Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/DO36Rn11qRMIuz_XEGV8jnwSTmA.roa
File: DO36Rn11qRMIuz_XEGV8jnwSTmA.roa (raw, json)
Hash identifier: IpoUhzAAwNb9rrD14AqD6OdErjX36g4jXcGQoEaqrxM=
Subject key identifier: 0C:ED:FA:46:7D:75:A9:13:08:BB:3F:D7:10:65:7C:8E:7C:12:4E:60
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 02E1DDDB
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/DO36Rn11qRMIuz_XEGV8jnwSTmA.roa
Signing time: Sat 01 Jan 2022 14:59:19 +0000
ROA not before: Sat 01 Jan 2022 14:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48356827 (0x2e1dddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 14:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cedfa467d75a91308bb3fd710657c8e7c124e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9e:be:8c:1b:14:fd:77:09:42:0b:db:7c:5a:
9d:b3:5f:e0:e5:68:7d:f8:f3:09:41:94:cb:61:e9:
b0:62:ff:51:36:3e:a3:96:17:b8:9e:72:06:eb:9d:
1e:38:9b:19:4e:77:fa:aa:de:b3:7a:ed:4d:39:9f:
09:83:c0:b7:de:38:f1:5a:42:01:6b:7a:d3:01:ba:
79:c7:f1:04:57:b9:a7:91:ae:45:71:07:41:b6:c1:
a8:8d:b0:a2:f0:94:90:b0:50:54:2a:71:90:98:fb:
3c:52:fe:29:54:12:61:d8:4e:7b:c0:6c:6a:1f:0b:
3d:43:1e:a3:07:10:51:66:3d:6e:13:f3:e1:66:5e:
34:37:63:65:e8:a9:eb:5e:70:3d:07:d8:11:47:e9:
65:46:08:00:9b:59:6c:eb:70:63:d6:92:de:89:f9:
7e:26:3e:89:f2:3f:fe:69:41:4e:18:0d:cd:9e:7b:
94:4f:16:51:0a:73:a3:f9:ab:7f:83:f2:2b:32:8e:
f0:96:a9:b7:0a:8f:ff:c0:54:fd:b7:1c:76:b7:8e:
43:c6:8d:74:69:d0:2f:8b:04:78:83:c6:44:0f:43:
d4:62:99:ef:c5:c6:15:94:e4:cc:3e:20:7e:48:bf:
f2:46:51:71:43:03:ef:c0:4c:ad:58:88:23:88:7a:
cd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:ED:FA:46:7D:75:A9:13:08:BB:3F:D7:10:65:7C:8E:7C:12:4E:60
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/DO36Rn11qRMIuz_XEGV8jnwSTmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
Signature Algorithm: sha256WithRSAEncryption
73:19:37:fc:83:31:a1:90:c0:e3:26:06:09:b2:11:c6:d6:fe:
99:74:67:16:fb:ff:5d:81:09:3c:e3:a7:f7:67:51:32:aa:9d:
8c:63:cc:d2:1c:4f:01:71:70:5d:29:ae:00:9f:fa:5b:be:80:
d2:64:09:b2:5e:bc:ae:c4:f9:c0:48:ba:fc:8d:34:b7:fa:9d:
e7:99:d9:ba:ae:bd:64:db:b9:ee:e1:f9:16:48:00:46:c2:58:
67:48:32:ff:d4:ba:d6:fa:61:83:f8:0c:45:47:2e:e3:bf:fe:
02:a8:d1:59:a7:04:d7:75:c5:ce:e0:49:2b:7e:0f:ec:91:17:
4f:d2:e1:8d:24:d3:28:2f:b1:2d:ce:4f:ae:96:3d:dd:d7:bd:
86:82:0a:4e:04:75:2b:90:e8:91:1b:a6:fd:73:8f:e9:a5:1f:
81:4d:57:b5:b5:88:7c:a7:af:eb:7d:c6:bc:e9:1e:26:2b:f4:
91:16:cc:b7:39:4d:64:e4:22:50:fd:55:cb:5d:a2:21:df:b6:
b1:50:6f:09:64:40:b2:86:08:0a:de:84:c9:ba:9a:e8:10:f7:
29:78:bf:4a:f7:5c:c3:7d:8c:78:cc:24:bb:57:40:6e:43:ed:
48:e0:27:37:55:cf:81:c9:1c:88:50:c7:05:15:f6:c8:13:da:
49:2a:ba:90
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEAuHd2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjI4MjRjNjEzNTdkYzM0NGJiZGYzNWI4MzU3NzQ1OWI5ZDNmYzQ0MB4XDTIyMDEw
MTE0NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNlZGZhNDY3ZDc1
YTkxMzA4YmIzZmQ3MTA2NTdjOGU3YzEyNGU2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGevowbFP13CUIL23xanbNf4OVoffjzCUGUy2HpsGL/UTY+
o5YXuJ5yBuudHjibGU53+qres3rtTTmfCYPAt9448VpCAWt60wG6ecfxBFe5p5Gu
RXEHQbbBqI2wovCUkLBQVCpxkJj7PFL+KVQSYdhOe8Bsah8LPUMeowcQUWY9bhPz
4WZeNDdjZeip615wPQfYEUfpZUYIAJtZbOtwY9aS3on5fiY+ifI//mlBThgNzZ57
lE8WUQpzo/mrf4PyKzKO8JaptwqP/8BU/bccdreOQ8aNdGnQL4sEeIPGRA9D1GKZ
78XGFZTkzD4gfki/8kZRcUMD78BMrViII4h6zS8CAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBQM7fpGfXWpEwi7P9cQZXyOfBJOYDAfBgNVHSMEGDAWgBSPKCTGE1fcNEu9
81uDV3RZudP8RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p5Z2t4aE5YM0RSTHZmTmJnMWQwV2JuVF9FUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNjUyZWI0LTMyMWMtNDhjMC05MjcyLTNhZTcxMWFmMDM0Yi8x
L0RPMzZSbjExcVJNSXV6X1hFR1Y4am53U1RtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NjUyZWI0LTMyMWMtNDhjMC05MjcyLTNhZTcxMWFmMDM0Yi8xL2p5Z2t4aE5YM0RS
THZmTmJnMWQwV2JuVF9FUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBCoAS8AgAAMGACoAS8AhMA0GCSqG
SIb3DQEBCwUAA4IBAQBzGTf8gzGhkMDjJgYJshHG1v6ZdGcW+/9dgQk846f3Z1Ey
qp2MY8zSHE8BcXBdKa4An/pbvoDSZAmyXryuxPnASLr8jTS3+p3nmdm6rr1k27nu
4fkWSABGwlhnSDL/1LrW+mGD+AxFRy7jv/4CqNFZpwTXdcXO4Ekrfg/skRdP0uGN
JNMoL7Etzk+ulj3d172GggpOBHUrkOiRG6b9c4/ppR+BTVe1tYh8p6/rfca86R4m
K/SRFsy3OU1k5CJQ/VXLXaIh37axUG8JZECyhggK3oTJuproEPcpeL9K91zDfYx4
zCS7V0BuQ+1I4Cc3Vc+ByRyIUMcFFfbIE9pJKrqQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:20 2024 by rpki-client on console-ams.rpki-client.org