Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/i2UAbpsfSElaK2cVVvsm_AfnxdI.roa
File: i2UAbpsfSElaK2cVVvsm_AfnxdI.roa (raw, json)
Hash identifier: Th4Zc9LLXM0w7C8OXuy9WhgtS33BSO1CTQ3T2KHe4/4=
Subject key identifier: 8B:65:00:6E:9B:1F:48:49:5A:2B:67:15:56:FB:26:FC:07:E7:C5:D2
Certificate issuer: /CN=0a35575b9947ace25ce87774c82775f18977fd19
Certificate serial: 04249D89
Authority key identifier: 0A:35:57:5B:99:47:AC:E2:5C:E8:77:74:C8:27:75:F1:89:77:FD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/i2UAbpsfSElaK2cVVvsm_AfnxdI.roa
Signing time: Sat 01 Jan 2022 14:05:59 +0000
ROA not before: Sat 01 Jan 2022 14:05:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 766
IP address blocks: 2001:678:508::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69508489 (0x4249d89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a35575b9947ace25ce87774c82775f18977fd19
Validity
Not Before: Jan 1 14:05:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b65006e9b1f48495a2b671556fb26fc07e7c5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:3b:ad:41:f5:05:37:84:c4:c1:6d:3a:25:13:
05:4d:91:0a:dc:ad:6b:3c:8c:3f:fc:bf:9b:a5:a1:
8d:0a:58:81:35:7a:5b:d4:ca:90:6e:e3:7a:55:e8:
e7:36:dd:4f:5d:ee:02:78:9c:b7:63:49:47:8d:64:
97:07:d5:e5:cc:cb:fc:89:f2:e6:1e:dd:84:9b:00:
0f:aa:29:fa:4d:ef:ae:14:67:54:07:05:63:74:1c:
70:49:fa:47:3b:a4:44:d6:dc:b8:0c:54:e2:9b:25:
cc:1b:06:40:b2:e9:b9:23:2d:1c:0c:11:0d:90:81:
05:10:53:eb:a7:d3:28:5e:7f:17:b3:35:77:44:1d:
fa:c5:5a:e0:bb:12:01:37:d0:18:90:66:95:6e:db:
ed:de:3c:22:a6:33:90:33:cd:78:c2:12:b7:61:f9:
0b:ea:fa:cd:40:ec:2c:48:b7:f4:d7:75:37:ab:b6:
b7:70:9a:58:81:73:c8:28:c7:b1:48:df:7e:5a:98:
b3:90:5c:91:1e:9a:3a:b8:00:f8:ab:a9:81:62:dc:
96:d8:39:c4:8f:6d:10:50:24:19:eb:b8:f0:83:b1:
f7:16:39:64:69:05:bf:35:19:dd:81:68:51:4c:83:
99:21:79:27:c4:c9:6e:6b:1b:b4:2d:05:19:9c:6a:
45:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:65:00:6E:9B:1F:48:49:5A:2B:67:15:56:FB:26:FC:07:E7:C5:D2
X509v3 Authority Key Identifier:
keyid:0A:35:57:5B:99:47:AC:E2:5C:E8:77:74:C8:27:75:F1:89:77:FD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/i2UAbpsfSElaK2cVVvsm_AfnxdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:508::/48
Signature Algorithm: sha256WithRSAEncryption
1a:f1:c3:9b:62:1a:42:a4:84:83:d5:93:fd:0b:1a:1f:ec:63:
c6:9e:95:b0:76:d8:c7:0c:31:0d:10:2c:b9:20:55:56:05:77:
