Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3H3DedOrO7y7oj7T10kdi07gf3A.roa
File: 3H3DedOrO7y7oj7T10kdi07gf3A.roa (raw, json)
Hash identifier: b69jaNJX8JcyHL1Rgr6R1l061L78445gpvF6GJEbLV4=
Subject key identifier: DC:7D:C3:79:D3:AB:3B:BC:BB:A2:3E:D3:D7:49:1D:8B:4E:E0:7F:70
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 03FDFE54
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3H3DedOrO7y7oj7T10kdi07gf3A.roa
Signing time: Thu 23 Jun 2022 18:50:10 +0000
ROA not before: Thu 23 Jun 2022 18:50:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204508
IP address blocks: 2a05:4140:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66977364 (0x3fdfe54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jun 23 18:50:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc7dc379d3ab3bbcbba23ed3d7491d8b4ee07f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:aa:e5:9b:5e:25:63:5b:cd:1d:06:ce:a4:cd:
47:3b:85:96:7b:c9:2d:a8:aa:00:fa:09:f2:97:c5:
8f:b5:47:85:d3:f4:68:93:4b:5d:0f:6d:b1:78:6c:
cb:80:5e:c7:ac:6b:53:02:b4:c5:07:97:81:06:a3:
42:c1:41:4b:6c:aa:e3:87:64:06:df:32:27:aa:2e:
f0:60:6f:61:38:aa:6a:21:e0:79:a0:cc:69:20:58:
cb:5a:7b:70:d3:d7:48:b9:fb:6b:b9:21:df:2a:9b:
4a:b0:78:7f:86:a7:9f:fb:ff:ea:82:8a:35:78:54:
ba:df:c7:1f:30:16:5a:5c:ac:74:a4:cf:d0:d0:3d:
e3:82:15:25:af:bd:b2:57:02:60:8a:7e:3b:76:29:
e9:86:bf:5e:2f:1e:f6:cd:4c:74:61:11:b3:66:24:
23:32:d2:6b:65:35:fd:4c:d9:fd:81:60:89:ca:d5:
d6:3c:69:72:be:e8:ae:d3:75:6d:35:99:5e:73:1f:
97:4f:ca:7e:a2:1b:b4:ca:0c:0f:e5:88:d3:b7:c4:
d2:f7:0e:c1:7a:36:9f:7c:4e:c8:7c:e0:9c:3a:c4:
c4:ca:e4:b7:c9:1c:fa:0c:76:d6:93:ac:b6:8a:a5:
58:06:9d:fb:ce:c7:ff:7a:04:72:2e:ba:c6:e4:ed:
1a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7D:C3:79:D3:AB:3B:BC:BB:A2:3E:D3:D7:49:1D:8B:4E:E0:7F:70
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3H3DedOrO7y7oj7T10kdi07gf3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:21::/48
Signature Algorithm: sha256WithRSAEncryption
44:2c:8d:f5:43:e1:6b:54:18:58:ba:05:19:d8:45:33:98:df:
3b:b9:dd:bf:68:ad:12:0f:d7:fa:e6:7f:8e:85:5c:fb:36:31:
6b:11:6b:03:80:d4:60:5d:4a:23:8c:fb:ce:42:a8:a4:63:71:
c2:d4:14:9c:7d:4d:42:2b:57:66:d1:c1:5d:ad:e6:9a:bf:5e:
3b:d0:05:4f:d9:13:95:0f:bf:72:7d:5e:9d:31:3c:0d:8c:06:
91:3e:93:7d:06:84:cf:d3:b5:3c:ff:4e:2e:29:fa:dd:ce:5d:
bc:e8:e9:d9:db:5b:49:db:f6:6f:d9:c0:32:67:6b:e9:20:51:
6c:e4:43:04:eb:c8:ac:e2:aa:ff:33:ba:65:c7:9c:16:41:4c:
c6:1f:95:ac:b0:f8:ba:f2:1a:52:87:bf:a7:6b:ad:6a:a7:d9:
06:82:a0:84:96:2a:ee:86:58:84:de:0c:61:62:49:d1:0f:8f:
e3:38:7f:31:26:d9:bc:3f:da:5d:73:fe:f5:d0:ac:49:fd:3c:
0d:bb:e8:54:93:47:7f:6f:71:26:1d:82:58:01:8f:b3:76:52:
6f:56:3f:50:11:46:0b:c0:39:8f:5f:fb:27:29:41:5d:b8:33:
c9:1b:28:01:d4:5a:c9:fe:68:f3:43:fd:b0:6a:0c:4d:a1:1f:
65:2e:3f:5e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA/3+VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDYy
MzE4NTAxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM3ZGMzNzlkM2Fi
M2JiY2JiYTIzZWQzZDc0OTFkOGI0ZWUwN2Y3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiq5ZteJWNbzR0GzqTNRzuFlnvJLaiqAPoJ8pfFj7VHhdP0
aJNLXQ9tsXhsy4Bex6xrUwK0xQeXgQajQsFBS2yq44dkBt8yJ6ou8GBvYTiqaiHg
eaDMaSBYy1p7cNPXSLn7a7kh3yqbSrB4f4ann/v/6oKKNXhUut/HHzAWWlysdKTP
0NA944IVJa+9slcCYIp+O3Yp6Ya/Xi8e9s1MdGERs2YkIzLSa2U1/UzZ/YFgicrV
1jxpcr7ortN1bTWZXnMfl0/KfqIbtMoMD+WI07fE0vcOwXo2n3xOyHzgnDrExMrk
t8kc+gx21pOstoqlWAad+87H/3oEci66xuTtGiUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTcfcN506s7vLuiPtPXSR2LTuB/cDAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
LzNIM0RlZE9yTzd5N29qN1QxMGtkaTA3Z2YzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoFQUAAITANBgkqhkiG9w0BAQsF
AAOCAQEARCyN9UPha1QYWLoFGdhFM5jfO7ndv2itEg/X+uZ/joVc+zYxaxFrA4DU
YF1KI4z7zkKopGNxwtQUnH1NQitXZtHBXa3mmr9eO9AFT9kTlQ+/cn1enTE8DYwG
kT6TfQaEz9O1PP9OLin63c5dvOjp2dtbSdv2b9nAMmdr6SBRbORDBOvIrOKq/zO6
ZcecFkFMxh+VrLD4uvIaUoe/p2utaqfZBoKghJYq7oZYhN4MYWJJ0Q+P4zh/MSbZ
vD/aXXP+9dCsSf08DbvoVJNHf29xJh2CWAGPs3ZSb1Y/UBFGC8A5j1/7JylBXbgz
yRsoAdRayf5o80P9sGoMTaEfZS4/Xg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org