Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/2s2zGOECutUkeGDxBOxyld8HrW4.roa
File: 2s2zGOECutUkeGDxBOxyld8HrW4.roa (raw, json)
Hash identifier: VxbWqq5uoWn4MDJKnn2NGd1JHC68br0MFP3TucBTCFA=
Subject key identifier: DA:CD:B3:18:E1:02:BA:D5:24:78:60:F1:04:EC:72:95:DF:07:AD:6E
Certificate issuer: /CN=afa929be73491acd99d590372a52b815fa1f23f5
Certificate serial: 025FAB57
Authority key identifier: AF:A9:29:BE:73:49:1A:CD:99:D5:90:37:2A:52:B8:15:FA:1F:23:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/2s2zGOECutUkeGDxBOxyld8HrW4.roa
Signing time: Sat 01 Jan 2022 02:53:53 +0000
ROA not before: Sat 01 Jan 2022 02:53:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42504
IP address blocks: 2001:678:d38::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39824215 (0x25fab57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa929be73491acd99d590372a52b815fa1f23f5
Validity
Not Before: Jan 1 02:53:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dacdb318e102bad5247860f104ec7295df07ad6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4d:c5:e3:8e:c6:28:51:12:52:58:f6:66:6f:
82:54:a2:61:8c:66:3f:e4:2c:c4:e1:9b:22:d9:f0:
92:50:ce:01:c0:5f:cd:e5:3a:b8:99:2f:0c:eb:de:
9b:2b:9e:5b:f7:3c:7c:67:1d:03:c9:3a:4d:f7:bf:
26:13:09:c0:6b:e0:6c:d4:6b:71:13:fb:f7:d7:94:
c2:12:e7:9b:67:da:2b:a2:fd:38:dd:b2:ed:3a:0a:
5f:89:5d:8d:be:1e:db:bf:d6:ac:2d:08:c6:80:4f:
92:df:87:e8:b3:69:0e:c4:2b:c5:90:40:f9:ac:f2:
4e:24:9b:7f:b8:53:db:e8:10:b5:5f:ad:c3:9c:68:
07:8b:e7:ae:24:1e:41:3b:f6:9d:d1:e2:14:e7:b6:
38:03:3b:45:3e:41:ab:41:b9:47:23:44:15:b3:57:
67:ec:d1:e9:75:46:4b:1a:1c:5b:01:0f:dd:15:3b:
a4:6e:93:92:2f:a8:94:86:82:02:b6:5c:bd:60:58:
ae:9d:c0:5d:65:f2:ce:1b:ad:ce:8a:f7:47:fd:65:
f0:cf:3e:73:0a:ee:33:ce:9c:96:64:ff:a7:10:b0:
a8:62:dc:9d:27:22:13:18:28:68:83:64:a7:f6:21:
5b:23:4b:48:97:7b:3a:35:37:7f:11:78:4f:fd:ef:
50:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CD:B3:18:E1:02:BA:D5:24:78:60:F1:04:EC:72:95:DF:07:AD:6E
X509v3 Authority Key Identifier:
keyid:AF:A9:29:BE:73:49:1A:CD:99:D5:90:37:2A:52:B8:15:FA:1F:23:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/2s2zGOECutUkeGDxBOxyld8HrW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d38::/48
Signature Algorithm: sha256WithRSAEncryption
42:df:c7:d9:ad:20:24:10:cf:70:ff:11:bc:10:ee:60:0e:e3:
fe:56:de:a4:ab:3c:af:11:d1:be:27:52:8d:15:fd:0d:9f:d6:
