Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/043xBJZJQG6n_8g5aNQpoduLWN8.roa
File: 043xBJZJQG6n_8g5aNQpoduLWN8.roa (raw, json)
Hash identifier: BQIwyst1sW4/qLWi4ycJJBNxtcg4fo6XeXlww5RG1JU=
Subject key identifier: D3:8D:F1:04:96:49:40:6E:A7:FF:C8:39:68:D4:29:A1:DB:8B:58:DF
Certificate issuer: /CN=eef8e980ce1eeb32748d94b1d0cd42489f91f6e9
Certificate serial: 9886C0
Authority key identifier: EE:F8:E9:80:CE:1E:EB:32:74:8D:94:B1:D0:CD:42:48:9F:91:F6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/043xBJZJQG6n_8g5aNQpoduLWN8.roa
Signing time: Sat 01 Jan 2022 01:50:38 +0000
ROA not before: Sat 01 Jan 2022 01:50:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210564
IP address blocks: 2001:67c:20fc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9995968 (0x9886c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eef8e980ce1eeb32748d94b1d0cd42489f91f6e9
Validity
Not Before: Jan 1 01:50:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d38df1049649406ea7ffc83968d429a1db8b58df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0f:d7:f1:22:15:3d:ed:77:bc:a7:4b:80:5b:
e7:a0:7a:b7:52:84:86:14:ba:55:4c:16:53:82:df:
d6:af:cf:ca:d1:bd:eb:41:1e:51:9e:0a:c2:39:f8:
43:05:31:1a:7a:c9:2e:ab:11:77:18:5a:f0:01:83:
59:05:90:d5:6e:72:c6:2f:c5:ff:af:33:45:db:78:
ab:2f:c9:83:4a:4e:79:2e:82:4f:0c:ba:85:05:ab:
08:0d:a3:2e:bd:60:44:b8:46:d6:38:1f:dd:ee:2d:
36:67:43:24:2f:9c:4d:5f:1c:26:d4:75:34:69:ed:
62:a5:5a:39:c7:89:38:f6:a1:f5:64:20:03:72:c5:
fb:5b:20:1a:63:72:6a:92:bc:84:fd:80:5d:c1:93:
7a:10:be:5d:73:0d:92:71:23:78:d8:dd:4a:5b:c8:
6f:57:cc:48:ae:31:08:4b:73:54:97:95:1a:e9:f6:
64:da:cb:7b:c8:51:b4:b7:94:32:4a:a5:60:17:20:
54:23:72:42:be:51:5f:c9:7d:c3:65:35:e3:34:71:
3f:1b:56:91:20:45:3f:c1:52:14:21:9a:3f:66:7c:
a2:54:42:c3:00:6b:37:bd:64:2c:39:46:36:96:56:
45:cb:33:a5:c1:d0:75:a5:4f:16:92:65:13:06:4d:
aa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8D:F1:04:96:49:40:6E:A7:FF:C8:39:68:D4:29:A1:DB:8B:58:DF
X509v3 Authority Key Identifier:
keyid:EE:F8:E9:80:CE:1E:EB:32:74:8D:94:B1:D0:CD:42:48:9F:91:F6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/043xBJZJQG6n_8g5aNQpoduLWN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e8e053-ea10-4285-adaa-b495eccb09c4/1/7vjpgM4e6zJ0jZSx0M1CSJ-R9uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:20fc::/48
Signature Algorithm: sha256WithRSAEncryption
93:f3:b5:55:45:fb:e2:34:49:dd:57:0d:a5:f1:85:72:d6:a5:
