Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/dfkgQCIXSZInslFetqyR6W0mBKY.roa
File: dfkgQCIXSZInslFetqyR6W0mBKY.roa (raw, json)
Hash identifier: smrk2UXcH8NlNQd/+pCqqk6JI9YN2zrq1jM+MRD3qnk=
Subject key identifier: 75:F9:20:40:22:17:49:92:27:B2:51:5E:B6:AC:91:E9:6D:26:04:A6
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 018571B0C0E0497695FA1D1B08FB4C931999
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/dfkgQCIXSZInslFetqyR6W0mBKY.roa
Signing time: Mon 02 Jan 2023 08:54:47 +0000
ROA not before: Mon 02 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2001:7f8:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c0:e0:49:76:95:fa:1d:1b:08:fb:4c:93:19:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jan 2 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75f920402217499227b2515eb6ac91e96d2604a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:26:52:39:7f:d1:61:e8:93:3b:f8:b5:23:9b:
49:9a:0d:fe:31:37:04:08:f9:fb:2f:12:d9:0e:ab:
fb:82:f6:64:4a:59:6a:cf:0e:a8:4b:4e:01:24:f9:
ab:be:57:e7:ab:4b:b9:99:49:67:a3:96:b8:92:49:
e1:57:cd:1d:f5:95:d6:34:a4:20:f1:1f:d9:ee:18:
b1:d8:15:04:c7:c0:fc:f8:fb:76:e0:34:53:36:cb:
70:19:45:22:36:72:d5:95:2f:0d:d0:b7:99:66:06:
9a:14:96:4f:0f:75:cc:6b:5b:f6:09:2d:d3:f6:1f:
57:d1:44:84:a2:ff:c3:a4:20:7d:94:da:60:25:72:
95:04:2b:a9:e4:a5:c4:95:20:05:c3:d1:c2:09:9d:
23:c9:43:f0:ec:aa:46:2f:9a:0f:af:f4:07:3e:e4:
e7:fe:d1:40:00:8f:a9:1a:de:17:4b:85:26:8d:9d:
c9:25:c2:34:98:89:18:10:05:d4:03:78:35:39:d9:
3c:c7:5e:ab:e2:e6:67:57:99:a6:9b:ea:bc:b5:4d:
22:e1:ee:9f:84:a2:85:6b:f2:be:2c:9a:86:b3:86:
56:d0:1a:5d:e0:b9:47:b8:08:7c:24:27:91:62:08:
08:b8:94:6f:cd:4c:ce:82:ee:f9:06:b4:56:27:5a:
5f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F9:20:40:22:17:49:92:27:B2:51:5E:B6:AC:91:E9:6D:26:04:A6
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/dfkgQCIXSZInslFetqyR6W0mBKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:7f8:4::/48
Signature Algorithm: sha256WithRSAEncryption
9f:db:c4:29:9d:5e:b8:98:a6:ad:5d:24:3a:d8:b8:d5:96:ef:
c5:19:42:cc:59:9d:ad:40:57:cc:84:fe:ce:af:e0:0b:4d:d1:
60:4c:bc:e9:f0:8b:11:15:16:95:b1:ff:27:a1:0f:5e:b0:31:
61:79:26:9b:6c:e9:65:03:5b:86:52:75:58:43:29:57:cf:0a:
80:c3:8b:6f:74:87:ff:39:fb:ed:39:72:a8:87:d9:b0:eb:1e:
5b:81:7f:4b:d0:05:c3:12:72:ee:6e:91:f2:e1:47:a1:66:c6:
43:0e:03:7e:60:b0:19:07:f1:b2:79:b9:df:1e:42:3d:50:f8:
b9:ca:48:e1:02:42:66:fb:33:43:d3:1e:27:ee:a5:e8:a0:cd:
c1:01:cf:2c:b1:95:23:19:25:5e:66:55:93:8b:8e:f6:7b:f9:
f9:05:23:95:6f:7a:3f:4c:6f:37:df:bc:24:05:f2:de:3d:b8:
b2:41:52:b6:68:fd:f3:aa:81:d3:05:4c:bf:ba:3c:a1:27:f6:
59:ce:db:5a:39:b6:f6:ca:b3:1f:78:3c:f0:93:a7:f9:92:b8:
88:fb:c9:a9:05:6f:7d:00:a1:53:4d:a0:e8:0c:de:86:10:7b:
72:74:df:81:f4:02:39:68:de:0d:a7:28:42:af:6e:3e:82:bd:
d1:d7:a3:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxsMDgSXaV+h0bCPtMkxmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwMTAyMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWY5MjA0MDIyMTc0OTkyMjdiMjUxNWViNmFjOTFlOTZkMjYwNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCZSOX/RYeiTO/i1I5tJmg3+MTcE
CPn7LxLZDqv7gvZkSllqzw6oS04BJPmrvlfnq0u5mUlno5a4kknhV80d9ZXWNKQg
8R/Z7hix2BUEx8D8+Pt24DRTNstwGUUiNnLVlS8N0LeZZgaaFJZPD3XMa1v2CS3T
9h9X0USEov/DpCB9lNpgJXKVBCup5KXElSAFw9HCCZ0jyUPw7KpGL5oPr/QHPuTn
/tFAAI+pGt4XS4UmjZ3JJcI0mIkYEAXUA3g1Odk8x16r4uZnV5mmm+q8tU0i4e6f
hKKFa/K+LJqGs4ZW0Bpd4LlHuAh8JCeRYggIuJRvzUzOgu75BrRWJ1pfIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHX5IEAiF0mSJ7JRXraskeltJgSmMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvZGZrZ1FDSVhTWkluc2xGZXRxeVI2VzBtQktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEH+AAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCf28QpnV64mKatXSQ62LjVlu/FGULMWZ2tQFfM
hP7Or+ALTdFgTLzp8IsRFRaVsf8noQ9esDFheSabbOllA1uGUnVYQylXzwqAw4tv
dIf/OfvtOXKoh9mw6x5bgX9L0AXDEnLubpHy4UehZsZDDgN+YLAZB/GyebnfHkI9
UPi5ykjhAkJm+zND0x4n7qXooM3BAc8ssZUjGSVeZlWTi472e/n5BSOVb3o/TG83
37wkBfLePbiyQVK2aP3zqoHTBUy/ujyhJ/ZZzttaObb2yrMfeDzwk6f5kriI+8mp
BW99AKFTTaDoDN6GEHtydN+B9AI5aN4NpyhCr24+gr3R16Mn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:20 2025 by rpki-client