Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3cf75-40b9-4034-84b9-cccbc2ae6948/1/Mr19CLG8zOZMOa8JFDqGkx0PbbY.roa
File: Mr19CLG8zOZMOa8JFDqGkx0PbbY.roa (raw, json)
Hash identifier: QJ2NcMs+hVimwXsidv7GmK1h4jukX4CYukVQ3ZbW+z4=
Subject key identifier: 32:BD:7D:08:B1:BC:CC:E6:4C:39:AF:09:14:3A:86:93:1D:0F:6D:B6
Certificate issuer: /CN=04a312ba65e90bf8acf4f57324a30c0b6cbd1c2f
Certificate serial: 091B96E7
Authority key identifier: 04:A3:12:BA:65:E9:0B:F8:AC:F4:F5:73:24:A3:0C:0B:6C:BD:1C:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKMSumXpC_is9PVzJKMMC2y9HC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3cf75-40b9-4034-84b9-cccbc2ae6948/1/Mr19CLG8zOZMOa8JFDqGkx0PbbY.roa
Signing time: Sat 01 Jan 2022 08:57:49 +0000
ROA not before: Sat 01 Jan 2022 08:57:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43591
IP address blocks: 2001:67c:2028::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152803047 (0x91b96e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a312ba65e90bf8acf4f57324a30c0b6cbd1c2f
Validity
Not Before: Jan 1 08:57:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32bd7d08b1bccce64c39af09143a86931d0f6db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:93:a1:25:02:27:24:1d:d8:d4:40:aa:3b:65:
85:68:9e:7b:f5:db:aa:32:f7:2b:c5:60:aa:b9:4c:
47:e0:7e:87:54:cd:f8:aa:21:eb:9f:1c:1f:25:ce:
14:75:a2:43:37:5f:cd:13:8e:05:a8:8e:5e:c1:ed:
7c:9e:39:78:b6:ce:f7:6d:22:36:cb:63:33:79:4b:
ed:cc:f4:23:e0:1a:ec:cd:9d:66:a0:bf:8b:a4:f6:
31:af:fa:11:6c:76:24:13:7d:c3:ba:d1:76:1c:9c:
36:f8:c5:32:8f:2e:62:b0:36:2d:68:c2:6a:3b:b3:
97:0f:c7:f5:ef:8e:cb:23:94:6e:6a:6e:cf:83:a2:
fd:11:19:29:61:a0:97:bd:62:ae:e7:eb:9d:fe:c9:
f2:c1:7d:54:fb:56:9d:87:18:90:de:b1:0c:5a:b6:
97:1e:0e:1c:14:e3:1b:68:99:6c:33:47:09:9e:0f:
b1:ec:20:d0:c2:72:e8:f9:6f:6d:be:19:33:7c:94:
11:be:da:2b:29:de:47:17:d8:ee:c8:a4:0a:58:69:
26:7d:f0:bb:ef:1f:94:18:9c:9d:4a:95:96:e5:41:
ff:86:5d:0a:0c:e6:7d:58:91:6a:da:70:9a:ed:01:
25:f6:31:ca:fd:b8:b6:0a:9f:62:0c:b1:ec:b5:f7:
39:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BD:7D:08:B1:BC:CC:E6:4C:39:AF:09:14:3A:86:93:1D:0F:6D:B6
X509v3 Authority Key Identifier:
keyid:04:A3:12:BA:65:E9:0B:F8:AC:F4:F5:73:24:A3:0C:0B:6C:BD:1C:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKMSumXpC_is9PVzJKMMC2y9HC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3cf75-40b9-4034-84b9-cccbc2ae6948/1/Mr19CLG8zOZMOa8JFDqGkx0PbbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3cf75-40b9-4034-84b9-cccbc2ae6948/1/BKMSumXpC_is9PVzJKMMC2y9HC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2028::/48
