Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/3e5f9LPZMhxR4usfQI5sh5ftEjc.roa
File: 3e5f9LPZMhxR4usfQI5sh5ftEjc.roa (raw, json)
Hash identifier: kYLJGChZi/5Rc9kxj/MKuIXFqtMmFptf3zy0y5PKAS4=
Subject key identifier: DD:EE:5F:F4:B3:D9:32:1C:51:E2:EB:1F:40:8E:6C:87:97:ED:12:37
Certificate issuer: /CN=d08db08e1338a579ad3789535fa73a5e54511ff1
Certificate serial: 0D2BFD2A
Authority key identifier: D0:8D:B0:8E:13:38:A5:79:AD:37:89:53:5F:A7:3A:5E:54:51:1F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2wjhM4pXmtN4lTX6c6XlRRH_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/3e5f9LPZMhxR4usfQI5sh5ftEjc.roa
Signing time: Sat 01 Jan 2022 14:05:21 +0000
ROA not before: Sat 01 Jan 2022 14:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204926
IP address blocks: 2001:678:58c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220986666 (0xd2bfd2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08db08e1338a579ad3789535fa73a5e54511ff1
Validity
Not Before: Jan 1 14:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddee5ff4b3d9321c51e2eb1f408e6c8797ed1237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:1d:09:34:dc:64:6e:c8:c9:5c:12:c5:4e:
1e:25:07:e3:b1:33:fe:8d:30:93:76:61:e0:51:b9:
f2:00:c1:3a:e3:db:1f:9d:83:0a:52:9e:7c:74:eb:
1a:43:1e:0b:6b:34:c9:fe:9b:05:71:da:ac:cf:e2:
82:cc:a3:be:9c:8b:8f:91:2d:e7:3c:9f:68:ac:27:
4f:25:18:c5:1f:ea:c6:d8:d0:7b:27:2e:77:43:5f:
ab:8f:c7:36:1d:36:2b:7c:7a:d2:c1:14:6a:35:48:
3e:4c:b5:ef:ed:eb:be:99:56:2a:c5:c5:92:46:9a:
2d:78:57:72:67:8d:6a:e0:65:00:e3:70:94:6e:07:
7f:de:75:1c:ee:33:b8:8e:32:4e:cb:a0:12:28:b6:
5d:53:53:6a:30:e5:1a:20:a6:67:9d:bc:b1:a7:23:
41:5c:06:c7:f9:11:07:f8:4d:30:de:cb:ce:40:cd:
0a:f0:aa:4f:6c:f2:99:e1:80:2e:43:9d:5c:67:16:
3d:3e:21:31:18:83:04:9d:a5:41:6f:1d:51:d1:d1:
b8:b1:4d:13:76:da:63:3e:af:2d:02:56:cd:bb:90:
96:f2:df:6f:ed:79:c9:fd:23:26:c8:d2:6f:95:54:
86:f8:22:35:02:cd:73:1a:5f:14:8c:cf:e0:50:2b:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EE:5F:F4:B3:D9:32:1C:51:E2:EB:1F:40:8E:6C:87:97:ED:12:37
X509v3 Authority Key Identifier:
keyid:D0:8D:B0:8E:13:38:A5:79:AD:37:89:53:5F:A7:3A:5E:54:51:1F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2wjhM4pXmtN4lTX6c6XlRRH_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/3e5f9LPZMhxR4usfQI5sh5ftEjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/0I2wjhM4pXmtN4lTX6c6XlRRH_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:58c::/48
Signature Algorithm: sha256WithRSAEncryption