52:19:bb:a3:e8:3b:a0:54:7a:3d:86:0c:f0:8e:2f:7c:d8:84:
98:b7:38:21:c8:d1:dc:2b:50:6d:9c:ed:45:dd:ff:ce:0f:e2:
89:20:1c:94:17:10:e0:80:a2:74:0a:dd:df:4f:60:8d:c3:32:
77:ad:9c:4e:08:c1:e9:19:dd:4e:0b:18:2e:ba:7e:1e:af:f5:
3d:f3:c9:f2:34:42:70:be:f4:d3:f9:a0:b3:bb:bc:fc:79:ca:
53:3c:8f:5a:70:52:0e:7c:39:6b:ea:75:cc:e6:16:b1:20:5d:
74:3b:ae:fa:f3:70:6b:32:b6:c0:94:d7:0d:7c:6e:99:81:2d:
a1:6a:fe:00:a1:61:02:ef:41:58:26:df:a3:82:54:28:49:47:
0c:4f:93:64:27:85:92:6e:1e:86:11:0b:67:10:c6:46:da:e1:
b7:27:3b:05:37:e8:3d:6c:17:b2:8a:48:f0:01:75:3f:5b:9e:
40:aa:0f:75:25:87:99:ec:02:23:db:7a:f0:4c:bb:41:cb:ad:
a5:3b:46:bd:09:b8:e5:b6:26:58:a2:8b:32:e9:33:f1:72:70:
50:2a:d8:48
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAl+rVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmE5MjliZTczNDkxYWNkOTlkNTkwMzcyYTUyYjgxNWZhMWYyM2Y1MB4XDTIyMDEw
MTAyNTM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjZGIzMThlMTAy
YmFkNTI0Nzg2MGYxMDRlYzcyOTVkZjA3YWQ2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5NxeOOxihRElJY9mZvglSiYYxmP+QsxOGbItnwklDOAcBf
zeU6uJkvDOvemyueW/c8fGcdA8k6Tfe/JhMJwGvgbNRrcRP799eUwhLnm2faK6L9
ON2y7ToKX4ldjb4e27/WrC0IxoBPkt+H6LNpDsQrxZBA+azyTiSbf7hT2+gQtV+t
w5xoB4vnriQeQTv2ndHiFOe2OAM7RT5Bq0G5RyNEFbNXZ+zR6XVGSxocWwEP3RU7
pG6Tki+olIaCArZcvWBYrp3AXWXyzhutzor3R/1l8M8+cwruM86clmT/pxCwqGLc
nSciExgoaINkp/YhWyNLSJd7OjU3fxF4T/3vUP8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTazbMY4QK61SR4YPEE7HKV3wetbjAfBgNVHSMEGDAWgBSvqSm+c0kazZnV
kDcqUrgV+h8j9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I2a3B2bk5KR3MyWjFaQTNLbEs0RmZvZklfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvMjY5NGY4LWZhMWYtNGM4MS04MzEyLTNiNmYxYmRmNDEyYS8x
LzJzMnpHT0VDdXRVa2VHRHhCT3h5bGQ4SHJXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
MjY5NGY4LWZhMWYtNGM4MS04MzEyLTNiNmYxYmRmNDEyYS8xL3I2a3B2bk5KR3My
WjFaQTNLbEs0RmZvZklfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngNODANBgkqhkiG9w0BAQsF
AAOCAQEAQt/H2a0gJBDPcP8RvBDuYA7j/lbepKs8rxHRvidSjRX9DZ/WUhm7o+g7
oFR6PYYM8I4vfNiEmLc4IcjR3CtQbZztRd3/zg/iiSAclBcQ4ICidArd309gjcMy
d62cTgjB6RndTgsYLrp+Hq/1PfPJ8jRCcL700/mgs7u8/HnKUzyPWnBSDnw5a+p1
zOYWsSBddDuu+vNwazK2wJTXDXxumYEtoWr+AKFhAu9BWCbfo4JUKElHDE+TZCeF
km4ehhELZxDGRtrhtyc7BTfoPWwXsopI8AF1P1ueQKoPdSWHmewCI9t68Ey7Qcut
pTtGvQm45bYmWKKLMukz8XJwUCrYSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:44 2024 by rpki-client on console-fra.rpki-client.org