Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/9639b2-a9da-4373-b651-8637abf731f3/1/3NdWj8XQhojWsxIs9D5_hEr5LOw.roa
File: 3NdWj8XQhojWsxIs9D5_hEr5LOw.roa (raw, json)
Hash identifier: X2fqPD+9D/5xOXUqt4GNvB5xEKo1E0LJreJk8btAbew=
Subject key identifier: DC:D7:56:8F:C5:D0:86:88:D6:B3:12:2C:F4:3E:7F:84:4A:F9:2C:EC
Certificate issuer: /CN=e8965057f4aa099b0a919f3f0bd4a6488e30c348
Certificate serial: 01856D385D9C05AF95B776B8353997F40516
Authority key identifier: E8:96:50:57:F4:AA:09:9B:0A:91:9F:3F:0B:D4:A6:48:8E:30:C3:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6JZQV_SqCZsKkZ8_C9SmSI4ww0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/9639b2-a9da-4373-b651-8637abf731f3/1/3NdWj8XQhojWsxIs9D5_hEr5LOw.roa
Signing time: Sun 01 Jan 2023 12:04:48 +0000
ROA not before: Sun 01 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1103
IP address blocks: 2001:67c:262c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5d:9c:05:af:95:b7:76:b8:35:39:97:f4:05:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8965057f4aa099b0a919f3f0bd4a6488e30c348
Validity
Not Before: Jan 1 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd7568fc5d08688d6b3122cf43e7f844af92cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5c:31:22:85:bc:a8:5e:d8:53:9f:64:c5:f4:
d8:43:15:ea:6d:fc:e2:0b:79:a2:5a:c8:c8:d0:d6:
f8:e3:d7:96:90:6d:14:1b:71:ef:22:e1:1f:84:e9:
e9:bb:2c:03:89:ca:93:ea:eb:c9:85:0a:b1:4b:f7:
82:14:4c:7a:39:17:30:53:ce:26:f8:07:0e:44:31:
ab:e6:98:27:cf:df:a0:15:03:91:48:96:e2:d4:56:
5d:52:f6:5d:5d:ee:90:6c:92:c6:ad:0a:92:78:cd:
72:a8:c9:b9:73:b0:ed:30:a3:ef:99:34:a7:1c:6c:
bc:5d:8c:c1:3f:bf:01:c5:93:74:ab:d4:d1:6e:ff:
6a:4a:47:3b:9f:37:28:4d:9a:ff:a1:9c:00:14:3f:
3a:ed:90:2c:a4:b8:60:64:79:94:83:aa:dd:2a:a5:
ee:33:41:60:f2:93:a3:b4:44:eb:01:84:7b:63:5b:
8a:4e:68:8f:1b:07:b3:e2:b6:7f:42:48:27:de:04:
5b:af:21:7c:e4:1e:3a:7a:1d:89:95:73:8c:f8:80:
42:d5:09:f4:86:e7:81:d1:fa:6c:ba:3c:f2:91:ef:
11:d8:99:8b:d4:14:a1:3a:32:e2:68:71:28:62:fb:
a8:48:ba:0d:9d:63:26:6c:b9:1c:5b:fc:c8:eb:f4:
d6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D7:56:8F:C5:D0:86:88:D6:B3:12:2C:F4:3E:7F:84:4A:F9:2C:EC
X509v3 Authority Key Identifier:
keyid:E8:96:50:57:F4:AA:09:9B:0A:91:9F:3F:0B:D4:A6:48:8E:30:C3:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6JZQV_SqCZsKkZ8_C9SmSI4ww0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/9639b2-a9da-4373-b651-8637abf731f3/1/3NdWj8XQhojWsxIs9D5_hEr5LOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/9639b2-a9da-4373-b651-8637abf731f3/1/6JZQV_SqCZsKkZ8_C9SmSI4ww0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:262c::/48
