Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/1c1c19-d4cc-49cd-af5a-177102917199/1/aaNknkU0WuShqW4VZ5ObpsqdgPU.roa
File: aaNknkU0WuShqW4VZ5ObpsqdgPU.roa (raw, json)
Hash identifier: 0AYsZFJzoabLrqbipoqQ7Xz/lUONowKv8d4QmEcPNpY=
Subject key identifier: 69:A3:64:9E:45:34:5A:E4:A1:A9:6E:15:67:93:9B:A6:CA:9D:80:F5
Certificate issuer: /CN=451cfb71217c2424d1b4844ff4504e873cbfe33e
Certificate serial: 13EC5AC1
Authority key identifier: 45:1C:FB:71:21:7C:24:24:D1:B4:84:4F:F4:50:4E:87:3C:BF:E3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRz7cSF8JCTRtIRP9FBOhzy_4z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/1c1c19-d4cc-49cd-af5a-177102917199/1/aaNknkU0WuShqW4VZ5ObpsqdgPU.roa
Signing time: Sat 01 Jan 2022 15:00:33 +0000
ROA not before: Sat 01 Jan 2022 15:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203859
IP address blocks: 2001:67c:2ec0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334256833 (0x13ec5ac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=451cfb71217c2424d1b4844ff4504e873cbfe33e
Validity
Not Before: Jan 1 15:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69a3649e45345ae4a1a96e1567939ba6ca9d80f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:57:9e:86:04:5d:73:c6:96:8a:f7:3e:5a:0b:
ef:09:c7:52:17:f9:ae:b6:6c:51:4e:2e:9a:b7:71:
e3:cc:37:20:80:ec:a4:80:7a:5c:f7:21:3f:9c:3c:
4c:85:e7:86:7f:2d:b8:5a:89:0e:01:a9:0f:a6:b7:
fe:0f:65:40:44:3b:95:a1:a2:81:d0:85:6b:9c:d6:
f2:c6:3f:16:0d:2b:ce:7b:ca:28:c7:42:94:fd:c6:
7f:74:3a:ed:f1:11:65:dd:6a:51:cc:98:50:e9:74:
7c:a7:99:12:fd:c3:87:7e:61:5e:e9:2e:f3:d5:7a:
b2:1f:81:e9:9a:65:61:5c:50:ea:92:a0:86:21:d8:
d3:85:f5:6d:0c:d5:7d:2a:48:8b:2a:74:54:ab:84:
cc:48:3e:75:06:37:06:90:55:02:72:19:46:70:35:
80:fc:9e:86:5b:9b:99:e7:9f:80:7f:af:37:8a:bc:
e7:b6:b5:47:bc:38:8c:b3:d1:9e:44:01:38:01:a5:
58:bb:f9:0d:18:d5:52:1d:63:cb:c5:17:22:57:73:
a3:c1:56:19:f2:c9:c1:fd:3b:dc:b8:2f:3e:b7:e6:
95:4d:69:24:f3:e3:83:9b:44:4a:22:fa:8d:b6:1b:
11:61:eb:8a:3d:a7:88:e8:dd:e9:4e:89:6b:73:cb:
bf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A3:64:9E:45:34:5A:E4:A1:A9:6E:15:67:93:9B:A6:CA:9D:80:F5
X509v3 Authority Key Identifier:
keyid:45:1C:FB:71:21:7C:24:24:D1:B4:84:4F:F4:50:4E:87:3C:BF:E3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRz7cSF8JCTRtIRP9FBOhzy_4z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/1c1c19-d4cc-49cd-af5a-177102917199/1/aaNknkU0WuShqW4VZ5ObpsqdgPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/1c1c19-d4cc-49cd-af5a-177102917199/1/RRz7cSF8JCTRtIRP9FBOhzy_4z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ec0::/48
