Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/2ffghQgWAgC27Kg3GIDdJIT6lMg.roa
File: 2ffghQgWAgC27Kg3GIDdJIT6lMg.roa (raw, json)
Hash identifier: 7/djWnawc33R6KzoZQ/sRvuRCcR8pkQGla5sRolGpOQ=
Subject key identifier: D9:F7:E0:85:08:16:02:00:B6:EC:A8:37:18:80:DD:24:84:FA:94:C8
Certificate issuer: /CN=23f1e09f0e6ed891ad17d6ce4a3c7328d759b4c8
Certificate serial: 0B8E4C1D
Authority key identifier: 23:F1:E0:9F:0E:6E:D8:91:AD:17:D6:CE:4A:3C:73:28:D7:59:B4:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/2ffghQgWAgC27Kg3GIDdJIT6lMg.roa
Signing time: Sat 01 Jan 2022 10:55:26 +0000
ROA not before: Sat 01 Jan 2022 10:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8995
IP address blocks: 2001:678:394::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193874973 (0xb8e4c1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f1e09f0e6ed891ad17d6ce4a3c7328d759b4c8
Validity
Not Before: Jan 1 10:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9f7e08508160200b6eca8371880dd2484fa94c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:46:71:f4:7c:71:6c:68:c9:0f:12:17:94:05:
0b:b7:da:b3:91:94:f6:81:24:63:49:7b:e4:16:0f:
9b:cb:e1:85:e2:af:48:22:2c:3e:3f:64:f6:47:14:
d7:92:1d:06:10:54:ab:76:31:8d:01:4a:12:00:00:
c8:ac:2b:29:3b:a1:9b:62:60:93:9a:b7:48:b2:52:
0b:8d:1b:bc:83:b1:1a:64:26:a7:c7:3e:4a:24:ba:
5d:14:b9:20:36:82:78:8b:1a:d8:e3:06:58:15:8c:
bc:da:9e:84:4e:c0:db:cb:fb:0e:7d:95:2c:b9:1c:
b7:51:d9:96:98:f5:6f:6e:77:6d:bf:12:51:a2:5f:
d1:25:11:b0:49:26:9f:46:1c:f1:c5:7f:74:e3:5f:
70:95:27:72:ea:f3:88:43:da:e2:22:96:a4:84:3f:
8f:1c:ac:55:4d:31:8f:2c:2c:30:66:74:bd:94:29:
b2:f8:3f:74:88:94:b5:98:e6:b0:e1:74:ee:68:8b:
62:d2:eb:1f:1d:0d:06:00:6d:de:cd:23:5c:a7:47:
2c:73:af:56:64:54:86:f0:e9:36:7b:77:fc:1d:08:
6c:20:85:f0:59:10:f5:d1:42:59:23:02:2a:c3:e4:
e5:61:11:8b:e2:6b:4e:da:ae:85:2e:ee:bb:46:33:
0c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F7:E0:85:08:16:02:00:B6:EC:A8:37:18:80:DD:24:84:FA:94:C8
X509v3 Authority Key Identifier:
keyid:23:F1:E0:9F:0E:6E:D8:91:AD:17:D6:CE:4A:3C:73:28:D7:59:B4:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/2ffghQgWAgC27Kg3GIDdJIT6lMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:394::/48
Signature Algorithm: sha256WithRSAEncryption
8a:4e:00:03:f4:f6:c4:74:e3:f8:e4:c5:6a:6a:b2:f7:cd:ee:
04:80:49:2a:ed:57:39:9e:9f:17:ea:c3:db:a2:54:21:2f:c3:
