Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/fea5c4-dde1-4548-a58b-8938e9556342/1/Cd92hsj0RujymNNvR6Ob-kBFD34.roa
File: Cd92hsj0RujymNNvR6Ob-kBFD34.roa (raw, json)
Hash identifier: qJTkVRLmIEiFb4J1D86CZi1a9M1Lr6/+kvP9hDnBhq8=
Subject key identifier: 09:DF:76:86:C8:F4:46:E8:F2:98:D3:6F:47:A3:9B:FA:40:45:0F:7E
Certificate issuer: /CN=a00995a87bf64dc4949b819dfe02f8a586aaa4de
Certificate serial: B40FE6
Authority key identifier: A0:09:95:A8:7B:F6:4D:C4:94:9B:81:9D:FE:02:F8:A5:86:AA:A4:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAmVqHv2TcSUm4Gd_gL4pYaqpN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/fea5c4-dde1-4548-a58b-8938e9556342/1/Cd92hsj0RujymNNvR6Ob-kBFD34.roa
Signing time: Sat 01 Jan 2022 07:55:49 +0000
ROA not before: Sat 01 Jan 2022 07:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210731
IP address blocks: 2001:67c:89c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11800550 (0xb40fe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00995a87bf64dc4949b819dfe02f8a586aaa4de
Validity
Not Before: Jan 1 07:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09df7686c8f446e8f298d36f47a39bfa40450f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a1:2a:8f:31:67:4d:03:4b:74:f7:f3:eb:2a:
5f:f4:62:2c:57:ab:c6:4c:40:37:2f:21:02:79:ac:
14:ea:ad:3e:17:e2:d8:1f:ba:49:63:3b:0c:85:78:
ce:e5:c5:4b:1a:0f:d6:22:f3:27:bc:5f:1e:bc:c2:
56:fc:97:5e:2d:59:50:c1:4f:df:5b:93:22:c9:dc:
59:5d:8d:99:65:30:3a:7e:ad:43:70:bf:ee:58:c0:
8c:29:44:0d:25:8a:54:c1:04:79:6e:c2:03:ae:28:
d1:a9:7f:df:2a:ea:70:63:69:33:24:14:83:80:b5:
9c:02:dc:a7:b3:a8:f0:f2:c0:85:a1:82:4a:73:b8:
f7:22:b3:dc:01:a4:73:10:02:db:66:01:69:c4:52:
d2:39:e1:8d:4b:3f:9b:de:a1:37:a1:51:31:53:9b:
39:57:28:e2:81:30:3b:4e:4e:ca:6b:67:3a:96:03:
67:4f:80:df:12:4c:59:30:98:2a:25:5e:44:cb:5c:
08:12:51:7e:56:5a:db:32:57:0d:89:54:a4:40:66:
fc:06:57:74:56:7b:c1:a4:98:f6:fd:4f:9e:ef:9f:
15:7e:ed:c8:98:d1:54:50:3e:66:5e:e9:6c:0e:de:
fb:f3:10:81:b0:35:ea:be:e9:31:0b:da:40:61:1d:
7f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DF:76:86:C8:F4:46:E8:F2:98:D3:6F:47:A3:9B:FA:40:45:0F:7E
X509v3 Authority Key Identifier:
keyid:A0:09:95:A8:7B:F6:4D:C4:94:9B:81:9D:FE:02:F8:A5:86:AA:A4:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAmVqHv2TcSUm4Gd_gL4pYaqpN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/fea5c4-dde1-4548-a58b-8938e9556342/1/Cd92hsj0RujymNNvR6Ob-kBFD34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/fea5c4-dde1-4548-a58b-8938e9556342/1/oAmVqHv2TcSUm4Gd_gL4pYaqpN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:89c::/48
