Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/0h2d1w9VUlvigXeKitvCjPBjM3w.roa
File: 0h2d1w9VUlvigXeKitvCjPBjM3w.roa (raw, json)
Hash identifier: yMe5DpyszBgS3xV6bnRIS5Pt1wzYcmLg4gOQjuAAWDQ=
Subject key identifier: D2:1D:9D:D7:0F:55:52:5B:E2:81:77:8A:8A:DB:C2:8C:F0:63:33:7C
Certificate issuer: /CN=2901d76431c6e873d3c44730571e1e50d602057c
Certificate serial: 02F1AF35
Authority key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/0h2d1w9VUlvigXeKitvCjPBjM3w.roa
Signing time: Sat 01 Jan 2022 03:52:45 +0000
ROA not before: Sat 01 Jan 2022 03:52:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212037
IP address blocks: 2001:67c:1680::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49393461 (0x2f1af35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901d76431c6e873d3c44730571e1e50d602057c
Validity
Not Before: Jan 1 03:52:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d21d9dd70f55525be281778a8adbc28cf063337c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:df:5a:43:d1:e9:31:2c:b4:8b:26:05:5e:
5e:56:9f:1c:56:60:fb:89:cd:83:e6:da:fa:79:45:
d3:c3:56:71:49:2f:c6:9d:64:c8:7b:9f:14:98:e4:
89:4b:a3:58:03:53:0b:20:f8:7e:e3:93:c2:16:e5:
a3:12:72:07:f3:ca:2d:e1:4f:52:43:3b:29:11:d7:
7e:9a:25:ad:a2:ea:c9:91:75:f8:bf:90:83:19:9d:
56:01:3e:fb:0c:2b:4b:b5:cc:ff:47:dc:a4:11:20:
fe:01:6c:08:99:8c:41:d6:b4:ad:3f:12:c5:be:4b:
cc:fe:0b:2a:0c:19:a6:65:4b:1f:ad:cf:5c:31:28:
0e:f7:35:07:5f:c5:60:c9:fa:43:cd:59:84:fc:67:
e5:44:1d:3a:eb:5b:98:24:7e:9d:c2:cc:19:8c:2e:
71:5f:1d:8f:bc:c7:dd:1d:6a:6b:f2:83:fb:d7:24:
e0:6b:49:c9:04:23:ed:a2:bd:ee:20:33:ce:27:fa:
cd:42:8f:b1:96:79:97:89:56:30:18:cd:61:d0:ce:
d8:5f:15:0f:0e:0d:be:84:69:d8:1b:59:4e:14:1c:
b1:59:56:57:80:e3:27:c9:51:9a:21:70:ac:d5:f2:
ae:cd:e5:62:51:48:bf:4a:6d:89:8e:66:ed:c1:d1:
db:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1D:9D:D7:0F:55:52:5B:E2:81:77:8A:8A:DB:C2:8C:F0:63:33:7C
X509v3 Authority Key Identifier:
keyid:29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/0h2d1w9VUlvigXeKitvCjPBjM3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1680::/48
Signature Algorithm: sha256WithRSAEncryption
ad:ad:f2:68:9e:2c:c6:0a:9a:22:bf:5d:f2:a7:ff:7a:b4:3e:
a3:7d:1a:01:cf:7a:7a:75:48:bb:d8:2c:3a:e1:df:83:54:24:
a7:26:3a:57:ec:4e:09:ee:e6:53:41:c3:4f:4f:bf:d5:e9:21:
b5:e9:12:40:a4:e3:49:06:aa:c9:40:5c:23:f8:b1:02:09:14:
d6:69:74:ea:98:03:1b:d4:5a:92:f5:68:68:4a:18:e3:06:63:
de:bb:28:5f:64:14:d6:59:bc:ab:8e:6e:a2:50:77:16:6e:00:
b2:9d:90:b0:bf:36:1c:5c:2d:8d:91:21:de:48:ad:4d:79:4d:
12:6f:e6:1c:12:60:da:95:0b:0c:e2:0b:2f:8c:41:e5:fa:f8:
29:0f:31:9d:0b:e3:9d:af:00:d3:67:f2:f2:06:28:28:d2:6a:
2d:b4:96:dc:d9:b2:a1:5a:d3:ba:5b:1d:e4:3a:0d:c3:19:ee:
d1:fa:a9:8f:3e:36:a4:35:90:90:e3:1e:5e:4b:7a:e9:3d:29:
bf:a7:9d:b7:04:73:28:b6:30:a8:58:db:d5:9a:5d:5a:c0:7a:
4f:60:32:96:ac:c9:69:e3:2d:89:7b:a4:82:ee:f5:a1:4c:e8:
1c:01:4c:36:b0:30:ff:b5:1b:17:d7:be:57:a1:3e:29:1f:27:
90:34:57:9e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAvGvNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTAxZDc2NDMxYzZlODczZDNjNDQ3MzA1NzFlMWU1MGQ2MDIwNTdjMB4XDTIyMDEw
MTAzNTI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIxZDlkZDcwZjU1
NTI1YmUyODE3NzhhOGFkYmMyOGNmMDYzMzM3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKz+31pD0ekxLLSLJgVeXlafHFZg+4nNg+ba+nlF08NWcUkv
xp1kyHufFJjkiUujWANTCyD4fuOTwhbloxJyB/PKLeFPUkM7KRHXfpolraLqyZF1
+L+QgxmdVgE++wwrS7XM/0fcpBEg/gFsCJmMQda0rT8Sxb5LzP4LKgwZpmVLH63P
XDEoDvc1B1/FYMn6Q81ZhPxn5UQdOutbmCR+ncLMGYwucV8dj7zH3R1qa/KD+9ck
4GtJyQQj7aK97iAzzif6zUKPsZZ5l4lWMBjNYdDO2F8VDw4NvoRp2BtZThQcsVlW
V4DjJ8lRmiFwrNXyrs3lYlFIv0ptiY5m7cHR248CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTSHZ3XD1VSW+KBd4qK28KM8GMzfDAfBgNVHSMEGDAWgBQpAddkMcboc9PE
RzBXHh5Q1gIFfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tRSFhaREhHNkhQVHhFY3dWeDRlVU5ZQ0JYdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvMDVjM2ExLWM4ZmUtNDBmZi05YzUyLTNlNmYwMzI0NDEwYS8x
LzBoMmQxdzlWVWx2aWdYZUtpdHZDalBCak0zdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
MDVjM2ExLWM4ZmUtNDBmZi05YzUyLTNlNmYwMzI0NDEwYS8xL0tRSFhaREhHNkhQ
VHhFY3dWeDRlVU5ZQ0JYdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwWgDANBgkqhkiG9w0BAQsF
AAOCAQEAra3yaJ4sxgqaIr9d8qf/erQ+o30aAc96enVIu9gsOuHfg1QkpyY6V+xO
Ce7mU0HDT0+/1ekhtekSQKTjSQaqyUBcI/ixAgkU1ml06pgDG9RakvVoaEoY4wZj
3rsoX2QU1lm8q45uolB3Fm4Asp2QsL82HFwtjZEh3kitTXlNEm/mHBJg2pULDOIL
L4xB5fr4KQ8xnQvjna8A02fy8gYoKNJqLbSW3NmyoVrTulsd5DoNwxnu0fqpjz42
pDWQkOMeXkt66T0pv6edtwRzKLYwqFjb1ZpdWsB6T2AylqzJaeMtiXukgu71oUzo
HAFMNrAw/7UbF9e+V6E+KR8nkDRXng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org