5f:78:23:a2:52:6c:6b:cf:b0:db:71:e0:1c:f0:0f:3b:d0:79:
3a:78:cb:de:22:fb:5d:36:e6:be:f1:08:df:86:02:df:c1:c0:
f9:92:f9:7a:63:a3:44:02:01:77:55:07:0a:87:a5:8a:68:fe:
8c:d7:6e:15:de:0f:0d:23:e9:20:a4:e6:f4:dd:96:12:2b:7a:
bf:2b:0e:f1:40:b6:51:17:0c:af:2f:f1:c8:9b:96:08:8b:16:
60:72:35:2f:6a:ec:7b:b1:63:d5:5b:a6:86:6b:4e:df:bc:f1:
7d:1e:55:75:f1:d2:1f:03:a7:f6:ec:25:58:78:5f:06:fc:c2:
68:e1:d8:b3:ad:5f:67:25:6b:0d:af:c2:c9:85:05:06:82:71:
ba:92:ff:74:71:6d:a6:e7:78:67:74:d9:7e:71:d4:b7:bd:58:
84:c9:e7:b5:26:9a:b8:2c:f6:72:1d:13:4d:38:44:8c:fb:e6:
ae:a4:09:96:a6:a6:d5:18:bd:15:9d:00:b4:cc:8e:50:22:b4:
dd:65:16:50:15:57:be:31:f6:2e:9a:16:99:7a:a6:92:9e:9c:
0a:e6:2a:e9:a1:c5:89:18:70:ce:84:22:ab:c2:3d:89:e0:88:
54:a9:37:fa:0c:f0:5d:bb:ff:c1:69:79:03:19:10:85:01:01:
b2:c4:95:dc
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDSv9KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDhkYjA4ZTEzMzhhNTc5YWQzNzg5NTM1ZmE3M2E1ZTU0NTExZmYxMB4XDTIyMDEw
MTE0MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRlZTVmZjRiM2Q5
MzIxYzUxZTJlYjFmNDA4ZTZjODc5N2VkMTIzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsnHQk03GRuyMlcEsVOHiUH47Ez/o0wk3Zh4FG58gDBOuPb
H52DClKefHTrGkMeC2s0yf6bBXHarM/igsyjvpyLj5Et5zyfaKwnTyUYxR/qxtjQ
eycud0Nfq4/HNh02K3x60sEUajVIPky17+3rvplWKsXFkkaaLXhXcmeNauBlAONw
lG4Hf951HO4zuI4yTsugEii2XVNTajDlGiCmZ528sacjQVwGx/kRB/hNMN7LzkDN
CvCqT2zymeGALkOdXGcWPT4hMRiDBJ2lQW8dUdHRuLFNE3baYz6vLQJWzbuQlvLf
b+15yf0jJsjSb5VUhvgiNQLNcxpfFIzP4FArILcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTd7l/0s9kyHFHi6x9AjmyHl+0SNzAfBgNVHSMEGDAWgBTQjbCOEzilea03
iVNfpzpeVFEf8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBJMndqaE00cFhtdE40bFRYNmM2WGxSUkhfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMmIyY2IzLWNjYjYtNDFlMC04OWJjLTFiNzYwNDUxZGFjOC8x
LzNlNWY5TFBaTWh4UjR1c2ZRSTVzaDVmdEVqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MmIyY2IzLWNjYjYtNDFlMC04OWJjLTFiNzYwNDUxZGFjOC8xLzBJMndqaE00cFht
dE40bFRYNmM2WGxSUkhfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngFjDANBgkqhkiG9w0BAQsF
AAOCAQEAX3gjolJsa8+w23HgHPAPO9B5OnjL3iL7XTbmvvEI34YC38HA+ZL5emOj
RAIBd1UHCoelimj+jNduFd4PDSPpIKTm9N2WEit6vysO8UC2URcMry/xyJuWCIsW
YHI1L2rse7Fj1VumhmtO37zxfR5VdfHSHwOn9uwlWHhfBvzCaOHYs61fZyVrDa/C
yYUFBoJxupL/dHFtpud4Z3TZfnHUt71YhMnntSaauCz2ch0TTThEjPvmrqQJlqam
1Ri9FZ0AtMyOUCK03WUWUBVXvjH2LpoWmXqmkp6cCuYq6aHFiRhwzoQiq8I9ieCI
VKk3+gzwXbv/wWl5AxkQhQEBssSV3A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:06 2023 by rpki-client on console-fra.rpki-client.org