Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/404feb-a8bc-4c54-90ac-0660c16efcce/1/MtyXhcMPJfetd7o-k_JZKarF7nk.roa
File: MtyXhcMPJfetd7o-k_JZKarF7nk.roa (raw, json)
Hash identifier: R9jAxDAMDnNzU+7Fha+ZNEpwHfHswTYdmQ5PeTn8tIw=
Subject key identifier: 32:DC:97:85:C3:0F:25:F7:AD:77:BA:3E:93:F2:59:29:AA:C5:EE:79
Certificate issuer: /CN=efdc48d9ab10f0e42a3dc67fbd0f4cb8e44cab69
Certificate serial: 0FAD71D6
Authority key identifier: EF:DC:48:D9:AB:10:F0:E4:2A:3D:C6:7F:BD:0F:4C:B8:E4:4C:AB:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79xI2asQ8OQqPcZ_vQ9MuORMq2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/404feb-a8bc-4c54-90ac-0660c16efcce/1/MtyXhcMPJfetd7o-k_JZKarF7nk.roa
Signing time: Sat 01 Jan 2022 14:06:59 +0000
ROA not before: Sat 01 Jan 2022 14:06:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50629
IP address blocks: 2001:67c:708::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263025110 (0xfad71d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efdc48d9ab10f0e42a3dc67fbd0f4cb8e44cab69
Validity
Not Before: Jan 1 14:06:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32dc9785c30f25f7ad77ba3e93f25929aac5ee79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:12:85:86:11:da:a6:00:a2:66:4d:02:26:f3:
4c:a2:93:61:7e:cf:15:f8:0d:57:64:94:67:ef:a3:
df:09:37:76:85:1f:66:19:60:dd:51:68:22:ab:ce:
03:72:43:79:b9:c3:bc:e3:2a:08:4d:25:9c:ca:36:
cd:11:3c:48:37:62:8b:ae:c4:74:46:dc:3b:0f:30:
44:1a:e6:ce:52:58:f5:89:62:df:cd:b5:12:92:89:
12:7c:9e:7c:bc:f6:d2:90:61:50:7c:3a:e1:6a:26:
f2:58:1d:8c:f6:43:5f:e0:b5:76:6c:3b:cc:1d:7f:
a1:3f:5a:8a:4e:91:f3:51:04:9d:77:2f:94:62:59:
5b:6a:1a:03:1d:de:dd:fa:8f:7c:6d:8e:44:a5:76:
f0:c1:61:0c:e6:e0:44:0a:73:2e:99:b1:1c:dd:1b:
cd:e0:b3:6b:e1:e2:6d:ff:be:48:3f:19:64:34:d8:
dc:eb:d1:19:83:48:ea:3e:e3:e8:68:35:6d:ff:f2:
5b:19:b7:a9:04:d3:d0:67:6c:44:5d:11:66:bd:7f:
a0:70:47:0c:05:74:31:06:bd:d1:c4:42:2e:6d:96:
8f:0d:02:6d:5f:31:79:e7:6d:93:1e:18:99:e2:d4:
2e:03:70:0c:06:4c:95:05:96:a3:70:d8:99:33:08:
29:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DC:97:85:C3:0F:25:F7:AD:77:BA:3E:93:F2:59:29:AA:C5:EE:79
X509v3 Authority Key Identifier:
keyid:EF:DC:48:D9:AB:10:F0:E4:2A:3D:C6:7F:BD:0F:4C:B8:E4:4C:AB:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79xI2asQ8OQqPcZ_vQ9MuORMq2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/404feb-a8bc-4c54-90ac-0660c16efcce/1/MtyXhcMPJfetd7o-k_JZKarF7nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/404feb-a8bc-4c54-90ac-0660c16efcce/1/79xI2asQ8OQqPcZ_vQ9MuORMq2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:708::/48
