Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/1n167wJhgr13vb75uw2I0ulliQQ.roa
File: 1n167wJhgr13vb75uw2I0ulliQQ.roa (raw, json)
Hash identifier: FHyVFYyDbJJX9VySdVDgJ6CsjQVdcj+KVHr+x+VEBI4=
Subject key identifier: D6:7D:7A:EF:02:61:82:BD:77:BD:BE:F9:BB:0D:88:D2:E9:65:89:04
Certificate issuer: /CN=53e32c5f895fb12e6d674e0b16f6eee5e512645d
Certificate serial: 430BB0
Authority key identifier: 53:E3:2C:5F:89:5F:B1:2E:6D:67:4E:0B:16:F6:EE:E5:E5:12:64:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-MsX4lfsS5tZ04LFvbu5eUSZF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/1n167wJhgr13vb75uw2I0ulliQQ.roa
Signing time: Sat 01 Jan 2022 00:50:12 +0000
ROA not before: Sat 01 Jan 2022 00:50:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41737
IP address blocks: 2a0e:9b80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4393904 (0x430bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e32c5f895fb12e6d674e0b16f6eee5e512645d
Validity
Not Before: Jan 1 00:50:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d67d7aef026182bd77bdbef9bb0d88d2e9658904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fa:8a:2c:19:d0:9c:91:36:79:be:5c:55:b9:
32:33:ad:2b:08:0d:35:27:e1:37:81:69:2d:6d:f5:
36:4b:7f:34:7a:a8:04:52:69:76:bd:ba:aa:66:20:
0a:e0:67:b1:10:ac:6a:7b:11:48:9d:b3:fe:ae:88:
aa:d2:1f:4c:ea:a8:4d:6d:f6:e5:56:1f:02:bc:d8:
01:8f:8f:dc:ed:ca:68:e4:48:ae:4c:70:95:9b:3b:
e1:fc:5e:58:fa:92:2f:8b:9d:ba:f1:9a:c1:61:ff:
30:eb:e7:fc:23:28:4d:d5:2d:ff:52:39:d3:30:a0:
0f:6b:e9:5d:63:3e:aa:bb:49:a7:f6:13:9e:9f:67:
c3:1b:87:a1:90:1a:ec:bf:6b:6b:a4:67:db:4f:73:
a3:f9:64:c0:15:0f:85:c4:51:ab:c9:54:10:d5:ed:
f0:71:96:fe:81:59:b1:cf:4e:88:e7:c7:c0:bb:43:
10:0e:af:da:9d:7a:90:5b:10:cd:32:43:23:9f:90:
6c:a1:5b:5a:eb:81:eb:91:95:65:6e:3d:ab:b2:ab:
5b:f1:e3:bb:36:2f:10:37:5c:ed:91:19:a4:a5:c9:
da:a4:ff:e1:12:f5:99:2b:62:4a:89:bf:e8:22:d2:
59:a4:73:3e:f8:33:19:ea:be:51:dd:7e:49:59:e7:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7D:7A:EF:02:61:82:BD:77:BD:BE:F9:BB:0D:88:D2:E9:65:89:04
X509v3 Authority Key Identifier:
keyid:53:E3:2C:5F:89:5F:B1:2E:6D:67:4E:0B:16:F6:EE:E5:E5:12:64:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-MsX4lfsS5tZ04LFvbu5eUSZF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/1n167wJhgr13vb75uw2I0ulliQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/U-MsX4lfsS5tZ04LFvbu5eUSZF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b80::/29
Signature Algorithm: sha256WithRSAEncryption