Signature Algorithm: sha256WithRSAEncryption
38:de:c8:84:b3:4b:fd:ca:f2:0d:5f:e9:35:91:2a:67:1e:dc:
5a:de:ad:1c:b0:15:3c:f6:09:2b:b3:89:2c:d0:0c:27:69:dc:
96:da:4d:e7:ad:1a:3f:b5:1a:ba:84:0e:55:39:1d:ec:b2:49:
03:c0:79:ff:2e:b3:00:48:bd:45:ca:1d:8c:97:f9:aa:93:47:
33:48:29:89:ac:f2:2f:9a:97:e5:88:49:02:1c:3c:fb:1c:29:
2f:45:b1:c4:52:6a:5b:44:2e:d8:76:47:94:70:a7:31:9f:bf:
f7:9e:76:ac:bd:16:5a:00:b6:0b:8f:6f:a6:14:0f:9c:8a:49:
c7:6a:f9:d2:a4:26:a8:96:c6:fc:d8:7c:ca:b9:06:66:97:52:
eb:bb:f7:f8:53:22:6a:91:36:85:c0:8b:ce:de:e4:8e:95:18:
0f:46:2f:bb:dc:5d:d6:5a:c6:80:b9:c0:0e:04:30:b0:a1:aa:
a1:2c:85:18:b2:0d:3b:ad:e8:52:bb:8b:bc:12:11:f0:ae:c3:
af:61:c3:8b:e0:8a:68:f8:f2:7a:59:68:57:b3:41:41:79:54:
eb:e6:b8:f8:52:e1:90:4e:3a:20:c7:97:61:0c:11:7e:f1:4e:
dc:60:7e:14:54:8b:b7:93:f3:b0:01:a1:8b:2c:d5:21:32:19:
f4:55:76:f8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEALQP5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDA5OTVhODdiZjY0ZGM0OTQ5YjgxOWRmZTAyZjhhNTg2YWFhNGRlMB4XDTIyMDEw
MTA3NTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlkZjc2ODZjOGY0
NDZlOGYyOThkMzZmNDdhMzliZmE0MDQ1MGY3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuhKo8xZ00DS3T38+sqX/RiLFerxkxANy8hAnmsFOqtPhfi
2B+6SWM7DIV4zuXFSxoP1iLzJ7xfHrzCVvyXXi1ZUMFP31uTIsncWV2NmWUwOn6t
Q3C/7ljAjClEDSWKVMEEeW7CA64o0al/3yrqcGNpMyQUg4C1nALcp7Oo8PLAhaGC
SnO49yKz3AGkcxAC22YBacRS0jnhjUs/m96hN6FRMVObOVco4oEwO05OymtnOpYD
Z0+A3xJMWTCYKiVeRMtcCBJRflZa2zJXDYlUpEBm/AZXdFZ7waSY9v1Pnu+fFX7t
yJjRVFA+Zl7pbA7e+/MQgbA16r7pMQvaQGEdf0UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQJ33aGyPRG6PKY029Ho5v6QEUPfjAfBgNVHSMEGDAWgBSgCZWoe/ZNxJSb
gZ3+Avilhqqk3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29BbVZxSHYyVGNTVW00R2RfZ0w0cFlhcXBONC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvZmVhNWM0LWRkZTEtNDU0OC1hNThiLTg5MzhlOTU1NjM0Mi8x
L0NkOTJoc2owUnVqeW1OTnZSNk9iLWtCRkQzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
ZmVhNWM0LWRkZTEtNDU0OC1hNThiLTg5MzhlOTU1NjM0Mi8xL29BbVZxSHYyVGNT
VW00R2RfZ0w0cFlhcXBONC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwInDANBgkqhkiG9w0BAQsF
AAOCAQEAON7IhLNL/cryDV/pNZEqZx7cWt6tHLAVPPYJK7OJLNAMJ2ncltpN560a
P7UauoQOVTkd7LJJA8B5/y6zAEi9RcodjJf5qpNHM0gpiazyL5qX5YhJAhw8+xwp
L0WxxFJqW0Qu2HZHlHCnMZ+/9552rL0WWgC2C49vphQPnIpJx2r50qQmqJbG/Nh8
yrkGZpdS67v3+FMiapE2hcCLzt7kjpUYD0Yvu9xd1lrGgLnADgQwsKGqoSyFGLIN
O63oUruLvBIR8K7Dr2HDi+CKaPjyelloV7NBQXlU6+a4+FLhkE46IMeXYQwRfvFO
3GB+FFSLt5PzsAGhiyzVITIZ9FV2+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:59 2024 by rpki-client on console-fra.rpki-client.org