Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/T0l0Ugr3helZGFrCKd0vg0RnWRQ.roa
File: T0l0Ugr3helZGFrCKd0vg0RnWRQ.roa (raw, json)
Hash identifier: MNk5OhPvNlydbb6Y3OcKbf6jHj/SHiKexTa3vJe8phg=
Subject key identifier: 4F:49:74:52:0A:F7:85:E9:59:18:5A:C2:29:DD:2F:83:44:67:59:14
Certificate issuer: /CN=c8091492d2ce8a80c087b876f91d6a3c29be7a25
Certificate serial: 018206938F43DF02C683443C8E98B51316CC
Authority key identifier: C8:09:14:92:D2:CE:8A:80:C0:87:B8:76:F9:1D:6A:3C:29:BE:7A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAkUktLOioDAh7h2-R1qPCm-eiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/T0l0Ugr3helZGFrCKd0vg0RnWRQ.roa
Signing time: Sat 16 Jul 2022 10:35:09 +0000
ROA not before: Sat 16 Jul 2022 10:35:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60149
IP address blocks: 2001:678:928::/48 maxlen: 48
2001:67c:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:06:93:8f:43:df:02:c6:83:44:3c:8e:98:b5:13:16:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8091492d2ce8a80c087b876f91d6a3c29be7a25
Validity
Not Before: Jul 16 10:35:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f4974520af785e959185ac229dd2f8344675914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:3c:8f:e4:1c:9e:c4:bd:78:c9:fa:67:80:
0a:fe:74:b4:02:a3:2e:86:9f:f2:b4:eb:83:aa:64:
40:0c:bb:ac:45:89:88:b3:41:36:f6:b5:3c:d6:88:
ec:6b:eb:b0:a6:ab:97:51:b9:85:c6:bc:7d:9a:bf:
19:f9:61:9c:51:17:e9:d8:a3:ed:e7:99:fb:58:84:
11:3f:a3:fa:24:fc:c2:01:be:d8:55:ae:40:e5:8b:
34:a8:07:7d:17:c7:bf:bb:c8:69:a2:af:70:37:30:
4b:ba:07:31:03:12:23:16:9f:a8:f0:92:21:10:67:
01:4c:ab:75:54:84:db:38:b0:1c:9d:5f:2c:0d:e1:
a1:14:49:55:5b:57:8c:ef:d3:34:17:fd:0d:18:7b:
eb:53:01:99:72:dc:27:bc:44:bf:d8:27:ef:87:bc:
e2:88:13:58:c9:58:7b:ef:5b:44:6a:6a:24:b0:75:
f4:8f:b1:78:ba:24:5c:38:70:ba:39:00:43:80:18:
0c:82:db:65:13:82:2e:b4:1d:5c:9c:36:b8:2c:d5:
4e:1a:46:63:a8:da:e3:da:6c:6a:be:de:45:82:92:
4c:60:e7:96:54:56:f5:77:f3:4b:3d:5b:57:6e:7b:
aa:3a:39:07:8c:4b:56:a2:91:f5:68:a3:d8:09:9a:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:49:74:52:0A:F7:85:E9:59:18:5A:C2:29:DD:2F:83:44:67:59:14
X509v3 Authority Key Identifier:
keyid:C8:09:14:92:D2:CE:8A:80:C0:87:B8:76:F9:1D:6A:3C:29:BE:7A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAkUktLOioDAh7h2-R1qPCm-eiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/T0l0Ugr3helZGFrCKd0vg0RnWRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/yAkUktLOioDAh7h2-R1qPCm-eiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:928::/48
2001:67c:10::/48
