Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/25a01b-5fb0-444e-a2c7-339c9d48774c/1/zQBhAcMs0jGCC3YV4_CYi-VdhM0.roa
File: zQBhAcMs0jGCC3YV4_CYi-VdhM0.roa (raw, json)
Hash identifier: a/NCPfj2kL2SICS68WRUuxvFYXZ1rNkcReoJZcw16KI=
Subject key identifier: CD:00:61:01:C3:2C:D2:31:82:0B:76:15:E3:F0:98:8B:E5:5D:84:CD
Certificate issuer: /CN=e680478faec8b67ddfece6357cf25cf2ca1d85d0
Certificate serial: 06014783
Authority key identifier: E6:80:47:8F:AE:C8:B6:7D:DF:EC:E6:35:7C:F2:5C:F2:CA:1D:85:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oBHj67Itn3f7OY1fPJc8sodhdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/25a01b-5fb0-444e-a2c7-339c9d48774c/1/zQBhAcMs0jGCC3YV4_CYi-VdhM0.roa
Signing time: Sat 01 Jan 2022 02:56:31 +0000
ROA not before: Sat 01 Jan 2022 02:56:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207424
IP address blocks: 2001:67c:2fc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100747139 (0x6014783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e680478faec8b67ddfece6357cf25cf2ca1d85d0
Validity
Not Before: Jan 1 02:56:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd006101c32cd231820b7615e3f0988be55d84cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:62:d7:39:2a:f6:de:78:0e:ea:dc:fa:3a:78:
ff:29:02:88:49:31:db:9b:23:e1:d9:6b:72:d9:9a:
07:08:2c:e8:b7:65:31:45:01:71:0b:f0:7a:e8:30:
35:ed:62:b6:45:51:80:0c:d1:5d:02:fe:10:51:8a:
3f:6f:91:f6:9a:6c:f2:7d:aa:f4:a1:47:7f:8e:24:
80:44:00:71:c5:fa:f3:5f:63:ed:6f:08:f1:d7:74:
fd:18:40:5f:88:4c:7a:5e:32:3f:49:80:c9:17:42:
92:2f:38:04:7f:33:64:a8:7a:1c:4c:21:26:ad:a5:
f4:7a:2d:b7:33:9f:6f:4b:79:63:1a:e9:f1:10:ae:
ef:df:f7:df:c8:71:c3:4b:c1:6e:61:86:06:4f:03:
01:06:ee:92:71:84:43:57:bc:2e:7d:a4:ad:68:51:
92:e1:41:44:2f:9d:16:67:03:a5:c6:4d:d6:31:0e:
f0:fc:87:2c:31:f6:61:9a:a8:b4:30:15:0a:9a:dc:
92:15:e4:46:36:31:1e:ce:0e:f8:ed:c9:5f:e6:c5:
84:e2:f9:2e:39:46:9d:2c:2d:10:94:22:8d:a9:d0:
79:d8:c8:9c:77:00:73:03:e0:7c:69:a3:97:fa:72:
5b:4d:fb:ba:11:9c:93:4e:85:6a:1a:d4:05:88:19:
28:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:00:61:01:C3:2C:D2:31:82:0B:76:15:E3:F0:98:8B:E5:5D:84:CD
X509v3 Authority Key Identifier:
keyid:E6:80:47:8F:AE:C8:B6:7D:DF:EC:E6:35:7C:F2:5C:F2:CA:1D:85:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oBHj67Itn3f7OY1fPJc8sodhdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/25a01b-5fb0-444e-a2c7-339c9d48774c/1/zQBhAcMs0jGCC3YV4_CYi-VdhM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/25a01b-5fb0-444e-a2c7-339c9d48774c/1/5oBHj67Itn3f7OY1fPJc8sodhdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2fc0::/48
