Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/n9ECh7YttcGRGaRL0KVh0AYWsro.roa
File: n9ECh7YttcGRGaRL0KVh0AYWsro.roa (raw, json)
Hash identifier: /pX0g0gLA2j03MkcY9WPNBEbHxq/YMGqtj7ENgMgxOs=
Subject key identifier: 9F:D1:02:87:B6:2D:B5:C1:91:19:A4:4B:D0:A5:61:D0:06:16:B2:BA
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 0182EA46362525B51D9CA3A0C8C3B0ED8621
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/n9ECh7YttcGRGaRL0KVh0AYWsro.roa
Signing time: Mon 29 Aug 2022 15:44:05 +0000
ROA not before: Mon 29 Aug 2022 15:44:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62392
IP address blocks: 2001:67c:1810::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:46:36:25:25:b5:1d:9c:a3:a0:c8:c3:b0:ed:86:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Aug 29 15:44:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fd10287b62db5c19119a44bd0a561d00616b2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c8:57:26:d8:ea:e7:65:23:7e:21:a6:00:ca:
40:d9:67:f5:53:64:8a:d8:cf:fb:fe:83:a5:72:e2:
46:74:5c:88:30:9f:e4:01:33:59:5f:99:10:d3:db:
03:94:f9:ba:af:51:f7:f1:2c:8a:1d:94:22:76:61:
26:22:5b:5a:9d:ec:fd:10:6b:0b:50:7d:f5:6e:aa:
f0:ac:09:d9:ea:fe:dd:f5:e6:2a:aa:b2:6c:30:ec:
36:d1:c1:df:1e:5d:50:d5:80:87:c4:8d:a6:94:c3:
c5:8f:cd:85:ff:f7:17:11:2b:66:04:97:5d:61:ed:
5a:9b:e8:80:20:5e:ef:8c:8b:2f:e8:d8:63:96:ae:
93:cc:b5:aa:82:76:e2:c5:9c:d5:9d:b0:cd:c9:9f:
0d:2d:ac:31:ce:05:33:37:60:a6:a1:02:77:8a:35:
2e:ed:e8:21:01:0b:33:88:e1:39:61:20:b8:24:49:
c7:87:14:1f:53:c3:22:85:54:37:b2:94:cc:94:6d:
9d:66:e5:90:ee:61:01:95:c7:54:e2:01:9d:76:cd:
f1:2a:0e:45:03:9a:63:be:41:43:44:ac:b8:52:d1:
4a:bf:e9:49:12:d3:b1:fa:b6:40:14:ee:d3:72:76:
ea:15:45:65:f3:29:39:84:3d:5b:f9:fe:49:79:6e:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D1:02:87:B6:2D:B5:C1:91:19:A4:4B:D0:A5:61:D0:06:16:B2:BA
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/n9ECh7YttcGRGaRL0KVh0AYWsro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1810::/48
Signature Algorithm: sha256WithRSAEncryption
7a:85:ae:48:db:cd:70:49:f9:85:7b:6a:a9:25:2d:9d:c8:5d:
f0:1e:0b:57:3b:0b:47:c2:63:59:3b:61:41:ca:14:20:26:8a:
98:52:d4:b4:20:13:3d:61:53:f5:62:64:ee:25:f7:7f:b2:a7:
25:4a:ba:6b:44:cf:16:11:3f:4c:0a:c4:5b:5c:7c:c1:4a:f3:
34:10:c5:5b:81:aa:09:d1:7d:b0:9b:cb:d7:18:c9:c1:69:14:
ae:0c:09:9c:7a:01:39:db:ae:bb:44:92:76:e5:fe:a3:5a:3e:
b8:7c:3b:f9:a9:58:15:71:48:63:d2:8a:df:e1:e9:af:48:b7:
d7:4d:54:df:e9:b8:a0:c2:b5:ba:41:d0:ce:67:ac:83:0d:5a:
fd:f5:c0:f5:91:61:da:5e:85:e0:a6:f0:45:11:8b:27:02:2a:
72:1e:15:69:08:4f:08:65:16:ee:0b:8e:d1:ef:92:8d:84:c1:
43:6b:5a:47:76:7f:2c:cc:a0:36:ba:d1:3f:b1:d8:08:6b:23:
70:6a:ff:64:c8:8d:9a:3e:82:48:b1:23:8d:91:bf:54:8b:9e:
18:bb:96:05:5e:f9:66:6b:07:05:8f:17:49:62:a1:94:10:6a:
23:44:08:e6:5d:87:40:cb:77:a3:07:28:c5:a8:74:70:3f:c2:
1c:7d:6d:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLqRjYlJbUdnKOgyMOw7YYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjIwODI5MTU0NDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQxMDI4N2I2MmRiNWMxOTExOWE0NGJkMGE1NjFkMDA2MTZiMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMhXJtjq52UjfiGmAMpA2Wf1U2SK
2M/7/oOlcuJGdFyIMJ/kATNZX5kQ09sDlPm6r1H38SyKHZQidmEmIltanez9EGsL
UH31bqrwrAnZ6v7d9eYqqrJsMOw20cHfHl1Q1YCHxI2mlMPFj82F//cXEStmBJdd
Ye1am+iAIF7vjIsv6Nhjlq6TzLWqgnbixZzVnbDNyZ8NLawxzgUzN2CmoQJ3ijUu
7eghAQsziOE5YSC4JEnHhxQfU8MihVQ3spTMlG2dZuWQ7mEBlcdU4gGdds3xKg5F
A5pjvkFDRKy4UtFKv+lJEtOx+rZAFO7TcnbqFUVl8yk5hD1b+f5JeW5biwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ/RAoe2LbXBkRmkS9ClYdAGFrK6MB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvbjlFQ2g3WXR0Y0dSR2FSTDBLVmgwQVlXc3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB6ha5I281wSfmFe2qpJS2dyF3wHgtXOwtHwmNZ
O2FByhQgJoqYUtS0IBM9YVP1YmTuJfd/sqclSrprRM8WET9MCsRbXHzBSvM0EMVb
gaoJ0X2wm8vXGMnBaRSuDAmcegE52667RJJ25f6jWj64fDv5qVgVcUhj0orf4emv
SLfXTVTf6bigwrW6QdDOZ6yDDVr99cD1kWHaXoXgpvBFEYsnAipyHhVpCE8IZRbu
C47R75KNhMFDa1pHdn8szKA2utE/sdgIayNwav9kyI2aPoJIsSONkb9Ui54Yu5YF
XvlmawcFjxdJYqGUEGojRAjmXYdAy3ejByjFqHRwP8IcfW1J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:29 2024 by rpki-client on console-ams.rpki-client.org