Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/0a51b7-6b5e-421a-bde2-c3da58b4ec4d/1/3dG8YaOnfwEC52wznegQhdeRtcc.roa
File: 3dG8YaOnfwEC52wznegQhdeRtcc.roa (raw, json)
Hash identifier: nBxxQM8wsgWMgEwbxMj3CEVd0N1IYtD0Za8RWxH/o3M=
Subject key identifier: DD:D1:BC:61:A3:A7:7F:01:02:E7:6C:33:9D:E8:10:85:D7:91:B5:C7
Certificate issuer: /CN=d26741d31d28d3865dd5381dfbd0bea2f66ff323
Certificate serial: 0846C32E
Authority key identifier: D2:67:41:D3:1D:28:D3:86:5D:D5:38:1D:FB:D0:BE:A2:F6:6F:F3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mdB0x0o04Zd1Tgd-9C-ovZv8yM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/0a51b7-6b5e-421a-bde2-c3da58b4ec4d/1/3dG8YaOnfwEC52wznegQhdeRtcc.roa
Signing time: Sat 01 Jan 2022 14:55:39 +0000
ROA not before: Sat 01 Jan 2022 14:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208824
IP address blocks: 2001:67c:1804::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138855214 (0x846c32e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26741d31d28d3865dd5381dfbd0bea2f66ff323
Validity
Not Before: Jan 1 14:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddd1bc61a3a77f0102e76c339de81085d791b5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dd:7f:dc:d0:90:97:ec:31:c0:07:0a:2c:5f:
21:00:0b:4d:91:f7:07:52:bb:38:49:f7:7a:7b:1e:
38:87:58:d3:42:ea:87:78:f7:30:06:3d:ee:83:87:
5c:12:78:bf:9c:63:45:7c:90:de:42:9d:73:94:74:
7b:75:b0:0c:ef:47:e7:37:fc:cf:1e:99:14:c9:48:
a7:c1:d2:67:96:47:b9:41:db:29:7d:52:e5:c3:fd:
52:1f:91:01:01:02:03:5a:a6:f7:d7:2b:0d:ea:3c:
05:8d:73:07:03:cf:50:11:45:10:d9:4f:16:25:c4:
b7:18:98:96:63:52:33:b7:9d:47:93:99:8b:17:60:
50:31:99:f5:7a:c8:15:1c:78:05:d8:3b:18:25:3e:
ee:05:70:5d:9c:57:23:cc:b7:b5:c4:05:98:5c:76:
64:89:b8:0b:b7:5c:0c:33:b6:c6:bb:f6:ee:24:9f:
bc:a2:8f:46:b0:fb:09:2e:4a:b5:d3:dc:11:6b:f8:
06:b8:5c:dc:eb:e2:33:81:66:c0:67:5f:dc:59:21:
7d:e7:5b:87:e6:46:08:fb:f4:0b:c9:a9:85:23:13:
75:e5:17:55:98:e1:86:29:73:75:b1:b9:83:07:c1:
8e:fa:de:4e:1a:9f:1a:16:2a:9b:2d:78:58:e9:e3:
90:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D1:BC:61:A3:A7:7F:01:02:E7:6C:33:9D:E8:10:85:D7:91:B5:C7
X509v3 Authority Key Identifier:
keyid:D2:67:41:D3:1D:28:D3:86:5D:D5:38:1D:FB:D0:BE:A2:F6:6F:F3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mdB0x0o04Zd1Tgd-9C-ovZv8yM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/0a51b7-6b5e-421a-bde2-c3da58b4ec4d/1/3dG8YaOnfwEC52wznegQhdeRtcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/0a51b7-6b5e-421a-bde2-c3da58b4ec4d/1/0mdB0x0o04Zd1Tgd-9C-ovZv8yM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1804::/48