Signature Algorithm: sha256WithRSAEncryption
3b:6d:31:6a:2b:76:78:32:98:94:e4:f9:77:99:71:31:11:b6:
ed:c4:18:59:59:22:79:83:f6:fd:a7:78:ee:01:b4:e6:0f:8a:
94:56:2f:f9:02:4b:5a:80:a9:bf:59:dc:77:c1:a3:09:ff:e8:
35:71:f2:2d:09:f7:27:30:5a:f9:b5:d5:89:de:ca:54:ba:38:
18:66:32:09:4f:16:d6:6d:d4:ae:56:0f:9e:88:90:3c:14:df:
95:4e:9f:c9:60:c9:de:cf:83:cb:f7:38:90:5b:56:92:16:9a:
44:d7:4b:98:20:3b:59:99:ce:a8:bd:8a:c4:96:b0:80:d6:f7:
f4:57:af:68:ea:f1:ac:79:69:e3:72:05:15:cc:ca:5b:85:d8:
30:85:7d:93:4b:31:14:ce:f7:84:fd:54:40:27:e7:cb:00:3b:
c8:c8:f2:54:7d:98:c2:5b:4f:bc:fb:37:32:61:a7:08:da:7a:
b2:64:52:c1:0b:a5:12:10:fb:75:da:87:a6:ed:b2:b4:bc:36:
88:36:95:bd:29:e8:5f:c5:32:9a:74:5d:51:7f:27:02:49:c6:
71:da:6f:d0:eb:a8:5b:57:5c:f9:88:c1:01:bd:96:c7:69:9c:
b5:38:aa:72:9e:b8:c8:38:b7:87:f0:3b:80:37:71:45:54:3e:
e7:ac:e8:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtOF2cBa+Vt3a4NTmX9AUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OTY1MDU3ZjRhYTA5OWIwYTkxOWYzZjBiZDRhNjQ4OGUz
MGMzNDgwHhcNMjMwMTAxMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q3NTY4ZmM1ZDA4Njg4ZDZiMzEyMmNmNDNlN2Y4NDRhZjkyY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1wxIoW8qF7YU59kxfTYQxXqbfzi
C3miWsjI0Nb449eWkG0UG3HvIuEfhOnpuywDicqT6uvJhQqxS/eCFEx6ORcwU84m
+AcORDGr5pgnz9+gFQORSJbi1FZdUvZdXe6QbJLGrQqSeM1yqMm5c7DtMKPvmTSn
HGy8XYzBP78BxZN0q9TRbv9qSkc7nzcoTZr/oZwAFD867ZAspLhgZHmUg6rdKqXu
M0Fg8pOjtETrAYR7Y1uKTmiPGwez4rZ/Qkgn3gRbryF85B46eh2JlXOM+IBC1Qn0
hueB0fpsujzyke8R2JmL1BShOjLiaHEoYvuoSLoNnWMmbLkcW/zI6/TW5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNzXVo/F0IaI1rMSLPQ+f4RK+SzsMB8GA1UdIwQY
MBaAFOiWUFf0qgmbCpGfPwvUpkiOMMNIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkpaUVZfU3FDWnNLa1o4X0M5U21TSTR3dzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NjM5YjItYTlkYS00MzczLWI2NTEt
ODYzN2FiZjczMWYzLzEvM05kV2o4WFFob2pXc3hJczlENV9oRXI1TE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NjM5YjItYTlkYS00MzczLWI2NTEtODYzN2FiZjczMWYz
LzEvNkpaUVZfU3FDWnNLa1o4X0M5U21TSTR3dzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCYs
MA0GCSqGSIb3DQEBCwUAA4IBAQA7bTFqK3Z4MpiU5Pl3mXExEbbtxBhZWSJ5g/b9
p3juAbTmD4qUVi/5AktagKm/Wdx3waMJ/+g1cfItCfcnMFr5tdWJ3spUujgYZjIJ
TxbWbdSuVg+eiJA8FN+VTp/JYMnez4PL9ziQW1aSFppE10uYIDtZmc6ovYrElrCA
1vf0V69o6vGseWnjcgUVzMpbhdgwhX2TSzEUzveE/VRAJ+fLADvIyPJUfZjCW0+8
+zcyYacI2nqyZFLBC6USEPt12oem7bK0vDaINpW9KehfxTKadF1RfycCScZx2m/Q
66hbV1z5iMEBvZbHaZy1OKpynrjIOLeH8DuAN3FFVD7nrOhx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:29 2025 by rpki-client