Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/acQYAN6YmKyNXletfIjnfCmzPs4.roa
File: acQYAN6YmKyNXletfIjnfCmzPs4.roa (raw, json)
Hash identifier: 0cEmXuuuxKyOtVcnsXCXehcrq4KOXxXSAZsmvw8DAwc=
Subject key identifier: 69:C4:18:00:DE:98:98:AC:8D:5E:57:AD:7C:88:E7:7C:29:B3:3E:CE
Certificate issuer: /CN=7580d16569bb24a328e27b47f7d751659725defb
Certificate serial: 0185728CAC12BAD3832CFE2059FCD1EAAE1B
Authority key identifier: 75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/acQYAN6YmKyNXletfIjnfCmzPs4.roa
Signing time: Mon 02 Jan 2023 12:54:59 +0000
ROA not before: Mon 02 Jan 2023 12:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 2a03:3a40:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:ac:12:ba:d3:83:2c:fe:20:59:fc:d1:ea:ae:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7580d16569bb24a328e27b47f7d751659725defb
Validity
Not Before: Jan 2 12:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69c41800de9898ac8d5e57ad7c88e77c29b33ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bf:d8:1a:9c:89:22:28:e5:f3:27:b5:2f:ee:
1f:36:b0:00:e3:9e:0d:a0:d5:f3:f2:95:50:96:4f:
85:49:f9:c3:5e:97:46:3f:b0:d8:cf:8c:89:f9:34:
88:1f:89:3f:40:80:e9:1f:55:dd:18:26:3a:38:55:
b4:40:eb:ea:61:38:ea:4d:70:6e:e0:7a:c7:27:44:
4c:cb:55:b7:e9:7c:c4:ba:d4:26:64:20:1e:f3:17:
f2:a3:ac:e9:35:55:12:a5:98:de:cd:d9:c1:c8:ce:
01:0a:64:22:cd:bf:ff:70:f2:68:e9:2f:66:93:9c:
db:3b:f2:e1:c2:73:c7:1c:9d:76:91:4e:99:3e:58:
de:00:d0:5d:81:10:70:ee:16:e5:44:ea:52:b0:de:
b0:95:bc:a1:db:a8:f9:fb:97:a3:bc:8b:ef:23:e7:
98:45:2d:d8:c3:f7:38:02:b1:c2:9f:cd:6a:7c:17:
7e:60:c8:f1:5c:f6:db:dd:d6:fb:4d:40:1d:a0:30:
51:19:2a:4a:99:55:41:b8:6f:17:b0:ce:6b:3d:63:
6f:df:dd:d7:d3:ac:48:c1:a3:3f:24:89:95:d5:ef:
14:4c:66:37:3f:fb:11:02:40:f6:b2:88:e1:66:21:
03:24:59:82:da:a9:8a:9d:4c:14:6f:ee:ef:48:16:
66:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C4:18:00:DE:98:98:AC:8D:5E:57:AD:7C:88:E7:7C:29:B3:3E:CE
X509v3 Authority Key Identifier:
keyid:75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/acQYAN6YmKyNXletfIjnfCmzPs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/dYDRZWm7JKMo4ntH99dRZZcl3vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:3a40:2000::/48
Signature Algorithm: sha256WithRSAEncryption
1b:76:69:53:7c:51:46:c5:7f:ee:40:73:ed:be:df:bc:69:b9:
7e:b5:dc:cb:2f:38:6e:c4:36:b4:94:e7:3c:6f:aa:27:07:c3:
d6:2f:a5:d6:97:f4:12:18:0f:3a:b6:6b:90:5e:45:1b:6d:29:
5f:95:91:b3:9a:ea:8c:54:82:8d:fb:3b:aa:52:cc:0b:87:0a:
54:b8:44:6c:7f:76:69:f7:00:3e:bf:ae:c2:cc:37:12:67:f6:
d0:be:00:5f:ef:e5:d6:68:17:91:ee:15:46:64:48:b4:36:b3:
1c:7f:85:85:35:29:c0:61:c6:1e:1b:4e:f6:c4:20:36:91:f0:
f6:ab:3d:70:e5:c9:bb:e1:4b:82:d4:69:3c:87:1d:0b:e6:3f:
9f:b1:6c:b0:ec:11:d9:45:2b:44:bf:02:b9:55:48:dd:88:6d:
06:a3:94:5f:91:cc:96:bc:f7:ad:78:bd:c1:92:a6:79:85:89:
72:92:c9:8e:f6:f5:b7:55:95:ad:1b:f4:ed:86:68:0a:2b:86:
97:01:68:c4:c2:28:51:e0:7b:b7:09:23:28:42:bd:cb:12:a0:
bd:46:9f:ce:9e:3e:7e:b5:19:e2:a9:c3:ab:8c:6d:ae:05:e3:
59:3e:7e:a8:63:52:85:8e:97:84:ef:6e:00:e9:5d:7f:a4:7b:
70:27:45:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyjKwSutODLP4gWfzR6q4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ODBkMTY1NjliYjI0YTMyOGUyN2I0N2Y3ZDc1MTY1OTcy
NWRlZmIwHhcNMjMwMTAyMTI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM0MTgwMGRlOTg5OGFjOGQ1ZTU3YWQ3Yzg4ZTc3YzI5YjMzZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr/YGpyJIijl8ye1L+4fNrAA454N
oNXz8pVQlk+FSfnDXpdGP7DYz4yJ+TSIH4k/QIDpH1XdGCY6OFW0QOvqYTjqTXBu
4HrHJ0RMy1W36XzEutQmZCAe8xfyo6zpNVUSpZjezdnByM4BCmQizb//cPJo6S9m
k5zbO/LhwnPHHJ12kU6ZPljeANBdgRBw7hblROpSsN6wlbyh26j5+5ejvIvvI+eY
RS3Yw/c4ArHCn81qfBd+YMjxXPbb3db7TUAdoDBRGSpKmVVBuG8XsM5rPWNv393X
06xIwaM/JImV1e8UTGY3P/sRAkD2sojhZiEDJFmC2qmKnUwUb+7vSBZmEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGnEGADemJisjV5XrXyI53wpsz7OMB8GA1UdIwQY
MBaAFHWA0WVpuySjKOJ7R/fXUWWXJd77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFlEUlpXbTdKS01vNG50SDk5ZFJaWmNsM3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xYTE4ZGUtZWZiZC00MWI1LWIzMzYt
NzlmYmQzODVhNTUwLzEvYWNRWUFONlltS3lOWGxldGZJam5mQ216UHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xYTE4ZGUtZWZiZC00MWI1LWIzMzYtNzlmYmQzODVhNTUw
LzEvZFlEUlpXbTdKS01vNG50SDk5ZFJaWmNsM3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgM6QCAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbdmlTfFFGxX/uQHPtvt+8abl+tdzLLzhuxDa0
lOc8b6onB8PWL6XWl/QSGA86tmuQXkUbbSlflZGzmuqMVIKN+zuqUswLhwpUuERs
f3Zp9wA+v67CzDcSZ/bQvgBf7+XWaBeR7hVGZEi0NrMcf4WFNSnAYcYeG072xCA2
kfD2qz1w5cm74UuC1Gk8hx0L5j+fsWyw7BHZRStEvwK5VUjdiG0Go5RfkcyWvPet
eL3BkqZ5hYlyksmO9vW3VZWtG/TthmgKK4aXAWjEwihR4Hu3CSMoQr3LEqC9Rp/O
nj5+tRniqcOrjG2uBeNZPn6oY1KFjpeE724A6V1/pHtwJ0XF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:22 2025 by rpki-client