Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/ITFDHZbi8BKQdp_yWNu-zw2OGCY.roa
File: ITFDHZbi8BKQdp_yWNu-zw2OGCY.roa (raw, json)
Hash identifier: IRibyHRpciD+GlV1avoHr3Twv9Otpwy6++7XrvWTnmw=
Subject key identifier: 21:31:43:1D:96:E2:F0:12:90:76:9F:F2:58:DB:BE:CF:0D:8E:18:26
Certificate issuer: /CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Certificate serial: 028E62
Authority key identifier: D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/ITFDHZbi8BKQdp_yWNu-zw2OGCY.roa
Signing time: Thu 27 Jan 2022 11:26:23 +0000
ROA not before: Thu 27 Jan 2022 11:26:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208614
IP address blocks: 2001:678:aa0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167522 (0x28e62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Validity
Not Before: Jan 27 11:26:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2131431d96e2f01290769ff258dbbecf0d8e1826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:ba:1a:24:15:b0:37:54:50:65:e3:c0:b9:
7e:6f:1b:74:45:72:c4:3c:2f:da:36:55:d8:4e:9f:
95:1b:55:ee:3a:72:c2:30:86:86:f5:9e:58:9f:9c:
32:19:61:73:61:04:02:8f:ac:2f:b5:eb:47:7f:62:
47:1f:57:ea:b4:57:8f:c2:c4:20:ed:c4:c3:cd:62:
a0:31:bf:5f:44:e4:ae:e0:87:f4:45:dc:15:49:b2:
88:f7:05:e8:d1:ce:8d:22:29:e1:3a:6a:4d:3b:fb:
ed:17:a0:f8:2f:e1:99:80:59:99:82:e9:b1:af:36:
44:72:3e:a7:ef:1d:ab:90:e1:c0:9c:5e:de:1b:ec:
cb:a9:e2:5f:42:e7:18:79:37:94:1d:3d:29:d9:dc:
34:bd:83:05:11:f5:17:b6:d8:cc:a0:6d:84:5f:86:
57:53:56:17:31:de:f5:5a:e0:10:cd:4d:c0:11:84:
ce:1d:a3:9f:8c:ae:8c:6e:9d:4a:e6:d6:8c:ef:ad:
17:29:be:c3:61:56:60:58:79:cd:09:17:c8:c3:c5:
c3:0f:53:c0:c2:fd:e3:2e:c7:5b:85:4f:8c:c8:a5:
13:c4:3e:54:a3:f5:85:cf:09:9c:2d:cd:df:2d:a1:
83:16:3e:21:c2:b4:00:6a:f4:95:0a:c5:1f:64:aa:
38:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:31:43:1D:96:E2:F0:12:90:76:9F:F2:58:DB:BE:CF:0D:8E:18:26
X509v3 Authority Key Identifier:
keyid:D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/ITFDHZbi8BKQdp_yWNu-zw2OGCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:aa0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:00:ed:77:ac:9f:f3:7e:e9:4c:70:90:c6:19:2d:cd:04:1d:
0b:18:2d:2c:79:fd:1e:68:2c:7f:bb:e9:6d:a3:8b:ed:4a:78:
03:c2:4a:67:90:a4:02:bb:e7:f1:1f:b3:23:8d:5f:d5:79:e4:
b5:72:40:79:3f:58:c7:0b:78:04:c3:ad:9f:1a:55:e7:10:05:
b2:4f:43:f6:74:b5:34:70:24:84:26:b2:a4:95:2c:63:5b:6a:
31:ad:61:77:c6:0c:c8:66:79:55:1c:f1:d8:02:64:95:ba:85:
f9:22:45:6a:62:2c:a4:f6:cd:98:63:00:67:77:7c:4b:10:ac:
95:c5:b7:cb:2b:88:0c:b8:51:0d:41:74:a3:9f:5e:7e:e8:15:
0c:8d:78:b7:0b:2c:7b:d8:de:6e:d3:d5:41:cc:55:d8:99:66:
6f:30:25:69:68:36:2f:8e:30:e6:08:b3:1e:1b:a7:3c:93:8d:
72:4d:5b:2c:10:5a:73:1b:cb:8e:1b:4e:58:59:23:27:9a:ba:
f8:8c:36:ad:87:61:52:74:74:6a:f7:a4:f9:b6:99:17:dd:b2:
95:a4:0e:5a:3b:84:d5:7b:52:66:0e:ea:15:89:0a:8d:8b:48:
28:f6:33:24:67:f0:e8:d6:6d:3a:57:aa:63:15:4b:f7:4d:92:
ee:5f:91:83
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAo5iMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
ODk3MWVhMWQyMmI1ZWNkYTFhOTc1OWYwNWMyNmM4YzU2YTQ2OGMwHhcNMjIwMTI3
MTEyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMTMxNDMxZDk2ZTJm
MDEyOTA3NjlmZjI1OGRiYmVjZjBkOGUxODI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmJm6GiQVsDdUUGXjwLl+bxt0RXLEPC/aNlXYTp+VG1XuOnLC
MIaG9Z5Yn5wyGWFzYQQCj6wvtetHf2JHH1fqtFePwsQg7cTDzWKgMb9fROSu4If0
RdwVSbKI9wXo0c6NIinhOmpNO/vtF6D4L+GZgFmZgumxrzZEcj6n7x2rkOHAnF7e
G+zLqeJfQucYeTeUHT0p2dw0vYMFEfUXttjMoG2EX4ZXU1YXMd71WuAQzU3AEYTO
HaOfjK6Mbp1K5taM760XKb7DYVZgWHnNCRfIw8XDD1PAwv3jLsdbhU+MyKUTxD5U
o/WFzwmcLc3fLaGDFj4hwrQAavSVCsUfZKo4bQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFCExQx2W4vASkHaf8ljbvs8NjhgmMB8GA1UdIwQYMBaAFNaJceodIrXs2hqX
WfBcJsjFakaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEtYTQ3NTQwZmVkNGI5LzEv
SVRGREhaYmk4QktRZHBfeVdOdS16dzJPR0NZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80
MmMzNTUtNTg1YS00OGJiLTllNGEtYTQ3NTQwZmVkNGI5LzEvMW9seDZoMGl0ZXph
R3BkWjhGd215TVZxUm93LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqgMA0GCSqGSIb3DQEBCwUA
A4IBAQCLAO13rJ/zfulMcJDGGS3NBB0LGC0sef0eaCx/u+lto4vtSngDwkpnkKQC
u+fxH7MjjV/VeeS1ckB5P1jHC3gEw62fGlXnEAWyT0P2dLU0cCSEJrKklSxjW2ox
rWF3xgzIZnlVHPHYAmSVuoX5IkVqYiyk9s2YYwBnd3xLEKyVxbfLK4gMuFENQXSj
n15+6BUMjXi3Cyx72N5u09VBzFXYmWZvMCVpaDYvjjDmCLMeG6c8k41yTVssEFpz
G8uOG05YWSMnmrr4jDath2FSdHRq96T5tpkX3bKVpA5aO4TVe1JmDuoViQqNi0go
9jMkZ/Do1m06V6pjFUv3TZLuX5GD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:55 2023 by rpki-client on console-fra.rpki-client.org