77:b7:10:57:06:a6:16:ae:a2:98:3b:06:ce:aa:7a:c6:f5:71:
12:53:b8:f9:70:bb:66:ac:f1:6e:88:22:92:c2:f1:81:0b:41:
f1:72:3e:2c:22:54:4b:d7:4f:cf:41:0b:85:a7:d5:8d:fa:e4:
bc:e6:9c:23:4f:a4:0c:2f:73:a6:90:cd:4c:ec:d0:8f:1d:f2:
88:ea:fc:2c:db:25:97:f6:3b:fc:bb:60:25:b0:6c:28:07:37:
fb:5e:82:83:3e:66:e5:8d:23:d1:3e:3c:85:b1:60:67:e5:12:
42:76:34:a1:a6:f1:ca:8e:ae:70:1f:5c:20:7a:c6:d9:ad:0b:
29:3b:fe:1b:03:a3:96:aa:db:b0:99:9d:b5:65:28:1a:ec:6d:
90:04:0e:93:6d:4e:10:cb:2e:a6:ff:c9:56:97:9a:60:bd:a7:
85:26:da:5b:c2:fe:fb:4d:c0:d9:63:4d:dc:0c:03:5e:41:01:
b2:90:16:80:6b:79:f2:dd:94:f6:f1:8d:99:11:26:ae:51:a6:
db:a5:f1:8b:66:df:c7:0e:06:18:74:ae:c6:8d:01:01:73:ec:
0e:50:91:16:f4:74:f6:bd:8c:f7:a0:d7:b3:ea:05:64:1d:94:
d1:f6:79:5f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAJiGwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWY4ZTk4MGNlMWVlYjMyNzQ4ZDk0YjFkMGNkNDI0ODlmOTFmNmU5MB4XDTIyMDEw
MTAxNTAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM4ZGYxMDQ5NjQ5
NDA2ZWE3ZmZjODM5NjhkNDI5YTFkYjhiNThkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQP1/EiFT3td7ynS4Bb56B6t1KEhhS6VUwWU4Lf1q/PytG9
60EeUZ4Kwjn4QwUxGnrJLqsRdxha8AGDWQWQ1W5yxi/F/68zRdt4qy/Jg0pOeS6C
Twy6hQWrCA2jLr1gRLhG1jgf3e4tNmdDJC+cTV8cJtR1NGntYqVaOceJOPah9WQg
A3LF+1sgGmNyapK8hP2AXcGTehC+XXMNknEjeNjdSlvIb1fMSK4xCEtzVJeVGun2
ZNrLe8hRtLeUMkqlYBcgVCNyQr5RX8l9w2U14zRxPxtWkSBFP8FSFCGaP2Z8olRC
wwBrN71kLDlGNpZWRcszpcHQdaVPFpJlEwZNqnECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTTjfEElklAbqf/yDlo1Cmh24tY3zAfBgNVHSMEGDAWgBTu+OmAzh7rMnSN
lLHQzUJIn5H26TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzd2anBnTTRlNnpKMGpaU3gwTTFDU0otUjl1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvZThlMDUzLWVhMTAtNDI4NS1hZGFhLWI0OTVlY2NiMDljNC8x
LzA0M3hCSlpKUUc2bl84ZzVhTlFwb2R1TFdOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
ZThlMDUzLWVhMTAtNDI4NS1hZGFhLWI0OTVlY2NiMDljNC8xLzd2anBnTTRlNnpK
MGpaU3gwTTFDU0otUjl1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwg/DANBgkqhkiG9w0BAQsF
AAOCAQEAk/O1VUX74jRJ3VcNpfGFctald7cQVwamFq6imDsGzqp6xvVxElO4+XC7
ZqzxbogiksLxgQtB8XI+LCJUS9dPz0ELhafVjfrkvOacI0+kDC9zppDNTOzQjx3y
iOr8LNsll/Y7/LtgJbBsKAc3+16Cgz5m5Y0j0T48hbFgZ+USQnY0oabxyo6ucB9c
IHrG2a0LKTv+GwOjlqrbsJmdtWUoGuxtkAQOk21OEMsupv/JVpeaYL2nhSbaW8L+
+03A2WNN3AwDXkEBspAWgGt58t2U9vGNmREmrlGm26Xxi2bfxw4GGHSuxo0BAXPs
DlCRFvR09r2M96DXs+oFZB2U0fZ5Xw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-ams.rpki-client.org