Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aKgjcjXryFXyz_XGSKS-d3izfp0.roa
File: aKgjcjXryFXyz_XGSKS-d3izfp0.roa (raw, json)
Hash identifier: vJi8JC52aqZkgaoNXNs1wszdedvsBF7CjnntBSOv4Lc=
Subject key identifier: 68:A8:23:72:35:EB:C8:55:F2:CF:F5:C6:48:A4:BE:77:78:B3:7E:9D
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0624F39E
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aKgjcjXryFXyz_XGSKS-d3izfp0.roa
Signing time: Thu 17 Feb 2022 14:24:02 +0000
ROA not before: Thu 17 Feb 2022 14:24:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 2a0f:3101::/32 maxlen: 32
2a0d:3c46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103084958 (0x624f39e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 17 14:24:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68a8237235ebc855f2cff5c648a4be7778b37e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6e:45:e4:a3:12:dd:5e:f7:b1:b6:0d:f5:c7:
43:57:20:8e:3d:d8:53:5c:83:fe:a7:e6:ed:70:97:
50:00:ab:58:98:1b:e7:b7:77:d1:1e:14:0c:44:15:
5c:ba:0c:b8:98:1c:e4:a3:d1:f4:0f:5e:c6:ec:56:
19:38:e2:eb:2a:d7:91:b0:50:2c:36:fe:a3:62:aa:
ad:d9:78:86:17:b3:5d:49:91:ed:c1:0a:9a:29:e5:
81:bf:11:62:5c:b9:27:71:4e:7e:84:15:21:69:3d:
14:c2:45:43:61:34:fb:4d:fe:2c:89:90:0a:2c:05:
06:ab:9e:fc:db:7a:c7:e4:6a:e4:32:f6:d2:3b:2d:
c0:ab:c2:f3:3a:c3:9d:d1:8c:63:42:28:3a:2a:49:
fa:62:ac:9c:eb:39:a9:6d:d2:39:72:fe:2d:30:74:
34:ae:5c:79:83:46:c0:49:92:97:22:12:90:ad:c9:
f8:ce:1b:c1:85:cf:98:2c:4f:1e:db:8b:1f:02:7d:
29:b1:4d:dc:d5:15:85:61:16:f1:63:54:a0:8e:c9:
03:d4:57:df:5e:52:a7:14:c9:39:8c:f5:b8:a1:5a:
c2:a5:ca:e5:ba:4a:e9:22:d5:f2:10:4c:7a:e3:c4:
af:67:ca:c3:75:a7:d8:4b:75:df:f7:4e:a6:2c:cf:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:23:72:35:EB:C8:55:F2:CF:F5:C6:48:A4:BE:77:78:B3:7E:9D
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aKgjcjXryFXyz_XGSKS-d3izfp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3c46::/32
2a0f:3101::/32
Signature Algorithm: sha256WithRSAEncryption
ca:c1:aa:d4:ac:2d:7e:3d:52:f7:b1:65:60:a1:d6:a5:92:14:
ae:96:49:bd:f5:75:a2:c4:e1:5c:1d:af:45:ca:3a:40:5f:a0:
55:fd:80:8e:5d:28:9c:79:44:e4:e2:9e:7d:28:ee:e3:a4:d3:
bb:de:88:c0:80:84:a8:1f:b4:15:29:b0:99:1d:28:d1:30:d9:
c2:13:77:24:1e:58:8c:f9:11:97:cb:58:9d:c7:e2:ab:89:3c:
ed:22:87:5d:87:f5:9c:bf:6f:5b:68:6d:e0:8f:ae:07:82:b7:
0f:66:c3:3a:10:53:a3:a9:cd:ff:81:95:6a:de:cb:6c:a8:7b:
7a:3e:2c:f1:b8:1f:0c:73:f4:8f:41:98:5c:c0:ee:b0:1f:1e:
64:17:c4:d3:57:b1:3f:82:f4:ad:79:2d:bd:de:73:4d:4d:e7:
51:8e:6e:d1:1f:82:e9:27:d7:6a:68:20:91:7d:b5:59:0a:8e:
8f:aa:fe:bb:ea:a0:2d:38:cd:98:68:86:ea:01:2b:1b:09:6e:
4c:ad:71:49:04:76:20:54:44:24:a4:12:20:a9:f3:3e:e6:fe:
b9:e6:68:07:e0:35:d0:00:e6:9c:d9:eb:fc:8b:91:ce:86:10:
2f:75:b5:d6:e2:7c:48:57:83:13:ce:c6:bf:97:5e:d0:01:94:
36:dc:1d:42
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBiTznjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDIx
NzE0MjQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhhODIzNzIzNWVi
Yzg1NWYyY2ZmNWM2NDhhNGJlNzc3OGIzN2U5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANduReSjEt1e97G2DfXHQ1cgjj3YU1yD/qfm7XCXUACrWJgb
57d30R4UDEQVXLoMuJgc5KPR9A9exuxWGTji6yrXkbBQLDb+o2Kqrdl4hhezXUmR
7cEKminlgb8RYly5J3FOfoQVIWk9FMJFQ2E0+03+LImQCiwFBque/Nt6x+Rq5DL2
0jstwKvC8zrDndGMY0IoOipJ+mKsnOs5qW3SOXL+LTB0NK5ceYNGwEmSlyISkK3J
+M4bwYXPmCxPHtuLHwJ9KbFN3NUVhWEW8WNUoI7JA9RX315SpxTJOYz1uKFawqXK
5bpK6SLV8hBMeuPEr2fKw3Wn2Et13/dOpizPLwcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRoqCNyNevIVfLP9cZIpL53eLN+nTAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2FLZ2pjalhyeUZYeXpfWEdTS1MtZDNpemZwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFACoNPEYDBQAqDzEBMA0GCSqGSIb3
DQEBCwUAA4IBAQDKwarUrC1+PVL3sWVgodalkhSulkm99XWixOFcHa9FyjpAX6BV
/YCOXSiceUTk4p59KO7jpNO73ojAgISoH7QVKbCZHSjRMNnCE3ckHliM+RGXy1id
x+KriTztIoddh/Wcv29baG3gj64HgrcPZsM6EFOjqc3/gZVq3stsqHt6PizxuB8M
c/SPQZhcwO6wHx5kF8TTV7E/gvSteS293nNNTedRjm7RH4LpJ9dqaCCRfbVZCo6P
qv676qAtOM2YaIbqASsbCW5MrXFJBHYgVEQkpBIgqfM+5v655mgH4DXQAOac2ev8
i5HOhhAvdbXW4nxIV4MTzsa/l17QAZQ23B1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org