5a:92:ae:f5:14:e1:11:c6:1c:e6:83:12:e9:e1:50:1b:d0:ab:
80:8a:68:03:60:45:ba:d4:5b:a1:4b:e2:81:ca:15:ed:c4:21:
59:97:27:3e:bc:27:2b:6e:6d:cb:c2:64:ee:5f:73:22:72:16:
f8:4c:c8:c8:59:bf:79:49:e8:58:5f:d4:af:f8:24:6a:f9:30:
7f:36:cb:ad:b2:ff:bb:90:ae:05:75:6b:e4:c1:a0:29:61:c8:
34:a5:37:5e:8d:89:ca:a8:f8:57:c9:df:ee:df:e4:c4:0e:3c:
fc:1f:51:df:23:08:a9:a7:ee:05:52:78:f6:25:fb:8f:c3:93:
a4:34:bd:d1:24:77:82:33:2f:01:e6:1f:73:c9:74:0e:6a:78:
7d:97:c2:cb:93:53:77:74:f2:98:19:b1:be:9b:bc:c4:24:7f:
ba:fc:84:85:ef:f8:0f:9d:85:a1:eb:99:ae:c9:2a:27:0d:9a:
24:5a:28:47:07:fd:8e:fb:20:7f:4b:db:7d:e5:02:ff:ba:0e:
7f:a1:2d:54:27:a7:e9:5d:8e:db:99:27:59:73:39:8c:e3:b3:
ff:c1:65:91
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC45MHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2YxZTA5ZjBlNmVkODkxYWQxN2Q2Y2U0YTNjNzMyOGQ3NTliNGM4MB4XDTIyMDEw
MTEwNTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlmN2UwODUwODE2
MDIwMGI2ZWNhODM3MTg4MGRkMjQ4NGZhOTRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpGcfR8cWxoyQ8SF5QFC7fas5GU9oEkY0l75BYPm8vhheKv
SCIsPj9k9kcU15IdBhBUq3YxjQFKEgAAyKwrKTuhm2Jgk5q3SLJSC40bvIOxGmQm
p8c+SiS6XRS5IDaCeIsa2OMGWBWMvNqehE7A28v7Dn2VLLkct1HZlpj1b253bb8S
UaJf0SURsEkmn0Yc8cV/dONfcJUncurziEPa4iKWpIQ/jxysVU0xjywsMGZ0vZQp
svg/dIiUtZjmsOF07miLYtLrHx0NBgBt3s0jXKdHLHOvVmRUhvDpNnt3/B0IbCCF
8FkQ9dFCWSMCKsPk5WERi+JrTtquhS7uu0YzDJECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTZ9+CFCBYCALbsqDcYgN0khPqUyDAfBgNVHSMEGDAWgBQj8eCfDm7Yka0X
1s5KPHMo11m0yDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lfSGdudzV1MkpHdEY5Yk9Tanh6S05kWnRNZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvOTU1ZWQxLThiNDAtNDE4NS04NGE5LTJkZGNmNTZhNzYzZS8x
LzJmZmdoUWdXQWdDMjdLZzNHSURkSklUNmxNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
OTU1ZWQxLThiNDAtNDE4NS04NGE5LTJkZGNmNTZhNzYzZS8xL0lfSGdudzV1MkpH
dEY5Yk9Tanh6S05kWnRNZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngDlDANBgkqhkiG9w0BAQsF
AAOCAQEAik4AA/T2xHTj+OTFamqy983uBIBJKu1XOZ6fF+rD26JUIS/DWpKu9RTh
EcYc5oMS6eFQG9CrgIpoA2BFutRboUvigcoV7cQhWZcnPrwnK25ty8Jk7l9zInIW
+EzIyFm/eUnoWF/Ur/gkavkwfzbLrbL/u5CuBXVr5MGgKWHINKU3Xo2Jyqj4V8nf
7t/kxA48/B9R3yMIqafuBVJ49iX7j8OTpDS90SR3gjMvAeYfc8l0Dmp4fZfCy5NT
d3TymBmxvpu8xCR/uvyEhe/4D52FoeuZrskqJw2aJFooRwf9jvsgf0vbfeUC/7oO
f6EtVCen6V2O25knWXM5jOOz/8FlkQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:41 2023 by rpki-client on console-ams.rpki-client.org