Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1-JthgCgMSSgN8r2A0wvcOxLfRPg.roa
File: 1-JthgCgMSSgN8r2A0wvcOxLfRPg.roa (raw, json)
Hash identifier: GbmD7ticyiuxaxYo/dZq/or6DY9zxDcEMVCia3xGml4=
Subject key identifier: F8:9B:61:80:28:0C:49:28:0D:F2:BD:80:D3:0B:DC:3B:12:DF:44:F8
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 05DAE91C
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1-JthgCgMSSgN8r2A0wvcOxLfRPg.roa
Signing time: Fri 28 Jan 2022 20:00:30 +0000
ROA not before: Fri 28 Jan 2022 20:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142553
IP address blocks: 2a0d:2587:5000::/36 maxlen: 48
2a0d:2587:6000::/36 maxlen: 48
2a0d:2587:7000::/36 maxlen: 48
2a0d:2587:4000::/36 maxlen: 48
2a0d:2587:3000::/36 maxlen: 48
2a0d:2587:2000::/36 maxlen: 48
2a0d:2587:1000::/36 maxlen: 48
2a0d:2587::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98232604 (0x5dae91c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 28 20:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f89b6180280c49280df2bd80d30bdc3b12df44f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:95:cb:fc:58:c2:46:64:54:b0:f7:b7:8e:
3e:d2:2f:2a:64:9d:f3:3d:d9:93:11:ef:77:b3:d2:
b5:91:02:49:35:07:1b:d1:03:35:0e:3a:7f:01:2b:
d9:06:80:84:55:37:e3:66:6d:74:60:14:dd:91:42:
3a:2a:b5:18:13:2c:c8:bf:43:7d:bd:24:03:81:69:
08:02:df:bb:fc:01:a8:f0:8c:eb:40:46:6a:6f:59:
85:e0:ce:f6:df:9c:0e:43:1b:5a:20:05:43:2e:78:
fc:13:15:0a:74:ba:56:43:27:e5:ad:9e:5c:fe:56:
3d:fc:e0:76:38:76:27:c4:92:23:30:e9:b7:19:4c:
de:1b:3f:5a:16:94:aa:85:c6:6a:14:d5:77:1b:61:
78:c5:49:4c:52:51:6c:a9:f8:ee:74:23:2f:f3:59:
ed:3a:d3:70:a6:9f:4b:9d:ce:43:1e:d0:42:3e:0a:
2b:1a:51:7f:c7:43:6a:d5:48:f2:50:1e:dc:e7:7b:
58:d0:e5:89:91:6b:d2:d2:7d:b3:81:3d:e5:37:34:
ca:74:84:39:79:1d:2e:dc:17:3d:c2:4f:ea:21:37:
d2:5a:c1:ae:01:1c:b0:4f:5f:ed:7d:8f:21:f6:3f:
33:80:99:00:9b:83:52:c5:20:20:c3:45:a0:ce:33:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9B:61:80:28:0C:49:28:0D:F2:BD:80:D3:0B:DC:3B:12:DF:44:F8
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/1-JthgCgMSSgN8r2A0wvcOxLfRPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2587::/33
Signature Algorithm: sha256WithRSAEncryption
80:ca:b7:45:06:66:82:72:20:94:58:58:71:18:52:f1:1d:19:
c1:0f:b5:c2:00:b4:31:92:dc:9c:43:c7:de:61:af:bc:66:3d:
e0:c8:3c:c5:6e:d3:22:e4:5b:5b:fd:af:4d:2b:33:e0:96:5f:
69:64:c7:d6:f5:6c:e9:68:00:0a:e6:c6:c7:06:76:2c:30:98:
d1:da:7a:42:1c:85:47:4a:b4:29:d9:93:e0:f1:3d:39:75:80:
3a:85:bc:d1:84:20:29:e2:62:4d:25:b6:42:f6:3b:18:7d:df:
fc:0f:1e:26:86:43:b0:a6:bd:e4:97:b1:2d:e2:9a:f2:1c:b7:
7b:ba:7b:53:5f:30:a7:16:11:d7:1a:c7:74:f1:b0:08:de:23:
b6:b6:29:ce:a6:5b:44:d9:86:6e:7a:39:15:e9:c6:5a:04:01:
27:44:4f:02:22:85:2e:5f:db:11:d4:2e:d6:de:03:f3:13:82:
8d:22:b9:4d:99:a5:6b:8d:51:aa:3e:4c:a9:16:65:14:d7:d9:
0e:9f:f6:54:79:d8:f2:b4:0e:82:5a:9e:4e:11:52:15:77:2b:
5f:c7:ed:bb:3c:7d:92:fe:97:24:5e:89:ac:ed:0a:3a:3a:79:
0b:79:17:c0:a9:08:89:b1:95:93:17:95:bd:4e:f7:73:d3:48:
eb:5a:1e:7e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBdrpHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2M2OWQwNDU4MzUwMGM1ZWY4MTEzNjgzMTIzNzU5M2UwYmI4NmNlMB4XDTIyMDEy
ODIwMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg5YjYxODAyODBj
NDkyODBkZjJiZDgwZDMwYmRjM2IxMmRmNDRmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrAlcv8WMJGZFSw97eOPtIvKmSd8z3ZkxHvd7PStZECSTUH
G9EDNQ46fwEr2QaAhFU342ZtdGAU3ZFCOiq1GBMsyL9Dfb0kA4FpCALfu/wBqPCM
60BGam9ZheDO9t+cDkMbWiAFQy54/BMVCnS6VkMn5a2eXP5WPfzgdjh2J8SSIzDp
txlM3hs/WhaUqoXGahTVdxtheMVJTFJRbKn47nQjL/NZ7TrTcKafS53OQx7QQj4K
KxpRf8dDatVI8lAe3Od7WNDliZFr0tJ9s4E95Tc0ynSEOXkdLtwXPcJP6iE30lrB
rgEcsE9f7X2PIfY/M4CZAJuDUsUgIMNFoM4zb50CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT4m2GAKAxJKA3yvYDTC9w7Et9E+DAfBgNVHSMEGDAWgBRzxp0EWDUAxe+B
E2gxI3WT4LuGzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M4YWRCRmcxQU1YdmdSTm9NU04xay1DN2hzNC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8x
LzEtSnRoZ0NnTVNTZ044cjJBMHd2Y094TGZSUGcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
LzZmNmNlMi1lNmVlLTRlMmEtOTA1ZC1mOWNiMGE3YjIwNmMvMS9jOGFkQkZnMUFN
WHZnUk5vTVNOMWstQzdoczQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgcqDSWHADANBgkqhkiG9w0BAQsF
AAOCAQEAgMq3RQZmgnIglFhYcRhS8R0ZwQ+1wgC0MZLcnEPH3mGvvGY94Mg8xW7T
IuRbW/2vTSsz4JZfaWTH1vVs6WgACubGxwZ2LDCY0dp6QhyFR0q0KdmT4PE9OXWA
OoW80YQgKeJiTSW2QvY7GH3f/A8eJoZDsKa95JexLeKa8hy3e7p7U18wpxYR1xrH
dPGwCN4jtrYpzqZbRNmGbno5FenGWgQBJ0RPAiKFLl/bEdQu1t4D8xOCjSK5TZml
a41Rqj5MqRZlFNfZDp/2VHnY8rQOglqeThFSFXcrX8ftuzx9kv6XJF6JrO0KOjp5
C3kXwKkIibGVkxeVvU73c9NI61oefg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org