Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/846a03-de24-485b-b9b7-c4bc803d893f/1/PKTaXLZ0F3JitkDUKE65LC9KaOQ.roa
File: PKTaXLZ0F3JitkDUKE65LC9KaOQ.roa (raw, json)
Hash identifier: eLqZ1+OTgKcdBxOEUiLesxFpmBaqplTtzX3HBZ7o2XA=
Subject key identifier: 3C:A4:DA:5C:B6:74:17:72:62:B6:40:D4:28:4E:B9:2C:2F:4A:68:E4
Certificate issuer: /CN=f1003d2c71ab076991fb03ed6600bf1d48b72be5
Certificate serial: 015AB199
Authority key identifier: F1:00:3D:2C:71:AB:07:69:91:FB:03:ED:66:00:BF:1D:48:B7:2B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QA9LHGrB2mR-wPtZgC_HUi3K-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/846a03-de24-485b-b9b7-c4bc803d893f/1/PKTaXLZ0F3JitkDUKE65LC9KaOQ.roa
Signing time: Sat 01 Jan 2022 14:56:10 +0000
ROA not before: Sat 01 Jan 2022 14:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56951
IP address blocks: 2001:678:fd4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22720921 (0x15ab199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1003d2c71ab076991fb03ed6600bf1d48b72be5
Validity
Not Before: Jan 1 14:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ca4da5cb674177262b640d4284eb92c2f4a68e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:69:8f:22:1d:9d:b6:a8:04:28:91:a5:e6:64:
ee:df:7d:59:f2:bc:6f:fe:c2:0a:ca:1f:d2:0e:15:
dd:8b:10:ce:14:0d:e2:6a:4d:30:aa:22:5b:5a:7c:
12:8a:e2:11:14:b1:3c:a6:3b:18:a7:e1:cf:6d:0b:
e5:97:78:2c:b9:d3:46:02:93:03:19:54:9b:2c:67:
e0:31:b6:3b:ad:56:42:bd:03:5e:54:67:37:4f:24:
95:39:8a:10:fb:b5:7d:89:65:55:68:89:5b:2b:bb:
dd:7f:de:f5:1d:c1:3c:9e:35:fd:5f:59:c4:8f:ac:
ab:04:a2:a5:2f:db:75:4d:98:dd:4d:ed:a4:1f:ca:
b7:4d:d2:2b:bd:cb:2a:11:fd:18:14:8d:9a:48:32:
29:18:85:e3:09:1a:f8:bc:cb:7a:a0:a2:94:b7:42:
21:f2:2e:e9:0c:ca:8e:fa:90:1e:cc:e9:d6:0a:fe:
23:98:d5:2f:99:2c:30:64:80:5e:b2:d7:b3:9a:05:
dc:24:28:3b:4a:b5:a9:49:ef:49:26:d4:2b:bc:2a:
b5:2c:9f:70:da:dc:c0:21:36:13:cd:33:18:bd:e6:
7f:df:e4:2d:dc:8f:ed:19:80:11:29:ce:8c:8b:b0:
91:62:2f:9a:6e:d7:ad:a3:ff:fe:cd:2c:c8:39:e0:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A4:DA:5C:B6:74:17:72:62:B6:40:D4:28:4E:B9:2C:2F:4A:68:E4
X509v3 Authority Key Identifier:
keyid:F1:00:3D:2C:71:AB:07:69:91:FB:03:ED:66:00:BF:1D:48:B7:2B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QA9LHGrB2mR-wPtZgC_HUi3K-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/846a03-de24-485b-b9b7-c4bc803d893f/1/PKTaXLZ0F3JitkDUKE65LC9KaOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/846a03-de24-485b-b9b7-c4bc803d893f/1/8QA9LHGrB2mR-wPtZgC_HUi3K-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fd4::/48