Signature Algorithm: sha256WithRSAEncryption
41:d4:15:ea:da:5b:40:07:44:73:65:dd:87:78:e3:6a:eb:5b:
47:90:5b:26:08:33:3d:06:b7:66:4a:af:93:48:38:29:42:40:
65:74:fb:9d:2d:ff:ba:74:fd:57:c1:98:6b:5b:23:16:16:b6:
dc:c3:1d:12:4c:43:32:a8:4e:de:07:e6:99:14:bc:6f:fb:79:
ad:1d:c3:9a:df:96:93:19:11:c0:d3:9a:c4:a6:f2:a9:f7:68:
54:c6:98:fc:70:a8:ac:2e:7b:67:9e:dc:39:69:3a:1d:83:3b:
fa:21:36:de:8e:c9:21:67:c0:84:07:86:36:09:d2:04:14:a3:
df:8a:e3:e9:28:75:62:39:0f:8c:27:25:72:c4:9c:2a:e9:dd:
3b:2f:44:92:a6:c4:a3:aa:25:1f:0f:fd:c9:ab:d8:19:25:61:
a5:44:ed:8d:5f:89:78:2b:3d:eb:ea:88:17:67:ad:f2:f0:22:
53:bb:23:e9:66:9b:cf:36:6c:8d:61:2c:0b:66:2a:fe:89:b4:
1d:f3:9c:09:dd:a6:8e:bc:78:27:c4:4e:1e:f1:02:7f:82:5c:
c1:b1:a4:d7:29:01:73:59:29:28:69:54:1d:b5:99:61:5e:bd:
82:42:cc:34:3a:cc:f1:dd:9f:91:5b:d5:a9:51:72:ea:af:c9:
8c:42:fe:56
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECRuW5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEzMTJiYTY1ZTkwYmY4YWNmNGY1NzMyNGEzMGMwYjZjYmQxYzJmMB4XDTIyMDEw
MTA4NTc0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJiZDdkMDhiMWJj
Y2NlNjRjMzlhZjA5MTQzYTg2OTMxZDBmNmRiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOToSUCJyQd2NRAqjtlhWiee/XbqjL3K8VgqrlMR+B+h1TN
+Koh658cHyXOFHWiQzdfzROOBaiOXsHtfJ45eLbO920iNstjM3lL7cz0I+Aa7M2d
ZqC/i6T2Ma/6EWx2JBN9w7rRdhycNvjFMo8uYrA2LWjCajuzlw/H9e+OyyOUbmpu
z4Oi/REZKWGgl71irufrnf7J8sF9VPtWnYcYkN6xDFq2lx4OHBTjG2iZbDNHCZ4P
sewg0MJy6Plvbb4ZM3yUEb7aKyneRxfY7sikClhpJn3wu+8flBicnUqVluVB/4Zd
CgzmfViRatpwmu0BJfYxyv24tgqfYgyx7LX3OUUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQyvX0IsbzM5kw5rwkUOoaTHQ9ttjAfBgNVHSMEGDAWgBQEoxK6ZekL+Kz0
9XMkowwLbL0cLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLTVN1bVhwQ19pczlQVnpKS01NQzJ5OUhDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvZTNjZjc1LTQwYjktNDAzNC04NGI5LWNjY2JjMmFlNjk0OC8x
L01yMTlDTEc4ek9aTU9hOEpGRHFHa3gwUGJiWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
ZTNjZjc1LTQwYjktNDAzNC04NGI5LWNjY2JjMmFlNjk0OC8xL0JLTVN1bVhwQ19p
czlQVnpKS01NQzJ5OUhDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwgKDANBgkqhkiG9w0BAQsF
AAOCAQEAQdQV6tpbQAdEc2Xdh3jjautbR5BbJggzPQa3Zkqvk0g4KUJAZXT7nS3/
unT9V8GYa1sjFha23MMdEkxDMqhO3gfmmRS8b/t5rR3Dmt+WkxkRwNOaxKbyqfdo
VMaY/HCorC57Z57cOWk6HYM7+iE23o7JIWfAhAeGNgnSBBSj34rj6Sh1YjkPjCcl
csScKundOy9EkqbEo6olHw/9yavYGSVhpUTtjV+JeCs96+qIF2et8vAiU7sj6Wab
zzZsjWEsC2Yq/om0HfOcCd2mjrx4J8ROHvECf4JcwbGk1ykBc1kpKGlUHbWZYV69
gkLMNDrM8d2fkVvVqVFy6q/JjEL+Vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:42 2023 by rpki-client on console-ams.rpki-client.org