Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DrxzhiaSHqQBYdeVkdoS3-Ps88Q.roa
File: DrxzhiaSHqQBYdeVkdoS3-Ps88Q.roa (raw, json)
Hash identifier: KMeuesJeXvtgm7wC93GG6utFjwaezV2xJ1/5m+0O76k=
Subject key identifier: 0E:BC:73:86:26:92:1E:A4:01:61:D7:95:91:DA:12:DF:E3:EC:F3:C4
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 15409D9F
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DrxzhiaSHqQBYdeVkdoS3-Ps88Q.roa
Signing time: Sat 01 Jan 2022 07:52:51 +0000
ROA not before: Sat 01 Jan 2022 07:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202818
IP address blocks: 2001:4cd0:dc00:1200::/56 maxlen: 56
2001:4cd0:dc00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356556191 (0x15409d9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 07:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ebc738626921ea40161d79591da12dfe3ecf3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:88:33:ba:57:3b:a8:3b:3c:0c:b1:e3:5a:
c2:e2:65:e0:1a:37:89:f7:94:2f:af:d3:02:2a:ac:
bc:83:a0:7f:82:8d:6d:82:2d:e0:af:2d:4f:60:ad:
5b:f3:d8:2f:2b:41:d9:4c:14:e1:bd:71:f1:bc:00:
63:ba:72:22:a8:86:a8:b7:7a:83:f5:ed:5d:ec:38:
53:5f:65:71:df:41:f3:79:25:68:e9:53:02:c1:27:
55:3a:83:d0:ca:15:ea:89:ed:1d:54:d6:9d:3f:b2:
f1:c0:39:39:31:3d:b7:cf:b3:9b:a4:97:15:04:e7:
94:6b:b2:18:f1:41:83:a5:35:f3:c9:67:bc:e8:2e:
37:b3:f0:a7:b0:aa:67:4b:aa:6c:bf:9d:da:cd:66:
28:2d:7f:a0:c2:3b:3f:f1:a1:d5:89:97:f6:1d:4d:
30:14:33:3c:2a:6e:25:b1:b7:36:69:08:85:88:61:
7f:76:23:81:33:9d:a0:d3:6e:05:b1:bf:54:be:ec:
41:83:02:2a:13:6e:5f:62:89:75:cf:6f:fd:34:97:
0e:f8:6b:86:dc:d4:0b:1c:01:37:e1:03:b4:e5:49:
40:0b:71:b4:c1:c0:e0:74:2e:97:0a:ed:7d:87:1b:
51:38:4f:82:93:75:99:8d:e7:d0:10:9c:e9:d2:0f:
39:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BC:73:86:26:92:1E:A4:01:61:D7:95:91:DA:12:DF:E3:EC:F3:C4
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DrxzhiaSHqQBYdeVkdoS3-Ps88Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4cd0:dc00::/48
Signature Algorithm: sha256WithRSAEncryption
7b:c4:dd:e4:35:b6:d6:0f:8c:85:4e:de:af:52:48:d2:93:dd:
ee:27:83:b4:ac:96:18:67:3a:b9:eb:e5:fd:47:00:9a:e9:c1:
71:4a:8b:9f:3e:e8:7c:8e:32:e0:46:5d:5e:a2:0a:37:81:17:
8c:9d:a9:5b:89:c9:c4:09:85:b0:09:30:d3:5f:b6:31:b8:8c:
68:42:8d:ea:a0:c1:c3:8b:8f:7f:28:a5:59:9e:f5:ea:54:dd:
09:73:43:a9:b2:63:e9:31:e4:5f:f9:cb:38:a3:08:26:ed:34:
60:81:5a:27:12:89:fa:df:ea:04:ed:38:c7:40:28:48:4f:b8:
27:30:b8:89:6d:92:c6:06:3d:44:49:93:76:0e:0d:eb:97:9e:
99:d0:74:54:99:4c:90:51:bf:7a:df:98:a7:38:ca:49:f9:5c:
a5:52:7e:a6:98:65:e3:13:f4:b0:c3:be:48:d8:97:02:49:7a:
12:5f:61:fb:94:51:ee:e0:02:c5:11:95:92:93:77:e2:b5:db:
e7:79:25:49:4e:70:c1:24:0e:39:18:e5:27:e7:27:78:96:9b:
80:ef:69:fd:5e:8c:a6:4a:62:31:d1:91:72:77:22:5e:a3:d5:
e0:28:bf:05:f1:be:68:e5:f1:5e:28:7a:49:9e:d8:b2:55:db:
67:f2:aa:55
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFUCdnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmVkZDg1YzFlY2NiNWZmNGJhOTMwMTE3YTczMjkwOTljMGZmMmViMB4XDTIyMDEw
MTA3NTI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGViYzczODYyNjky
MWVhNDAxNjFkNzk1OTFkYTEyZGZlM2VjZjNjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1LiDO6VzuoOzwMseNawuJl4Bo3ifeUL6/TAiqsvIOgf4KN
bYIt4K8tT2CtW/PYLytB2UwU4b1x8bwAY7pyIqiGqLd6g/XtXew4U19lcd9B83kl
aOlTAsEnVTqD0MoV6ontHVTWnT+y8cA5OTE9t8+zm6SXFQTnlGuyGPFBg6U188ln
vOguN7Pwp7CqZ0uqbL+d2s1mKC1/oMI7P/Gh1YmX9h1NMBQzPCpuJbG3NmkIhYhh
f3YjgTOdoNNuBbG/VL7sQYMCKhNuX2KJdc9v/TSXDvhrhtzUCxwBN+EDtOVJQAtx
tMHA4HQulwrtfYcbUThPgpN1mY3n0BCc6dIPOXMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQOvHOGJpIepAFh15WR2hLf4+zzxDAfBgNVHSMEGDAWgBQ/7dhcHsy1/0up
MBF6cykJnA/y6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1AtM1lYQjdNdGY5THFUQVJlbk1wQ1p3UDh1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8x
L0RyeHpoaWFTSHFRQllkZVZrZG9TMy1Qczg4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8xL1AtM1lYQjdNdGY5
THFUQVJlbk1wQ1p3UDh1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABTNDcADANBgkqhkiG9w0BAQsF
AAOCAQEAe8Td5DW21g+MhU7er1JI0pPd7ieDtKyWGGc6uevl/UcAmunBcUqLnz7o
fI4y4EZdXqIKN4EXjJ2pW4nJxAmFsAkw01+2MbiMaEKN6qDBw4uPfyilWZ716lTd
CXNDqbJj6THkX/nLOKMIJu00YIFaJxKJ+t/qBO04x0AoSE+4JzC4iW2SxgY9REmT
dg4N65eemdB0VJlMkFG/et+YpzjKSflcpVJ+pphl4xP0sMO+SNiXAkl6El9h+5RR
7uACxRGVkpN34rXb53klSU5wwSQOORjlJ+cneJabgO9p/V6MpkpiMdGRcnciXqPV
4Ci/BfG+aOXxXih6SZ7YslXbZ/KqVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org