Signature Algorithm: sha256WithRSAEncryption
74:05:cc:3f:2c:34:58:bc:e1:8f:2b:98:17:5d:60:72:07:09:
cb:2d:c4:00:9f:ff:5b:78:cf:89:5a:0c:82:f4:74:df:20:55:
cf:25:a5:16:c6:60:13:2e:f2:4d:58:cd:dc:5c:01:5b:07:ab:
3a:79:a0:f8:1d:0d:4d:0f:6b:98:f4:69:e1:7f:d0:e3:f4:3b:
6b:5c:ab:21:d7:a8:e8:01:04:a5:aa:d0:5b:b8:38:a9:89:bf:
ff:7b:d8:75:27:c2:8b:0f:88:4c:8d:80:11:0a:4f:46:c4:3f:
88:0c:cc:52:60:86:7b:b0:98:06:f1:f7:9d:05:da:79:3d:49:
de:76:a6:c0:21:24:4b:b1:94:b4:57:0a:08:cd:48:e6:2d:95:
d1:59:7a:76:63:41:f0:30:7e:01:ff:f2:fb:9f:45:47:b5:d3:
8e:65:19:f2:33:fc:47:a9:7b:99:9d:84:be:37:92:8a:c6:af:
cb:47:e0:0d:ee:3d:d0:ea:f9:9d:0b:6d:b6:46:55:84:90:39:
57:66:a6:d7:af:26:af:7e:e8:d0:b5:35:2e:3f:b5:01:f6:21:
a0:2e:47:44:6f:13:c3:57:8f:4b:72:de:e5:19:07:8f:ff:09:
25:de:2d:e8:54:01:ca:29:e7:65:22:ba:5d:98:ab:69:6e:26:
ca:aa:43:4e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVqxmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTAwM2QyYzcxYWIwNzY5OTFmYjAzZWQ2NjAwYmYxZDQ4YjcyYmU1MB4XDTIyMDEw
MTE0NTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NhNGRhNWNiNjc0
MTc3MjYyYjY0MGQ0Mjg0ZWI5MmMyZjRhNjhlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRpjyIdnbaoBCiRpeZk7t99WfK8b/7CCsof0g4V3YsQzhQN
4mpNMKoiW1p8EoriERSxPKY7GKfhz20L5Zd4LLnTRgKTAxlUmyxn4DG2O61WQr0D
XlRnN08klTmKEPu1fYllVWiJWyu73X/e9R3BPJ41/V9ZxI+sqwSipS/bdU2Y3U3t
pB/Kt03SK73LKhH9GBSNmkgyKRiF4wka+LzLeqCilLdCIfIu6QzKjvqQHszp1gr+
I5jVL5ksMGSAXrLXs5oF3CQoO0q1qUnvSSbUK7wqtSyfcNrcwCE2E80zGL3mf9/k
LdyP7RmAESnOjIuwkWIvmm7XraP//s0syDngx3cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ8pNpctnQXcmK2QNQoTrksL0po5DAfBgNVHSMEGDAWgBTxAD0scasHaZH7
A+1mAL8dSLcr5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhRQTlMSEdyQjJtUi13UHRaZ0NfSFVpM0stVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvODQ2YTAzLWRlMjQtNDg1Yi1iOWI3LWM0YmM4MDNkODkzZi8x
L1BLVGFYTFowRjNKaXRrRFVLRTY1TEM5S2FPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ODQ2YTAzLWRlMjQtNDg1Yi1iOWI3LWM0YmM4MDNkODkzZi8xLzhRQTlMSEdyQjJt
Ui13UHRaZ0NfSFVpM0stVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngP1DANBgkqhkiG9w0BAQsF
AAOCAQEAdAXMPyw0WLzhjyuYF11gcgcJyy3EAJ//W3jPiVoMgvR03yBVzyWlFsZg
Ey7yTVjN3FwBWwerOnmg+B0NTQ9rmPRp4X/Q4/Q7a1yrIdeo6AEEparQW7g4qYm/
/3vYdSfCiw+ITI2AEQpPRsQ/iAzMUmCGe7CYBvH3nQXaeT1J3namwCEkS7GUtFcK
CM1I5i2V0Vl6dmNB8DB+Af/y+59FR7XTjmUZ8jP8R6l7mZ2EvjeSisavy0fgDe49
0Or5nQtttkZVhJA5V2am168mr37o0LU1Lj+1AfYhoC5HRG8Tw1ePS3Le5RkHj/8J
Jd4t6FQByinnZSK6XZiraW4myqpDTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org