45:88:17:69:9b:26:f0:d1:37:8b:a7:22:89:22:9a:cb:12:0f:
fc:01:ca:79:58:ab:0e:d9:ae:56:dd:a1:97:5b:92:8e:a8:69:
34:9a:39:7c:78:31:9f:23:aa:67:2b:d6:4d:02:6a:94:bb:a7:
db:e4:24:2c:aa:2a:d8:60:0b:6a:49:39:b8:03:16:58:e5:6e:
16:8e:76:5b:79:8d:40:25:2b:e2:cf:92:be:56:ed:90:59:4b:
2f:45:bd:ed:bf:5c:35:21:b9:16:a3:2b:92:2e:f3:25:cf:fe:
5f:88:83:8e:fe:f8:8e:37:8d:be:38:53:1c:44:b7:8e:ee:0f:
c5:42:e9:4c:7a:bd:31:dc:ff:2b:48:98:2a:96:f1:d7:ce:a2:
6d:2d:b9:79:99:1f:f4:18:cf:75:d2:d0:1c:11:c4:f2:26:4b:
aa:6e:34:34:32:7c:fd:37:55:91:da:a6:15:be:c8:17:94:0d:
b7:b7:3c:e3:91:0b:77:ad:ba:d6:7c:fc:ee:fe:39:09:2f:f6:
ad:70:ee:8b:a5:d5:4c:92:8d:07:e5:68:b8:70:0f:5e:77:6c:
59:b6:c7:fe
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBCSdiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM1NTc1Yjk5NDdhY2UyNWNlODc3NzRjODI3NzVmMTg5NzdmZDE5MB4XDTIyMDEw
MTE0MDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2NTAwNmU5YjFm
NDg0OTVhMmI2NzE1NTZmYjI2ZmMwN2U3YzVkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANc7rUH1BTeExMFtOiUTBU2RCtytazyMP/y/m6WhjQpYgTV6
W9TKkG7jelXo5zbdT13uAnict2NJR41klwfV5czL/Iny5h7dhJsAD6op+k3vrhRn
VAcFY3QccEn6RzukRNbcuAxU4pslzBsGQLLpuSMtHAwRDZCBBRBT66fTKF5/F7M1
d0Qd+sVa4LsSATfQGJBmlW7b7d48IqYzkDPNeMISt2H5C+r6zUDsLEi39Nd1N6u2
t3CaWIFzyCjHsUjfflqYs5BckR6aOrgA+KupgWLcltg5xI9tEFAkGeu48IOx9xY5
ZGkFvzUZ3YFoUUyDmSF5J8TJbmsbtC0FGZxqRXECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSLZQBumx9ISVorZxVW+yb8B+fF0jAfBgNVHSMEGDAWgBQKNVdbmUes4lzo
d3TIJ3XxiXf9GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqVlhXNWxIck9KYzZIZDB5Q2QxOFlsM19Say5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMGYyZGE5LWYzZDUtNGFiNC1iYWJlLTc5ZDkxZWY4MjdjZS8x
L2kyVUFicHNmU0VsYUsyY1ZWdnNtX0FmbnhkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MGYyZGE5LWYzZDUtNGFiNC1iYWJlLTc5ZDkxZWY4MjdjZS8xL0NqVlhXNWxIck9K
YzZIZDB5Q2QxOFlsM19Say5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngFCDANBgkqhkiG9w0BAQsF
AAOCAQEAGvHDm2IaQqSEg9WT/QsaH+xjxp6VsHbYxwwxDRAsuSBVVgV3RYgXaZsm
8NE3i6ciiSKayxIP/AHKeVirDtmuVt2hl1uSjqhpNJo5fHgxnyOqZyvWTQJqlLun
2+QkLKoq2GALakk5uAMWWOVuFo52W3mNQCUr4s+SvlbtkFlLL0W97b9cNSG5FqMr
ki7zJc/+X4iDjv74jjeNvjhTHES3ju4PxULpTHq9Mdz/K0iYKpbx186ibS25eZkf
9BjPddLQHBHE8iZLqm40NDJ8/TdVkdqmFb7IF5QNt7c845ELd6261nz87v45CS/2
rXDui6XVTJKNB+VouHAPXndsWbbH/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:51 2024 by rpki-client on console-ams.rpki-client.org