Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/1-jyGyqxHdYvYmF3jjp8hxNyLB9g.roa
File: 1-jyGyqxHdYvYmF3jjp8hxNyLB9g.roa (raw, json)
Hash identifier: 9p6pkUCAMrkNGVpqbyV+7XTignuBDFUhNEjUYJRNk+Y=
Subject key identifier: FA:3C:86:CA:AC:47:75:8B:D8:98:5D:E3:8E:9F:21:C4:DC:8B:07:D8
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 0950E325
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/1-jyGyqxHdYvYmF3jjp8hxNyLB9g.roa
Signing time: Thu 03 Feb 2022 18:18:12 +0000
ROA not before: Thu 03 Feb 2022 18:18:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a0d:c940::/29 maxlen: 29
2a09:2fc0::/29 maxlen: 29
2a01:64e0::/32 maxlen: 32
2a06:a640::/29 maxlen: 29
2a06:da80::/29 maxlen: 29
2a0d:db00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156295973 (0x950e325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Feb 3 18:18:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa3c86caac47758bd8985de38e9f21c4dc8b07d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8a:ee:87:54:9d:72:5d:41:4a:c7:aa:42:17:
2f:bb:86:da:35:32:94:f0:c0:40:64:66:22:3a:25:
80:ca:d4:1c:6f:25:4e:a5:44:0f:db:e9:0d:8d:32:
45:57:4b:bb:76:0b:1e:20:50:8c:99:32:fa:b9:5c:
0c:e0:08:cb:f1:87:98:2d:1c:07:2d:c4:06:dd:7d:
d1:a4:da:ae:17:5d:4d:60:a5:4d:0a:fc:a7:9c:37:
ff:b1:2c:27:10:9e:20:a4:19:19:2f:1d:c9:75:c7:
b6:28:97:fd:d9:4f:d3:d4:38:ca:b0:06:7f:e6:8c:
fc:8d:11:fd:d9:e0:13:3f:ab:df:a3:da:31:f9:95:
34:45:ca:56:ac:6b:b0:78:28:7c:de:a6:53:e6:91:
13:0a:e8:49:70:35:77:22:0e:46:21:14:c8:fa:59:
73:40:ba:1e:b4:0d:a3:0b:1d:7f:b3:e0:7b:43:c9:
74:04:61:69:83:11:94:94:36:39:dc:5a:2f:d0:b1:
ba:69:38:6d:67:a1:10:7b:f1:c0:07:ec:1d:80:a8:
0b:8b:a9:6c:ec:3d:16:24:e6:0d:ea:68:b9:4c:f3:
86:e2:95:51:02:f9:9a:bb:7d:61:60:28:09:df:08:
cd:0b:3f:25:c8:57:c8:86:e4:63:0f:87:a9:c1:72:
81:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3C:86:CA:AC:47:75:8B:D8:98:5D:E3:8E:9F:21:C4:DC:8B:07:D8
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/1-jyGyqxHdYvYmF3jjp8hxNyLB9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:64e0::/32
2a06:a640::/29
2a06:da80::/29
2a09:2fc0::/29
2a0d:c940::/29
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
4a:d1:5c:f1:bc:4d:36:48:6b:60:d1:55:8c:ba:3b:93:18:c2:
dd:f8:4e:f4:3e:3b:d5:20:94:97:b4:b5:21:57:a6:fd:ab:d4:
04:1e:08:47:52:67:68:34:a4:a9:ec:c3:80:72:77:dd:3b:cc:
74:8b:22:a2:1f:30:c7:5e:44:e9:c2:80:e0:10:9a:1c:50:ff:
98:b1:5d:42:60:72:7a:03:8a:18:bf:7a:ca:c2:e0:95:ad:b7:
e8:71:62:55:85:c1:cf:e0:3a:c0:8d:b9:f5:af:bc:40:68:90:
1d:fe:3c:24:fb:62:a8:21:e5:09:55:6c:80:23:f6:70:65:5a:
54:78:8b:03:53:c5:54:dd:50:bc:fa:a0:83:4e:73:3b:91:c3:
dc:1b:71:09:c0:20:63:af:7e:f4:33:91:df:00:bd:db:dd:32:
e1:a4:bc:f4:b8:c4:a5:f1:5b:64:ca:9a:0d:0c:66:bb:5d:22:
ca:9c:e5:f1:79:85:01:97:d2:d5:a7:79:7f:3d:46:66:76:c8:
8a:89:f8:ec:84:65:3c:4f:8c:81:b8:77:5a:8c:e1:27:8a:2a:
3a:cc:b2:57:45:2c:bb:99:2c:c7:9c:bd:55:f2:85:ea:8b:fc:
a1:c7:86:e0:ad:68:84:5c:4a:c7:c6:66:5f:5b:10:15:0c:03:
67:e8:68:b6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIECVDjJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2M0NzhkZDljY2Q2MTYyZjgyNDg4YWM2ZmM1MGMyMWQzNjlmMmEwMB4XDTIyMDIw
MzE4MTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEzYzg2Y2FhYzQ3
NzU4YmQ4OTg1ZGUzOGU5ZjIxYzRkYzhiMDdkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKK7odUnXJdQUrHqkIXL7uG2jUylPDAQGRmIjolgMrUHG8l
TqVED9vpDY0yRVdLu3YLHiBQjJky+rlcDOAIy/GHmC0cBy3EBt190aTarhddTWCl
TQr8p5w3/7EsJxCeIKQZGS8dyXXHtiiX/dlP09Q4yrAGf+aM/I0R/dngEz+r36Pa
MfmVNEXKVqxrsHgofN6mU+aREwroSXA1dyIORiEUyPpZc0C6HrQNowsdf7Pge0PJ
dARhaYMRlJQ2OdxaL9Cxumk4bWehEHvxwAfsHYCoC4upbOw9FiTmDepouUzzhuKV
UQL5mrt9YWAoCd8IzQs/JchXyIbkYw+HqcFygdcCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBT6PIbKrEd1i9iYXeOOnyHE3IsH2DAfBgNVHSMEGDAWgBTMxHjdnM1hYvgk
iKxvxQwh02nyoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pNUjQzWnpOWVdMNEpJaXNiOFVNSWROcDhxQS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZWUzZTNmLTNhNDUtNDNlYi1hNWRlLTQyODU5OTgzOTJkMy8x
LzEtanlHeXF4SGRZdlltRjNqanA4aHhOeUxCOWcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
L2VlM2UzZi0zYTQ1LTQzZWItYTVkZS00Mjg1OTk4MzkyZDMvMS96TVI0M1p6TllX
TDRKSWlzYjhVTUlkTnA4cUEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QwYIKwYBBQUHAQcBAf8ENDAyMDAEAgACMCoDBQAqAWTgAwUDKgamQAMFAyoG2oAD
BQMqCS/AAwUDKg3JQAMFAyoN2wAwDQYJKoZIhvcNAQELBQADggEBAErRXPG8TTZI
a2DRVYy6O5MYwt34TvQ+O9UglJe0tSFXpv2r1AQeCEdSZ2g0pKnsw4Byd907zHSL
IqIfMMdeROnCgOAQmhxQ/5ixXUJgcnoDihi/esrC4JWtt+hxYlWFwc/gOsCNufWv
vEBokB3+PCT7Yqgh5QlVbIAj9nBlWlR4iwNTxVTdULz6oINOczuRw9wbcQnAIGOv
fvQzkd8AvdvdMuGkvPS4xKXxW2TKmg0MZrtdIsqc5fF5hQGX0tWneX89RmZ2yIqJ
+OyEZTxPjIG4d1qM4SeKKjrMsldFLLuZLMecvVXyheqL/KHHhuCtaIRcSsfGZl9b
EBUMA2foaLY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:30 2024 by rpki-client on console-ams.rpki-client.org