Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Z1TofnU4YcKBbPlLGYDCnIcfm4w.roa
File: Z1TofnU4YcKBbPlLGYDCnIcfm4w.roa (raw, json)
Hash identifier: mNLobLhfrmLbkCUbg7gcoMevthoRxzJN9ulO+HURmn8=
Subject key identifier: 67:54:E8:7E:75:38:61:C2:81:6C:F9:4B:19:80:C2:9C:87:1F:9B:8C
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0184D3CEAF347649F602DB792862BB7BC8FC
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Z1TofnU4YcKBbPlLGYDCnIcfm4w.roa
Signing time: Fri 02 Dec 2022 17:07:28 +0000
ROA not before: Fri 02 Dec 2022 17:07:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200927
IP address blocks: 2a03:5840:f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:ce:af:34:76:49:f6:02:db:79:28:62:bb:7b:c8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Dec 2 17:07:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6754e87e753861c2816cf94b1980c29c871f9b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c3:6d:af:a3:de:67:a1:e4:72:5c:82:75:80:
75:86:ab:67:d0:84:f9:f9:d6:d8:ea:05:cd:9e:5a:
86:d8:b0:82:35:61:e4:65:13:e0:33:08:97:74:f0:
b9:7f:70:26:8e:20:e2:fe:27:89:5e:f7:39:91:1b:
dc:b6:93:25:b6:62:fc:3f:e0:cd:b3:bb:7a:82:12:
1a:d8:3e:24:f1:3b:41:2f:12:b6:4a:fc:fc:0a:ea:
b9:7b:f0:90:6a:b8:d4:39:07:9e:15:5e:2c:ea:f1:
78:d0:7a:1a:52:4f:be:29:1c:d4:6c:81:e0:f7:1d:
c8:ed:d8:26:e4:7b:5d:f5:a8:5e:46:f4:3b:29:1b:
da:ce:f4:c1:53:1f:50:7d:8d:60:2b:ca:2f:d5:73:
60:06:1e:30:43:4f:04:f7:02:b4:95:cd:58:3b:da:
ee:62:e8:4e:e9:62:48:21:ad:6b:4a:db:68:54:f5:
b8:95:db:d1:c2:c3:13:ab:c0:e9:4e:16:ce:32:40:
cf:32:75:c8:51:c0:bd:fd:b7:3d:cb:d2:99:96:ae:
29:07:15:a0:71:40:db:63:16:be:06:4c:27:a4:28:
99:a5:fa:8b:4a:89:4d:92:17:39:de:72:6a:d1:61:
ae:32:36:3d:99:bd:19:81:60:ff:c8:68:ff:42:fd:
eb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:54:E8:7E:75:38:61:C2:81:6C:F9:4B:19:80:C2:9C:87:1F:9B:8C
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Z1TofnU4YcKBbPlLGYDCnIcfm4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:f0::/48
Signature Algorithm: sha256WithRSAEncryption
52:6d:c0:33:de:18:c6:08:22:39:74:30:8e:9a:71:f8:1b:89:
3a:25:94:e8:1d:c4:18:93:97:5a:a3:be:e8:4c:40:68:44:5e:
b5:71:73:71:98:f8:93:38:ae:69:d4:b3:b9:76:1f:f4:0f:48:
e9:6c:1a:7d:6d:89:0d:21:18:8d:45:4c:ff:1d:5a:ee:02:dc:
c9:db:e4:85:1a:a7:87:86:cf:ce:57:0d:d2:f2:25:9f:7f:f9:
d7:10:b5:49:87:7a:6f:7d:f4:8a:3f:38:00:15:d8:2d:36:06:
90:3f:2f:b2:bd:8d:b3:11:43:0f:ca:08:05:2f:bc:37:91:17:
12:94:c4:d8:a0:99:80:5f:49:2a:88:fe:cc:20:6f:4e:62:71:
82:57:d4:a5:38:55:34:68:30:53:46:97:23:9d:a4:cd:eb:d6:
9c:87:af:a7:6b:7c:37:35:4a:13:d8:9f:32:1c:aa:40:92:84:
b9:13:69:9b:2f:3c:c9:5b:2d:6d:bc:d0:be:43:f4:a0:f7:2e:
1f:61:2e:22:6b:28:8c:92:38:ab:8b:fc:39:a6:52:3e:d0:62:
f9:5b:01:08:eb:70:6f:e5:44:d2:a7:3b:d2:5c:06:46:f0:73:
b1:4a:9b:28:ef:13:6e:78:03:d5:7d:8e:fd:c7:35:bb:20:4f:
35:93:a9:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTTzq80dkn2Att5KGK7e8j8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjIxMjAyMTcwNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU0ZTg3ZTc1Mzg2MWMyODE2Y2Y5NGIxOTgwYzI5Yzg3MWY5YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Ntr6PeZ6HkclyCdYB1hqtn0IT5
+dbY6gXNnlqG2LCCNWHkZRPgMwiXdPC5f3AmjiDi/ieJXvc5kRvctpMltmL8P+DN
s7t6ghIa2D4k8TtBLxK2Svz8Cuq5e/CQarjUOQeeFV4s6vF40HoaUk++KRzUbIHg
9x3I7dgm5Htd9aheRvQ7KRvazvTBUx9QfY1gK8ov1XNgBh4wQ08E9wK0lc1YO9ru
YuhO6WJIIa1rSttoVPW4ldvRwsMTq8DpThbOMkDPMnXIUcC9/bc9y9KZlq4pBxWg
cUDbYxa+BkwnpCiZpfqLSolNkhc53nJq0WGuMjY9mb0ZgWD/yGj/Qv3rDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGdU6H51OGHCgWz5SxmAwpyHH5uMMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvWjFUb2ZuVTRZY0tCYlBsTEdZRENuSWNmbTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQADw
MA0GCSqGSIb3DQEBCwUAA4IBAQBSbcAz3hjGCCI5dDCOmnH4G4k6JZToHcQYk5da
o77oTEBoRF61cXNxmPiTOK5p1LO5dh/0D0jpbBp9bYkNIRiNRUz/HVruAtzJ2+SF
GqeHhs/OVw3S8iWff/nXELVJh3pvffSKPzgAFdgtNgaQPy+yvY2zEUMPyggFL7w3
kRcSlMTYoJmAX0kqiP7MIG9OYnGCV9SlOFU0aDBTRpcjnaTN69ach6+na3w3NUoT
2J8yHKpAkoS5E2mbLzzJWy1tvNC+Q/Sg9y4fYS4iayiMkjiri/w5plI+0GL5WwEI
63Bv5UTSpzvSXAZG8HOxSpso7xNueAPVfY79xzW7IE81k6lG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:23 2023 by rpki-client on console-fra.rpki-client.org