Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/vc6aypmX01CnFJy9VRyufGURdk4.roa
File: vc6aypmX01CnFJy9VRyufGURdk4.roa (raw, json)
Hash identifier: csFpl2XhSLsphSNjbX3cAV4gYOxa8D2d77/7km3uNso=
Subject key identifier: BD:CE:9A:CA:99:97:D3:50:A7:14:9C:BD:55:1C:AE:7C:65:11:76:4E
Certificate issuer: /CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
Certificate serial: 04C49C45
Authority key identifier: 92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/vc6aypmX01CnFJy9VRyufGURdk4.roa
Signing time: Sat 01 Jan 2022 11:57:23 +0000
ROA not before: Sat 01 Jan 2022 11:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49271
IP address blocks: 2001:678:dd0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79993925 (0x4c49c45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
Validity
Not Before: Jan 1 11:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdce9aca9997d350a7149cbd551cae7c6511764e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:b4:a8:6b:7e:95:66:ff:88:61:bc:1e:0f:
0c:76:b2:56:3c:0c:99:ad:80:cc:21:04:7d:b1:c0:
28:87:f5:37:ad:9e:05:8f:ff:41:b0:80:c0:91:a1:
d6:27:34:a1:c8:48:dd:99:6e:38:3e:e9:28:60:11:
b4:a1:45:15:ad:42:e8:18:68:04:22:49:c6:fe:92:
b1:7f:98:22:13:17:46:b4:f1:ca:20:8b:4b:79:7d:
cd:55:22:f6:db:02:16:a8:91:f1:49:af:93:ba:fc:
8c:24:e2:0d:51:9e:a0:18:7b:17:c4:e6:39:d2:7c:
d9:76:a1:71:c6:d9:c7:5e:c9:57:ad:18:e8:ee:56:
78:5c:98:49:07:3e:fe:b5:f7:28:89:4e:83:cf:25:
05:b8:e7:40:2d:35:c5:1e:a3:fd:a8:f2:03:8b:a2:
a0:16:e7:13:7f:a1:a5:77:fc:0a:07:93:c5:89:24:
fa:ba:d2:ca:e4:72:db:60:af:9c:3c:e5:5d:2b:20:
7d:19:57:55:27:e2:17:f3:60:d6:7c:2a:a4:3c:c7:
30:8f:bf:0d:c7:cb:74:3f:b1:a0:67:3d:a5:5b:e4:
da:c6:58:61:3f:47:66:b6:d0:ad:fe:71:92:db:4f:
a3:89:fe:25:96:93:29:e4:fc:b0:29:19:41:83:d1:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CE:9A:CA:99:97:D3:50:A7:14:9C:BD:55:1C:AE:7C:65:11:76:4E
X509v3 Authority Key Identifier:
keyid:92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/vc6aypmX01CnFJy9VRyufGURdk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:dd0::/48
Signature Algorithm: sha256WithRSAEncryption
25:e7:0c:70:a6:bc:54:3e:fd:77:f9:e5:b8:36:ae:d9:cc:b7:
47:eb:d1:a4:9f:03:20:e8:2e:93:2a:50:ce:d5:96:7e:9e:8a:
13:a4:d7:af:4c:c5:02:86:3c:80:73:7a:60:c0:14:8f:6e:72:
35:3e:de:a5:64:49:f5:e5:75:05:df:15:cf:65:57:b9:ca:45:
91:0c:2a:92:6a:e9:9e:59:e1:6b:cc:81:44:8a:ab:90:ac:ae:
ef:50:7e:d3:12:4d:9d:65:8a:17:a9:b4:71:c6:46:e3:2b:28:
9e:c7:f6:bf:b6:94:1d:5e:d5:f1:a1:28:fa:09:81:e1:98:ee:
32:b4:dd:58:2e:a4:aa:2a:28:9e:7b:7d:3d:30:b0:6a:be:95:
07:7c:e7:c8:f0:f5:c7:47:0f:a6:78:f0:8a:51:f6:0d:cc:f3:
56:3a:0d:56:a0:da:44:69:db:6e:31:cc:f8:51:be:f0:11:ae:
8a:da:f9:08:59:3e:32:48:34:6b:0d:38:c3:63:ef:54:0b:2c:
39:c5:49:ad:11:96:32:74:7e:70:78:90:30:59:0b:7d:47:a8:
9d:b7:72:8c:a5:cb:31:1d:d5:6b:11:7d:52:00:2c:23:d4:ea:
93:89:ff:c4:fb:fe:56:c9:ab:32:b5:70:b9:ac:d8:8d:fb:36:
c3:df:22:8b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBMScRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjJmYmRmZjE1YzliZWMwZmVlNzMwOWJlNTkyZTVkODZkZDk0MDhhMB4XDTIyMDEw
MTExNTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRjZTlhY2E5OTk3
ZDM1MGE3MTQ5Y2JkNTUxY2FlN2M2NTExNzY0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwTtKhrfpVm/4hhvB4PDHayVjwMma2AzCEEfbHAKIf1N62e
BY//QbCAwJGh1ic0ochI3ZluOD7pKGARtKFFFa1C6BhoBCJJxv6SsX+YIhMXRrTx
yiCLS3l9zVUi9tsCFqiR8Umvk7r8jCTiDVGeoBh7F8TmOdJ82XahccbZx17JV60Y
6O5WeFyYSQc+/rX3KIlOg88lBbjnQC01xR6j/ajyA4uioBbnE3+hpXf8CgeTxYkk
+rrSyuRy22CvnDzlXSsgfRlXVSfiF/Ng1nwqpDzHMI+/DcfLdD+xoGc9pVvk2sZY
YT9HZrbQrf5xkttPo4n+JZaTKeT8sCkZQYPR5lECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS9zprKmZfTUKcUnL1VHK58ZRF2TjAfBgNVHSMEGDAWgBSSL73/Fcm+wP7n
MJvlkuXYbdlAijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpLTlfeFhKdnNELTV6Q2I1WkxsMkczWlFJby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8x
L3ZjNmF5cG1YMDFDbkZKeTlWUnl1ZkdVUmRrNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8xL2tpLTlfeFhKdnNE
LTV6Q2I1WkxsMkczWlFJby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN0DANBgkqhkiG9w0BAQsF
AAOCAQEAJecMcKa8VD79d/nluDau2cy3R+vRpJ8DIOgukypQztWWfp6KE6TXr0zF
AoY8gHN6YMAUj25yNT7epWRJ9eV1Bd8Vz2VXucpFkQwqkmrpnlnha8yBRIqrkKyu
71B+0xJNnWWKF6m0ccZG4ysonsf2v7aUHV7V8aEo+gmB4ZjuMrTdWC6kqioonnt9
PTCwar6VB3znyPD1x0cPpnjwilH2DczzVjoNVqDaRGnbbjHM+FG+8BGuitr5CFk+
Mkg0aw04w2PvVAssOcVJrRGWMnR+cHiQMFkLfUeonbdyjKXLMR3VaxF9UgAsI9Tq
k4n/xPv+VsmrMrVwuazYjfs2w98iiw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:54 2023 by rpki-client on console-fra.rpki-client.org