Zu4dBL
mpkLZbP0nwoAd7E6uRZ1BwMz6oAZZVvYTKlTH0048zsuZsrzWiGEQTcYNAace+TW
oufVtjmyf5Vk+U80RXhxluG4U+VmC9Yzrwtz33su8Oc/XIA9g7PEEQpVcGcea3ad
Da6QZFEZoN/llW/fd2Z82z9meUJJWQuuwuB5h4rQ1ws6N3MVP5mr4PDDIB61JJyq
mQz+HchklHxdxjuH826fvOHML98Xg76uYFgiV3+kFmDCTc5eSSD7K3Rm5/26hI/k
AGxXo+2uHrYwFGtj4ejxOe5plK9omoX/87tqFgMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS0Lez51RsbwXsrNVZh9pmCz+mOPDAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L3RDM3MtZFViRzhGN0t6VldZZmFaZ3NfcGpqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4AIUjANBgkqhkiG9w0BAQsF
AAOCAQEAnGfh0I4IBqfU6dJSyonm6f/ssYcfHWVXatyw1FXZzGgnxY1z221x8wqG
819ALqa5unWxwZbSqEJdLWVICpNwzqomi6BbEHJVMI7IKBcNtlP7cx+X4IYpGvOY
DADX4XxzpgphuhvJqThphzI20mnmOH8iwensoK37Fz+81T2xwdiEQf77N4T/9+qY
ck2nwppyoZd+7EhoF12HjExWHLn/S1Il0ZjOrry5hCF6F1O/UgnQwIpQ6YeImmIo
x7BIT2n0NnxUzgW+HwF0UxLlNtLuu64WFuB/S+r9mWX+4AZnwcsLFf/EtmoO0ix1
7J/i2Kl9aNxcluYOdQ0qdUqKc6zTsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org