24:0a:5e:15:21:22:6e:53:f9:ba:d9:33:7e:18:f9:50:3d:ea:
fe:1a:b1:fe:cc:28:61:9f:7a:4f:4c:d4:83:60:d6:b6:26:db:
b8:ea:1a:e5:9a:5f:81:a9:23:d9:28:fb:2a:c3:a3:50:0d:c1:
8e:b6:4c:26:e8:35:ef:d0:f7:32:30:55:92:6a:43:b1:39:d2:
ac:17:9a:12:66:61:a4:d6:d1:df:bf:78:23:cd:85:05:1b:ee:
52:f1:6a:5d:b8:06:ea:5d:f8:ef:9e:91:29:36:84:ff:1e:a7:
42:d1:01:10:ee:3e:10:87:33:9a:f4:fa:30:3e:81:52:e8:52:
46:60:3c:d0:12:3c:a4:0f:88:a6:7b:ee:22:2d:dc:54:fe:64:
c1:e2:30:59:a3:9d:5a:5e:37:db:8c:50:f3:13:e2:6b:11:b3:
b7:73:76:77:be:be:41:f0:4b:58:df:ff:0a:a3:c7:ee:30:82:
4b:da:75:55:aa:61:10:3b:9e:2a:c9:70:ec:20:3b:7a:2d:99:
0a:d4:77:3f:08:1b:fa:38:d7:7f:65:13:33:08:6a:77:c0:61:
9f:b1:d2:c2:32:ae:b3:63:f4:66:59:fd:1a:8a:c2:24:23:81:
72:8a:43:cb:56:8f:50:84:76:df:88:9d:c0:ba:db:22:d5:19:
60:5e:f3:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDQwuwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUz
ZTMyYzVmODk1ZmIxMmU2ZDY3NGUwYjE2ZjZlZWU1ZTUxMjY0NWQwHhcNMjIwMTAx
MDA1MDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkNjdkN2FlZjAyNjE4
MmJkNzdiZGJlZjliYjBkODhkMmU5NjU4OTA0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0/qKLBnQnJE2eb5cVbkyM60rCA01J+E3gWktbfU2S380eqgE
Uml2vbqqZiAK4GexEKxqexFInbP+roiq0h9M6qhNbfblVh8CvNgBj4/c7cpo5Eiu
THCVmzvh/F5Y+pIvi5268ZrBYf8w6+f8IyhN1S3/UjnTMKAPa+ldYz6qu0mn9hOe
n2fDG4ehkBrsv2trpGfbT3Oj+WTAFQ+FxFGryVQQ1e3wcZb+gVmxz06I58fAu0MQ
Dq/anXqQWxDNMkMjn5BsoVta64HrkZVlbj2rsqtb8eO7Ni8QN1ztkRmkpcnapP/h
EvWZK2JKib/oItJZpHM++DMZ6r5R3X5JWefFkQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFNZ9eu8CYYK9d72++bsNiNLpZYkEMB8GA1UdIwQYMBaAFFPjLF+JX7EubWdO
Cxb27uXlEmRdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VS1Nc1g0bGZzUzV0WjA0TEZ2YnU1ZVVTWkYwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy84NjVmMDgtNDYzMy00ZWRjLWJjOGQtMzA4NGY3NjdjMmI2LzEv
MW4xNjd3SmhncjEzdmI3NXV3MkkwdWxsaVFRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84
NjVmMDgtNDYzMy00ZWRjLWJjOGQtMzA4NGY3NjdjMmI2LzEvVS1Nc1g0bGZzUzV0
WjA0TEZ2YnU1ZVVTWkYwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6bgDANBgkqhkiG9w0BAQsFAAOC
AQEAJApeFSEiblP5utkzfhj5UD3q/hqx/swoYZ96T0zUg2DWtibbuOoa5Zpfgakj
2Sj7KsOjUA3BjrZMJug179D3MjBVkmpDsTnSrBeaEmZhpNbR3794I82FBRvuUvFq
XbgG6l34756RKTaE/x6nQtEBEO4+EIczmvT6MD6BUuhSRmA80BI8pA+IpnvuIi3c
VP5kweIwWaOdWl4324xQ8xPiaxGzt3N2d76+QfBLWN//CqPH7jCCS9p1VaphEDue
Kslw7CA7ei2ZCtR3Pwgb+jjXf2UTMwhqd8Bhn7HSwjKus2P0Zln9GorCJCOBcopD
y1aPUIR234idwLrbItUZYF7zLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:13 2024 by rpki-client on console-ams.rpki-client.org