Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/FAkspNSgljgUZ8h-paQ-2lJlDxs.roa
File: FAkspNSgljgUZ8h-paQ-2lJlDxs.roa (raw, json)
Hash identifier: DMKm5YkjcaYxP0gS2pfWbVSw1BbzqwM9CU/ZnmIQaJ8=
Subject key identifier: 14:09:2C:A4:D4:A0:96:38:14:67:C8:7E:A5:A4:3E:DA:52:65:0F:1B
Certificate issuer: /CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Certificate serial: 047BAB9E
Authority key identifier: 76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/FAkspNSgljgUZ8h-paQ-2lJlDxs.roa
Signing time: Sat 01 Jan 2022 09:55:49 +0000
ROA not before: Sat 01 Jan 2022 09:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15440
IP address blocks: 2001:67c:2ffc::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75213726 (0x47bab9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Validity
Not Before: Jan 1 09:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14092ca4d4a096381467c87ea5a43eda52650f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d9:3a:ac:f1:71:77:9e:b7:e6:f3:44:5d:d0:
6c:fe:b0:b0:0b:d1:55:7c:c9:b9:91:69:1b:40:f6:
16:22:4e:f5:81:00:05:3c:08:03:94:81:40:fb:5c:
7d:fd:86:90:a5:eb:bc:e6:ce:d2:0a:47:5c:ab:25:
a9:a4:bf:d8:fa:69:b2:5a:b5:fc:05:78:60:a1:4b:
c1:82:0d:d2:6a:d6:65:4e:7c:8f:1e:d3:8c:d7:d8:
53:36:50:ea:6f:67:52:f1:25:45:f4:53:d3:9e:10:
aa:1b:02:7f:b8:1b:d1:78:39:b2:86:09:20:b6:4c:
d1:0b:c4:f8:cb:71:6d:a7:95:c3:50:e1:46:cf:7e:
0a:e1:a5:b1:80:33:02:9a:e8:fb:68:e1:e4:a6:f3:
8f:03:c9:26:dc:84:04:91:2a:d3:42:e3:24:4c:ab:
3d:83:3c:6b:d1:8b:9b:e6:fd:93:71:48:22:78:5e:
c7:34:94:1d:17:bf:2d:89:16:66:a0:87:66:57:32:
5a:36:59:e4:ea:e0:9f:a7:a6:a6:ea:05:37:1d:08:
a2:69:5f:95:c0:f3:bf:8f:bc:13:19:db:f8:fe:92:
bb:82:b4:5b:5a:87:2c:6a:71:71:4e:ca:57:6c:da:
76:71:9b:a6:a5:e7:80:94:3c:3b:ae:ab:a7:2d:8b:
a0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:09:2C:A4:D4:A0:96:38:14:67:C8:7E:A5:A4:3E:DA:52:65:0F:1B
X509v3 Authority Key Identifier:
keyid:76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/FAkspNSgljgUZ8h-paQ-2lJlDxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ffc::/48
Signature Algorithm: sha256WithRSAEncryption
41:ea:22:8b:54:af:3d:c7:7e:7d:27:ee:63:ed:96:60:81:d3:
88:9c:1f:b6:c6:80:18:7e:17:59:56:32:fe:60:4e:7a:32:33:
eb:fa:42:b8:02:64:6b:8a:20:69:00:30:24:f9:b4:85:28:a3:
a1:96:cd:29:a3:f7:d3:56:ea:64:04:ab:da:ab:f6:f1:f6:a1:
08:dd:33:90:4f:cd:3b:e3:93:c9:42:d2:0f:ec:54:98:11:00:
0d:7c:4e:3d:80:d6:d3:f2:3f:e4:b9:d8:1e:49:72:e2:d9:e6:
bb:0f:81:48:df:63:7b:d3:7e:88:c2:61:ef:71:53:27:ed:c7:
99:6a:65:41:42:18:7d:9b:07:42:0e:ae:57:e1:f6:ef:a6:95:
49:78:da:e4:eb:e8:28:ad:6b:cf:3a:15:e7:5c:77:b5:25:12:
b8:e2:4c:50:25:95:8a:19:61:91:f4:42:a2:b5:0f:d2:de:76:
4b:66:99:b0:45:48:b4:0c:6a:bc:3f:cd:bd:c9:48:4f:cd:8c:
e9:3b:b3:a3:2f:16:c6:70:52:20:d6:68:68:8b:c3:a1:5b:56:
78:1f:1d:74:fb:a7:fe:5c:fa:5c:a8:9c:b2:0a:df:92:77:ef:
08:26:cc:4c:d0:53:0b:cb:16:b4:c7:5d:47:e9:6c:ca:ce:a8:
5c:d9:42:34
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBHurnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmNlNjM3ZDQ3Yjc4MDA0ZDBjY2ZhZTM3MWU2ODE4NzY4YWMzZmE1MB4XDTIyMDEw
MTA5NTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQwOTJjYTRkNGEw
OTYzODE0NjdjODdlYTVhNDNlZGE1MjY1MGYxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJDZOqzxcXeet+bzRF3QbP6wsAvRVXzJuZFpG0D2FiJO9YEA
BTwIA5SBQPtcff2GkKXrvObO0gpHXKslqaS/2Pppslq1/AV4YKFLwYIN0mrWZU58
jx7TjNfYUzZQ6m9nUvElRfRT054QqhsCf7gb0Xg5soYJILZM0QvE+MtxbaeVw1Dh
Rs9+CuGlsYAzApro+2jh5KbzjwPJJtyEBJEq00LjJEyrPYM8a9GLm+b9k3FIInhe
xzSUHRe/LYkWZqCHZlcyWjZZ5Orgn6empuoFNx0IomlflcDzv4+8Exnb+P6Su4K0
W1qHLGpxcU7KV2zadnGbpqXngJQ8O66rpy2LoNMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQUCSyk1KCWOBRnyH6lpD7aUmUPGzAfBgNVHSMEGDAWgBR2zmN9R7eABNDM
+uNx5oGHaKw/pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RzNWpmVWUzZ0FUUXpQcmpjZWFCaDJpc1A2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvNzMwOWE5LTQ2YzgtNDI0MC1hZmVmLTg0MDg4MWE0ZDMwZC8x
L0ZBa3NwTlNnbGpnVVo4aC1wYVEtMmxKbER4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
NzMwOWE5LTQ2YzgtNDI0MC1hZmVmLTg0MDg4MWE0ZDMwZC8xL2RzNWpmVWUzZ0FU
UXpQcmpjZWFCaDJpc1A2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwv/DANBgkqhkiG9w0BAQsF
AAOCAQEAQeoii1SvPcd+fSfuY+2WYIHTiJwftsaAGH4XWVYy/mBOejIz6/pCuAJk
a4ogaQAwJPm0hSijoZbNKaP301bqZASr2qv28fahCN0zkE/NO+OTyULSD+xUmBEA
DXxOPYDW0/I/5LnYHkly4tnmuw+BSN9je9N+iMJh73FTJ+3HmWplQUIYfZsHQg6u
V+H276aVSXja5OvoKK1rzzoV51x3tSUSuOJMUCWVihlhkfRCorUP0t52S2aZsEVI
tAxqvD/NvclIT82M6Tuzoy8WxnBSINZoaIvDoVtWeB8ddPun/lz6XKicsgrfknfv
CCbMTNBTC8sWtMddR+lsys6oXNlCNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:13 2024 by rpki-client on console-ams.rpki-client.org