Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/DuY959ksvXQNS78C8AZfWDSqyA8.roa
File: DuY959ksvXQNS78C8AZfWDSqyA8.roa (raw, json)
Hash identifier: drEbpKjLeYfrUpZuHDR8k2hk1rl5Jgl/K4Ilf1SKU1A=
Subject key identifier: 0E:E6:3D:E7:D9:2C:BD:74:0D:4B:BF:02:F0:06:5F:58:34:AA:C8:0F
Certificate issuer: /CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Certificate serial: 0A7A33D3
Authority key identifier: B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/DuY959ksvXQNS78C8AZfWDSqyA8.roa
Signing time: Wed 04 May 2022 11:41:10 +0000
ROA not before: Wed 04 May 2022 11:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3170
IP address blocks: 2001:67c:3e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175780819 (0xa7a33d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Validity
Not Before: May 4 11:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ee63de7d92cbd740d4bbf02f0065f5834aac80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:40:90:98:b4:e1:1b:8c:df:b0:9c:79:2b:c4:
9e:f0:a4:da:09:d0:42:5b:fc:eb:d0:ef:34:1a:51:
92:25:d2:0a:38:09:f5:b8:46:ee:61:26:5f:ec:c5:
e1:3c:c3:5f:b3:4f:c5:88:6d:37:05:2f:f1:8c:57:
fd:ac:e6:82:0e:6b:2f:91:81:92:fa:b3:b8:0c:ae:
c2:07:4a:00:81:b4:83:f6:bf:0b:30:6c:8d:7c:0d:
2e:71:17:af:14:46:82:83:25:d6:32:3b:4f:55:55:
54:e2:7e:65:57:ba:63:13:3f:a6:51:44:6a:c8:2f:
a8:da:ea:9a:a0:bb:b7:05:13:93:6f:b5:f2:47:41:
58:37:89:ac:d3:36:cf:91:9f:c5:5b:4a:88:8e:3c:
a2:68:26:fa:cc:60:24:d9:36:6d:e7:b6:66:9e:16:
84:89:84:71:8c:37:26:e2:b5:01:4a:0b:39:7d:be:
9c:cd:0a:1d:50:c5:ff:46:57:f7:04:8b:b0:71:4d:
56:3c:89:f0:d3:39:a0:01:0b:da:59:6f:0d:e4:4a:
81:25:ff:a0:cb:78:f3:31:52:3c:84:2d:38:a9:91:
c4:53:72:74:97:b5:00:69:ef:92:03:d6:ce:f3:38:
15:0b:7f:39:8e:89:81:51:88:f9:65:41:a0:fd:04:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E6:3D:E7:D9:2C:BD:74:0D:4B:BF:02:F0:06:5F:58:34:AA:C8:0F
X509v3 Authority Key Identifier:
keyid:B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/DuY959ksvXQNS78C8AZfWDSqyA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
14:37:9b:c4:d8:a8:d9:c1:36:12:c2:df:5b:93:f4:7f:4f:6a:
a9:20:71:ba:65:51:90:1a:1b:a0:70:09:ee:d1:b9:05:aa:e1:
05:99:04:3e:09:62:4c:bb:9c:45:2d:16:e1:0a:2a:16:b8:da:
19:3b:12:c4:0e:e5:6b:4a:4a:dd:b2:85:c0:27:17:5a:c3:b5:
db:dd:df:db:77:14:25:db:3c:be:f6:6e:66:03:32:18:f0:56:
94:5d:14:8a:cd:ab:aa:e0:2c:8f:25:5b:37:a5:60:36:a3:ec:
1f:9a:ed:2c:d7:ad:cb:aa:01:bb:66:6e:c8:f0:69:db:58:4e:
73:84:1d:12:51:9e:ac:bf:39:14:34:88:69:dd:55:7d:4d:b1:
08:6c:20:a6:a8:20:c6:f1:30:41:a2:8c:be:71:42:ff:07:7c:
5d:d8:84:10:ad:5b:d6:a2:bb:f6:de:b5:e8:0a:a8:be:21:15:
2b:e0:ba:93:48:3c:d1:ca:4c:67:1e:cf:24:b4:56:25:3b:cd:
d2:27:84:8b:f2:a2:f4:86:86:a7:d0:27:c0:27:b8:47:31:5e:
34:55:c9:02:41:04:2a:b6:4f:5d:c6:bf:ec:d3:e7:90:2f:23:
0e:ea:e8:43:44:b5:04:49:f8:1c:3c:cb:d5:70:3d:01:5a:13:
8b:f5:c8:ce
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECnoz0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NWYwZjgzOGFmYmMxMzIyNjgwNTQ0ZWQxYzljNWEyYjA5OTY1ZDlmMB4XDTIyMDUw
NDExNDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGVlNjNkZTdkOTJj
YmQ3NDBkNGJiZjAyZjAwNjVmNTgzNGFhYzgwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJAkJi04RuM37CceSvEnvCk2gnQQlv869DvNBpRkiXSCjgJ
9bhG7mEmX+zF4TzDX7NPxYhtNwUv8YxX/azmgg5rL5GBkvqzuAyuwgdKAIG0g/a/
CzBsjXwNLnEXrxRGgoMl1jI7T1VVVOJ+ZVe6YxM/plFEasgvqNrqmqC7twUTk2+1
8kdBWDeJrNM2z5GfxVtKiI48omgm+sxgJNk2bee2Zp4WhImEcYw3JuK1AUoLOX2+
nM0KHVDF/0ZX9wSLsHFNVjyJ8NM5oAEL2llvDeRKgSX/oMt48zFSPIQtOKmRxFNy
dJe1AGnvkgPWzvM4FQt/OY6JgVGI+WVBoP0E3V0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQO5j3n2Sy9dA1LvwLwBl9YNKrIDzAfBgNVHSMEGDAWgBS18Pg4r7wTImgF
RO0cnForCZZdnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RmRDRPSy04RXlKb0JVVHRISnhhS3dtV1haOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvMzIwNTEyLTkxY2ItNDM4My05NzYxLWE1MmRjOWMyMjA3Yy8x
L0R1WTk1OWtzdlhRTlM3OEM4QVpmV0RTcXlBOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
MzIwNTEyLTkxY2ItNDM4My05NzYxLWE1MmRjOWMyMjA3Yy8xL3RmRDRPSy04RXlK
b0JVVHRISnhhS3dtV1haOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwD4DANBgkqhkiG9w0BAQsF
AAOCAQEAFDebxNio2cE2EsLfW5P0f09qqSBxumVRkBoboHAJ7tG5BarhBZkEPgli
TLucRS0W4QoqFrjaGTsSxA7la0pK3bKFwCcXWsO1293f23cUJds8vvZuZgMyGPBW
lF0Uis2rquAsjyVbN6VgNqPsH5rtLNety6oBu2ZuyPBp21hOc4QdElGerL85FDSI
ad1VfU2xCGwgpqggxvEwQaKMvnFC/wd8XdiEEK1b1qK79t616AqoviEVK+C6k0g8
0cpMZx7PJLRWJTvN0ieEi/Ki9IaGp9AnwCe4RzFeNFXJAkEEKrZPXca/7NPnkC8j
DuroQ0S1BEn4HDzL1XA9AVoTi/XIzg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:24 2023 by rpki-client on console-fra.rpki-client.org