Signature Algorithm: sha256WithRSAEncryption
24:83:44:cb:7d:a7:ce:e9:92:0d:41:f9:64:8a:8f:40:d8:5f:
b3:21:44:62:b5:53:de:c3:83:a4:1b:d8:89:9d:62:93:9b:0f:
1b:33:2e:4c:0f:64:d1:01:35:88:a2:1e:02:d2:52:ea:a7:5e:
47:3a:c8:ce:5c:40:af:46:30:dd:f2:3d:7a:cc:25:80:50:21:
75:13:cf:9f:88:5c:9c:e4:b5:65:d8:08:52:25:b3:d0:46:ac:
5f:70:ca:c5:65:86:1f:31:6f:6d:d5:d2:e5:49:19:88:cc:95:
69:da:8c:57:e8:fc:b1:bb:b3:f5:1b:09:d4:ac:98:53:70:bb:
0d:02:57:26:53:3f:23:55:9e:1f:4f:3a:c1:54:c8:17:c2:6b:
62:6b:9b:17:01:a4:e9:f0:b1:51:30:ae:93:67:01:e1:39:aa:
34:cd:4e:e3:de:0e:41:a3:9e:d8:98:d4:53:5a:04:13:75:59:
25:a8:3e:3e:e1:87:6b:3e:d5:98:8c:87:89:92:20:ca:a3:6e:
78:fd:7d:ec:a3:b0:be:80:03:96:01:0d:5e:1c:35:d2:6b:ca:
28:12:0d:4a:51:06:11:52:81:62:d3:57:ec:7a:a0:79:48:af:
ca:e3:ad:50:4a:59:76:3e:2c:fe:1b:9d:16:09:f3:79:56:72:
b3:41:51:25
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBgFHgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjgwNDc4ZmFlYzhiNjdkZGZlY2U2MzU3Y2YyNWNmMmNhMWQ4NWQwMB4XDTIyMDEw
MTAyNTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QwMDYxMDFjMzJj
ZDIzMTgyMGI3NjE1ZTNmMDk4OGJlNTVkODRjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhi1zkq9t54Durc+jp4/ykCiEkx25sj4dlrctmaBwgs6Ldl
MUUBcQvweugwNe1itkVRgAzRXQL+EFGKP2+R9pps8n2q9KFHf44kgEQAccX6819j
7W8I8dd0/RhAX4hMel4yP0mAyRdCki84BH8zZKh6HEwhJq2l9HottzOfb0t5Yxrp
8RCu79/338hxw0vBbmGGBk8DAQbuknGEQ1e8Ln2krWhRkuFBRC+dFmcDpcZN1jEO
8PyHLDH2YZqotDAVCprckhXkRjYxHs4O+O3JX+bFhOL5LjlGnSwtEJQijanQedjI
nHcAcwPgfGmjl/pyW037uhGck06FahrUBYgZKJMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTNAGEBwyzSMYILdhXj8JiL5V2EzTAfBgNVHSMEGDAWgBTmgEePrsi2fd/s
5jV88lzyyh2F0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVvQkhqNjdJdG4zZjdPWTFmUEpjOHNvZGhkQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMjVhMDFiLTVmYjAtNDQ0ZS1hMmM3LTMzOWM5ZDQ4Nzc0Yy8x
L3pRQmhBY01zMGpHQ0MzWVY0X0NZaS1WZGhNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MjVhMDFiLTVmYjAtNDQ0ZS1hMmM3LTMzOWM5ZDQ4Nzc0Yy8xLzVvQkhqNjdJdG4z
ZjdPWTFmUEpjOHNvZGhkQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwvwDANBgkqhkiG9w0BAQsF
AAOCAQEAJINEy32nzumSDUH5ZIqPQNhfsyFEYrVT3sODpBvYiZ1ik5sPGzMuTA9k
0QE1iKIeAtJS6qdeRzrIzlxAr0Yw3fI9eswlgFAhdRPPn4hcnOS1ZdgIUiWz0Eas
X3DKxWWGHzFvbdXS5UkZiMyVadqMV+j8sbuz9RsJ1KyYU3C7DQJXJlM/I1WeH086
wVTIF8JrYmubFwGk6fCxUTCuk2cB4TmqNM1O494OQaOe2JjUU1oEE3VZJag+PuGH
az7VmIyHiZIgyqNueP197KOwvoADlgENXhw10mvKKBINSlEGEVKBYtNX7HqgeUiv
yuOtUEpZdj4s/hudFgnzeVZys0FRJQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org