Signature Algorithm: sha256WithRSAEncryption
99:c8:40:47:84:3f:cf:90:88:c5:66:50:89:db:54:1d:c7:9b:
ca:1d:72:a1:fe:ab:27:21:f6:99:30:61:b5:15:fb:20:3b:bf:
30:2f:be:b6:4c:7f:c1:08:f0:c0:6a:fc:cc:dd:6f:77:de:5d:
2d:eb:82:38:62:a4:85:c4:b7:82:9d:13:67:7e:5c:35:86:71:
9c:f5:50:1e:bd:18:92:eb:fc:92:74:e3:69:12:02:c6:f9:e0:
d8:93:87:30:93:e0:ac:1f:38:b5:17:bf:70:75:b2:c0:61:02:
59:0b:fa:17:fd:45:db:a0:04:60:12:6b:d2:60:ad:61:b8:f0:
af:6b:69:35:0d:68:38:5d:b4:f9:05:4f:38:30:bc:ce:b1:5d:
c3:a2:61:61:aa:16:6c:32:e1:bb:56:e1:27:7c:97:f2:b4:1e:
bf:ea:79:7d:76:cc:f5:59:83:72:50:5a:90:08:59:17:8b:a2:
0b:4b:73:c5:45:0c:3d:2e:16:31:57:a4:3c:0b:75:38:c8:ad:
18:b0:e5:49:70:f0:2c:6d:92:79:e2:e1:37:da:ff:1c:ad:70:
79:3c:46:c9:18:48:ac:cd:ab:28:78:63:e0:cc:2c:75:5d:5a:
a4:eb:5b:f8:df:6c:11:8c:45:d0:f2:c1:b7:db:72:84:bb:c0:
13:d6:8f:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIGk49D3wLGg0Q8jpi1ExbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDkxNDkyZDJjZThhODBjMDg3Yjg3NmY5MWQ2YTNjMjli
ZTdhMjUwHhcNMjIwNzE2MTAzNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ5NzQ1MjBhZjc4NWU5NTkxODVhYzIyOWRkMmY4MzQ0Njc1OTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYw8j+QcnsS9eMn6Z4AK/nS0AqMu
hp/ytOuDqmRADLusRYmIs0E29rU81ojsa+uwpquXUbmFxrx9mr8Z+WGcURfp2KPt
55n7WIQRP6P6JPzCAb7YVa5A5Ys0qAd9F8e/u8hpoq9wNzBLugcxAxIjFp+o8JIh
EGcBTKt1VITbOLAcnV8sDeGhFElVW1eM79M0F/0NGHvrUwGZctwnvES/2Cfvh7zi
iBNYyVh771tEamoksHX0j7F4uiRcOHC6OQBDgBgMgttlE4IutB1cnDa4LNVOGkZj
qNrj2mxqvt5FgpJMYOeWVFb1d/NLPVtXbnuqOjkHjEtWopH1aKPYCZos2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE9JdFIK94XpWRhawindL4NEZ1kUMB8GA1UdIwQY
MBaAFMgJFJLSzoqAwIe4dvkdajwpvnolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFrVWt0TE9pb0RBaDdoMi1SMXFQQ20tZWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jMzVhOTktZjg3YS00MjExLWFmN2Et
ODFlMjEwNmE1ODU3LzEvVDBsMFVncjNoZWxaR0ZyQ0tkMHZnMFJuV1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jMzVhOTktZjg3YS00MjExLWFmN2EtODFlMjEwNmE1ODU3
LzEveUFrVWt0TE9pb0RBaDdoMi1SMXFQQ20tZWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAko
AwcAIAEGfAAQMA0GCSqGSIb3DQEBCwUAA4IBAQCZyEBHhD/PkIjFZlCJ21Qdx5vK
HXKh/qsnIfaZMGG1FfsgO78wL762TH/BCPDAavzM3W933l0t64I4YqSFxLeCnRNn
flw1hnGc9VAevRiS6/ySdONpEgLG+eDYk4cwk+CsHzi1F79wdbLAYQJZC/oX/UXb
oARgEmvSYK1huPCva2k1DWg4XbT5BU84MLzOsV3DomFhqhZsMuG7VuEnfJfytB6/
6nl9dsz1WYNyUFqQCFkXi6ILS3PFRQw9LhYxV6Q8C3U4yK0YsOVJcPAsbZJ54uE3
2v8crXB5PEbJGEiszasoeGPgzCx1XVqk61v432wRjEXQ8sG323KEu8AT1o+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:01 2024 by rpki-client on console-fra.rpki-client.org