Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/zu0smqgfuj2NpVxW10152Q6clsU.roa
File: zu0smqgfuj2NpVxW10152Q6clsU.roa (raw, json)
Hash identifier: r5CFcfWk2cOBn8qe6sI39zny1IQdW8khFHgIFps9qyE=
Subject key identifier: CE:ED:2C:9A:A8:1F:BA:3D:8D:A5:5C:56:D7:4D:79:D9:0E:9C:96:C5
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 01835EC287A734B405981E530919869BEF2D
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/zu0smqgfuj2NpVxW10152Q6clsU.roa
Signing time: Wed 21 Sep 2022 06:35:50 +0000
ROA not before: Wed 21 Sep 2022 06:35:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48518
IP address blocks: 2a04:9ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5e:c2:87:a7:34:b4:05:98:1e:53:09:19:86:9b:ef:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Sep 21 06:35:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ceed2c9aa81fba3d8da55c56d74d79d90e9c96c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a1:c8:68:1b:2c:05:bb:74:47:ed:56:b6:35:
89:16:ae:86:cf:a9:01:4a:d3:4a:9f:90:b7:e6:fd:
20:fe:4b:78:63:26:25:19:97:8a:4e:ae:55:46:f5:
d7:bc:84:c9:a2:e5:11:01:34:db:28:94:a2:64:58:
ad:f5:96:47:67:2f:d9:12:5e:df:1a:d8:5c:5b:0c:
c4:47:bb:ec:c0:4e:aa:1f:74:53:dd:02:ad:25:73:
83:bf:e7:98:c7:29:d8:ca:b5:cb:5b:68:46:51:7a:
3c:d1:f1:94:07:75:11:89:c8:47:e1:a5:ee:87:ec:
da:eb:60:a8:b9:96:d5:84:0d:a4:ab:04:a3:3b:37:
7e:c5:f5:ce:47:ae:e6:74:4e:62:48:eb:4d:c3:eb:
a4:f3:35:8c:0b:38:0f:f5:98:12:da:d6:a3:58:c5:
52:62:0a:d0:e9:b6:81:d6:c7:ba:4b:cb:25:33:f2:
c2:34:a6:a7:87:67:bc:5b:10:56:a0:c5:b7:83:43:
d1:a5:b1:43:6d:9e:e8:ed:5a:79:bf:eb:27:c6:eb:
f9:be:84:10:4d:fa:4d:cc:c1:a6:08:d6:83:c5:56:
99:47:2f:0d:54:aa:e0:67:f2:77:34:b5:12:ce:81:
a1:73:8d:30:6b:a6:24:8f:13:de:f4:01:a1:7b:db:
a9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:ED:2C:9A:A8:1F:BA:3D:8D:A5:5C:56:D7:4D:79:D9:0E:9C:96:C5
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/zu0smqgfuj2NpVxW10152Q6clsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:27:d7:54:32:67:b1:0b:6b:e2:84:7f:b6:95:b7:f1:58:1a:
dd:31:59:1d:b3:58:e2:87:20:38:0d:a9:1b:68:fd:e6:6f:c3:
9e:7f:5e:6c:6a:f6:67:1f:d0:97:4c:52:14:1c:aa:ba:60:63:
45:ae:b4:fb:40:1a:24:75:81:11:41:58:6e:92:29:18:c3:ed:
c2:ce:99:31:ad:17:32:e8:c7:84:d9:d7:85:8c:d7:79:a1:9a:
c5:7b:f0:df:cf:f5:9f:68:9b:f0:99:76:cc:9d:6d:b4:9e:4f:
80:16:4f:bd:f6:4a:56:96:93:6e:59:92:94:4b:16:8e:6d:95:
8c:a0:d9:70:57:ec:a2:c1:70:2d:e0:18:92:7e:56:be:2c:c8:
b2:a3:b1:d5:a8:13:82:cd:98:99:f8:47:6c:3f:ef:53:f9:bb:
68:b2:d7:05:ff:92:76:67:25:4f:0f:f2:2c:cb:df:91:93:9c:
5c:d1:92:3a:7e:39:1a:35:0b:cc:7b:8c:e7:d4:2b:19:6a:7d:
39:6b:c1:2c:a6:72:1f:3b:b1:98:66:15:e2:68:4c:27:45:2a:
2f:8d:d3:11:04:15:d7:70:96:0f:90:69:a5:95:69:17:6e:59:
55:16:31:e0:5b:ef:1d:99:e9:af:d6:3c:69:e8:b0:e5:68:13:
7c:d6:a0:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYNewoenNLQFmB5TCRmGm+8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjIwOTIxMDYzNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVkMmM5YWE4MWZiYTNkOGRhNTVjNTZkNzRkNzlkOTBlOWM5NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6HIaBssBbt0R+1WtjWJFq6Gz6kB
StNKn5C35v0g/kt4YyYlGZeKTq5VRvXXvITJouURATTbKJSiZFit9ZZHZy/ZEl7f
GthcWwzER7vswE6qH3RT3QKtJXODv+eYxynYyrXLW2hGUXo80fGUB3URichH4aXu
h+za62CouZbVhA2kqwSjOzd+xfXOR67mdE5iSOtNw+uk8zWMCzgP9ZgS2tajWMVS
YgrQ6baB1se6S8slM/LCNKanh2e8WxBWoMW3g0PRpbFDbZ7o7Vp5v+snxuv5voQQ
TfpNzMGmCNaDxVaZRy8NVKrgZ/J3NLUSzoGhc40wa6YkjxPe9AGhe9up7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM7tLJqoH7o9jaVcVtdNedkOnJbFMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvenUwc21xZ2Z1ajJOcFZ4VzEwMTUyUTZjbHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSawDAN
BgkqhkiG9w0BAQsFAAOCAQEAmifXVDJnsQtr4oR/tpW38Vga3TFZHbNY4ocgOA2p
G2j95m/Dnn9ebGr2Zx/Ql0xSFByqumBjRa60+0AaJHWBEUFYbpIpGMPtws6ZMa0X
MujHhNnXhYzXeaGaxXvw38/1n2ib8Jl2zJ1ttJ5PgBZPvfZKVpaTblmSlEsWjm2V
jKDZcFfsosFwLeAYkn5WvizIsqOx1agTgs2YmfhHbD/vU/m7aLLXBf+SdmclTw/y
LMvfkZOcXNGSOn45GjULzHuM59QrGWp9OWvBLKZyHzuxmGYV4mhMJ0UqL43TEQQV
13CWD5BppZVpF25ZVRYx4FvvHZnpr9Y8aeiw5WgTfNagiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:20 2024 by rpki-client on console-fra.rpki-client.org