Signature Algorithm: sha256WithRSAEncryption
80:94:a2:b9:40:3d:d9:4b:89:85:7b:73:36:28:19:23:74:1d:
22:34:6a:d7:f0:6e:a3:24:90:3e:27:c9:5c:7b:ca:be:d0:d1:
26:ea:e0:f4:d7:a9:d7:02:e0:d2:f0:c5:50:a8:5d:0c:46:a1:
6d:9b:10:2c:ab:43:e3:e7:79:29:b6:84:6d:d1:9d:30:e8:d2:
1b:e2:b4:cf:26:c6:61:32:78:2d:04:96:3f:f4:d6:93:25:06:
0b:67:ae:2c:52:a2:c5:b7:18:72:e6:43:64:1b:2f:66:d6:81:
f9:54:77:1e:fc:15:b2:99:c8:14:43:85:c5:e9:41:ba:4c:e6:
66:a7:cf:69:c8:eb:a4:02:df:66:e4:82:04:e7:94:cf:03:2b:
29:97:97:c8:1f:a5:18:5c:6c:98:a0:d9:b7:14:5d:63:20:03:
91:a0:90:94:86:06:1d:45:4d:c9:e1:09:73:fd:14:0d:3d:b0:
d7:5c:f9:9f:58:c9:d7:55:0e:d6:f5:ad:20:39:d0:43:29:33:
fb:45:0b:19:0d:b9:4a:ef:45:dd:b4:7a:3b:27:d0:ac:a3:36:
84:b7:17:16:31:30:9f:90:89:8e:0f:bd:5b:f5:9f:23:2c:d3:
78:1b:28:46:54:9d:17:60:52:73:a2:b9:b5:e0:76:9b:7c:3f:
e1:dd:04:f9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED61x1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZmRjNDhkOWFiMTBmMGU0MmEzZGM2N2ZiZDBmNGNiOGU0NGNhYjY5MB4XDTIyMDEw
MTE0MDY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJkYzk3ODVjMzBm
MjVmN2FkNzdiYTNlOTNmMjU5MjlhYWM1ZWU3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPQShYYR2qYAomZNAibzTKKTYX7PFfgNV2SUZ++j3wk3doUf
Zhlg3VFoIqvOA3JDebnDvOMqCE0lnMo2zRE8SDdii67EdEbcOw8wRBrmzlJY9Yli
3821EpKJEnyefLz20pBhUHw64Wom8lgdjPZDX+C1dmw7zB1/oT9aik6R81EEnXcv
lGJZW2oaAx3e3fqPfG2ORKV28MFhDObgRApzLpmxHN0bzeCza+Hibf++SD8ZZDTY
3OvRGYNI6j7j6Gg1bf/yWxm3qQTT0GdsRF0RZr1/oHBHDAV0MQa90cRCLm2Wjw0C
bV8xeedtkx4YmeLULgNwDAZMlQWWo3DYmTMIKaMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQy3JeFww8l9613uj6T8lkpqsXueTAfBgNVHSMEGDAWgBTv3EjZqxDw5Co9
xn+9D0y45EyraTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc5eEkyYXNROE9RcVBjWl92UTlNdU9STXEyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvNDA0ZmViLWE4YmMtNGM1NC05MGFjLTA2NjBjMTZlZmNjZS8x
L010eVhoY01QSmZldGQ3by1rX0paS2FyRjduay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
NDA0ZmViLWE4YmMtNGM1NC05MGFjLTA2NjBjMTZlZmNjZS8xLzc5eEkyYXNROE9R
cVBjWl92UTlNdU9STXEyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwHCDANBgkqhkiG9w0BAQsF
AAOCAQEAgJSiuUA92UuJhXtzNigZI3QdIjRq1/BuoySQPifJXHvKvtDRJurg9Nep
1wLg0vDFUKhdDEahbZsQLKtD4+d5KbaEbdGdMOjSG+K0zybGYTJ4LQSWP/TWkyUG
C2euLFKixbcYcuZDZBsvZtaB+VR3HvwVspnIFEOFxelBukzmZqfPacjrpALfZuSC
BOeUzwMrKZeXyB+lGFxsmKDZtxRdYyADkaCQlIYGHUVNyeEJc/0UDT2w11z5n1jJ
11UO1vWtIDnQQykz+0ULGQ25Su9F3bR6OyfQrKM2hLcXFjEwn5CJjg+9W/WfIyzT
eBsoRlSdF2BSc6K5teB2m3w/4d0E+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:53 2024 by rpki-client on console-fra.rpki-client.org