Signature Algorithm: sha256WithRSAEncryption
10:dd:49:e2:53:58:d7:1c:a7:8a:d9:9b:23:64:df:16:67:85:
98:87:2c:a8:b4:02:a9:6c:83:c7:74:2a:c4:6c:6b:f8:19:a6:
b8:6b:20:77:62:94:15:07:53:be:f1:a2:29:71:2e:ca:50:e2:
a6:b5:a1:3a:91:ee:75:6b:6b:1d:65:1d:be:b6:28:4f:8e:86:
a0:2e:1d:7a:db:be:ab:e7:10:b1:27:6d:ef:bb:61:c0:53:54:
37:13:9d:bc:bf:ff:61:24:17:90:16:6d:d6:95:c2:59:26:75:
6e:28:a3:0a:16:0d:39:c5:9c:74:35:fb:fc:31:db:4f:1a:cd:
ef:13:db:9e:5b:90:3f:99:72:a4:f9:fc:54:1e:a5:3c:cc:dc:
0b:58:7f:8b:a4:ef:e8:ae:6a:19:9a:89:a2:6d:3a:41:f3:ff:
a7:f6:e0:65:dc:7c:77:e2:65:37:a9:6e:8e:59:33:70:f9:6f:
21:98:bf:85:81:06:59:7a:8c:2b:d4:84:43:59:58:fe:90:2b:
5b:fe:fc:8e:41:35:20:c3:29:94:f6:70:24:79:df:7d:e0:32:
92:57:8e:09:02:4a:d8:10:ca:30:fd:b9:7b:c6:8c:01:84:85:
64:f8:6f:59:1d:a1:f6:2b:93:eb:39:42:c5:be:41:ff:35:16:
c4:df:49:93
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE+xawTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTFjZmI3MTIxN2MyNDI0ZDFiNDg0NGZmNDUwNGU4NzNjYmZlMzNlMB4XDTIyMDEw
MTE1MDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlhMzY0OWU0NTM0
NWFlNGExYTk2ZTE1Njc5MzliYTZjYTlkODBmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVXnoYEXXPGlor3PloL7wnHUhf5rrZsUU4umrdx48w3IIDs
pIB6XPchP5w8TIXnhn8tuFqJDgGpD6a3/g9lQEQ7laGigdCFa5zW8sY/Fg0rznvK
KMdClP3Gf3Q67fERZd1qUcyYUOl0fKeZEv3Dh35hXuku89V6sh+B6ZplYVxQ6pKg
hiHY04X1bQzVfSpIiyp0VKuEzEg+dQY3BpBVAnIZRnA1gPyehlubmeefgH+vN4q8
57a1R7w4jLPRnkQBOAGlWLv5DRjVUh1jy8UXIldzo8FWGfLJwf073LgvPrfmlU1p
JPPjg5tESiL6jbYbEWHrij2niOjd6U6Ja3PLv0cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRpo2SeRTRa5KGpbhVnk5umyp2A9TAfBgNVHSMEGDAWgBRFHPtxIXwkJNG0
hE/0UE6HPL/jPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JSejdjU0Y4SkNUUnRJUlA5RkJPaHp5XzR6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvMWMxYzE5LWQ0Y2MtNDljZC1hZjVhLTE3NzEwMjkxNzE5OS8x
L2FhTmtua1UwV3VTaHFXNFZaNU9icHNxZGdQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
MWMxYzE5LWQ0Y2MtNDljZC1hZjVhLTE3NzEwMjkxNzE5OS8xL1JSejdjU0Y4SkNU
UnRJUlA5RkJPaHp5XzR6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwuwDANBgkqhkiG9w0BAQsF
AAOCAQEAEN1J4lNY1xynitmbI2TfFmeFmIcsqLQCqWyDx3QqxGxr+BmmuGsgd2KU
FQdTvvGiKXEuylDiprWhOpHudWtrHWUdvrYoT46GoC4detu+q+cQsSdt77thwFNU
NxOdvL//YSQXkBZt1pXCWSZ1biijChYNOcWcdDX7/DHbTxrN7xPbnluQP5lypPn8
VB6lPMzcC1h/i6Tv6K5qGZqJom06QfP/p/bgZdx8d+JlN6lujlkzcPlvIZi/hYEG
WXqMK9SEQ1lY/pArW/78jkE1IMMplPZwJHnffeAykleOCQJK2BDKMP25e8aMAYSF
ZPhvWR2h9iuT6zlCxb5B/zUWxN9Jkw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:34 2023 by rpki-client on console-fra.rpki-client.org