Signature Algorithm: sha256WithRSAEncryption
87:7a:36:5b:5b:e0:54:1c:79:47:c5:40:d4:c8:81:8a:c2:ec:
f1:8d:3a:c8:d2:78:69:59:f6:2f:b7:49:ca:63:b2:2e:0f:4b:
ba:3a:4a:95:c4:22:5c:df:03:bf:23:72:be:39:db:c8:a4:1f:
f3:32:f6:6e:f2:a1:5f:8c:70:2b:13:05:86:49:c0:13:94:fc:
dc:49:a1:2f:f0:12:6f:4d:d0:38:da:d1:d9:3a:72:03:43:90:
f7:71:89:6e:1b:18:06:23:ce:90:a1:1a:27:e7:32:0e:39:66:
de:d9:a8:b0:86:8e:e7:53:b7:59:66:b0:18:24:b3:54:a7:03:
d0:e7:7f:f4:70:75:a8:05:f5:4d:18:51:6b:20:d3:65:06:51:
4d:d8:b8:41:23:80:1b:dd:b3:4c:a1:09:a0:54:4f:72:a2:45:
fb:6d:bd:0c:cf:2a:21:38:63:1b:2a:09:51:01:a5:32:79:cd:
04:01:2e:f5:3d:b0:21:90:52:cf:e9:46:9d:43:4f:c0:42:7d:
57:48:7c:4c:5d:de:55:75:6e:70:34:9b:a3:c1:79:77:1e:32:
18:60:8e:5a:f1:15:f0:28:29:70:84:6a:33:1a:7f:64:ce:85:
47:93:6f:64:72:67:2e:c1:51:30:f6:b9:3b:0f:bb:6e:f3:99:
cc:fc:e6:ce
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECEbDLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjY3NDFkMzFkMjhkMzg2NWRkNTM4MWRmYmQwYmVhMmY2NmZmMzIzMB4XDTIyMDEw
MTE0NTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRkMWJjNjFhM2E3
N2YwMTAyZTc2YzMzOWRlODEwODVkNzkxYjVjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/df9zQkJfsMcAHCixfIQALTZH3B1K7OEn3enseOIdY00Lq
h3j3MAY97oOHXBJ4v5xjRXyQ3kKdc5R0e3WwDO9H5zf8zx6ZFMlIp8HSZ5ZHuUHb
KX1S5cP9Uh+RAQECA1qm99crDeo8BY1zBwPPUBFFENlPFiXEtxiYlmNSM7edR5OZ
ixdgUDGZ9XrIFRx4Bdg7GCU+7gVwXZxXI8y3tcQFmFx2ZIm4C7dcDDO2xrv27iSf
vKKPRrD7CS5KtdPcEWv4Brhc3OviM4FmwGdf3Fkhfedbh+ZGCPv0C8mphSMTdeUX
VZjhhilzdbG5gwfBjvreThqfGhYqmy14WOnjkMsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTd0bxho6d/AQLnbDOd6BCF15G1xzAfBgNVHSMEGDAWgBTSZ0HTHSjThl3V
OB370L6i9m/zIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBtZEIweDBvMDRaZDFUZ2QtOUMtb3Zadjh5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvMGE1MWI3LTZiNWUtNDIxYS1iZGUyLWMzZGE1OGI0ZWM0ZC8x
LzNkRzhZYU9uZndFQzUyd3puZWdRaGRlUnRjYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
MGE1MWI3LTZiNWUtNDIxYS1iZGUyLWMzZGE1OGI0ZWM0ZC8xLzBtZEIweDBvMDRa
ZDFUZ2QtOUMtb3Zadjh5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwYBDANBgkqhkiG9w0BAQsF
AAOCAQEAh3o2W1vgVBx5R8VA1MiBisLs8Y06yNJ4aVn2L7dJymOyLg9LujpKlcQi
XN8DvyNyvjnbyKQf8zL2bvKhX4xwKxMFhknAE5T83EmhL/ASb03QONrR2TpyA0OQ
93GJbhsYBiPOkKEaJ+cyDjlm3tmosIaO51O3WWawGCSzVKcD0Od/9HB1qAX1TRhR
ayDTZQZRTdi4QSOAG92zTKEJoFRPcqJF+229DM8qIThjGyoJUQGlMnnNBAEu9T2w
IZBSz+lGnUNPwEJ9V0h8TF3eVXVucDSbo8F5dx4yGGCOWvEV8CgpcIRqMxp/ZM6F
R5NvZHJnLsFRMPa5Ow+7bvOZzPzmzg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:26 2023 by rpki-client on console-ams.rpki-client.org