Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PPvCHNWMqXFikRuslO5dQ8bfUYA.roa
File: PPvCHNWMqXFikRuslO5dQ8bfUYA.roa (raw, json)
Hash identifier: jXZ0XaDdMBLpkCbQgNKRUUW3a452D6MOwPy87b9NlFs=
Subject key identifier: 3C:FB:C2:1C:D5:8C:A9:71:62:91:1B:AC:94:EE:5D:43:C6:DF:51:80
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 07AA537C
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PPvCHNWMqXFikRuslO5dQ8bfUYA.roa
Signing time: Sat 01 Jan 2022 08:01:49 +0000
ROA not before: Sat 01 Jan 2022 08:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57969
IP address blocks: 2a09:7:2002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128603004 (0x7aa537c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 08:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cfbc21cd58ca97162911bac94ee5d43c6df5180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:ea:8b:1e:94:a5:e5:42:08:ac:42:fb:fc:
c5:9a:d6:dc:f0:bd:f0:d3:25:9a:0e:a4:85:af:10:
07:7a:b9:98:41:7f:7c:61:18:3b:79:6e:9b:66:09:
38:e4:93:d7:4f:a8:06:e3:6d:01:5e:8b:99:bb:1c:
1b:c8:c7:11:dc:ed:84:dc:cc:70:8d:3d:5f:dd:9a:
f8:bc:50:52:95:e4:d8:5f:23:7a:95:68:eb:94:5e:
26:4b:7a:1c:b9:eb:e9:b9:25:91:97:66:05:99:3a:
3d:49:55:65:70:83:d3:b8:a8:62:87:9b:30:1b:9f:
ea:b5:e1:f4:fe:c9:5f:9f:5d:9d:83:51:28:04:f4:
16:82:37:d6:7d:c2:7b:e8:d7:ff:d2:1a:73:27:f2:
6d:b2:c6:87:f7:fc:27:a1:b7:01:a4:be:7f:13:4a:
53:b9:53:8c:ff:e5:f7:50:9d:cf:38:21:8b:80:8b:
a1:00:89:51:8d:76:86:49:06:95:e9:20:45:a1:87:
68:b9:c1:ed:06:17:e0:13:3a:93:fa:72:10:c3:fb:
01:03:b3:cc:52:fa:14:f4:eb:8a:76:4a:24:b7:e1:
c6:5d:e5:cd:5e:16:8c:2f:c9:49:54:47:24:78:8f:
ff:88:af:c6:34:7e:bb:78:c9:3d:82:3b:83:ec:0b:
4a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FB:C2:1C:D5:8C:A9:71:62:91:1B:AC:94:EE:5D:43:C6:DF:51:80
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PPvCHNWMqXFikRuslO5dQ8bfUYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7:2002::/48
Signature Algorithm: sha256WithRSAEncryption
5a:f7:1b:9a:03:cc:df:45:7c:ae:c7:5f:bf:17:20:78:92:97:
be:c9:27:be:e3:b1:41:dd:fb:fa:cb:14:e5:69:8f:21:6f:dc:
1f:71:cd:57:14:ba:2e:e1:05:0c:8f:b2:73:19:29:f0:38:22:
2a:6e:56:d1:de:fc:b5:bd:95:95:ed:0a:e9:22:b5:70:bf:70:
d8:3f:b7:5e:d9:80:4f:ec:91:c5:02:15:08:84:7c:f6:ee:51:
e7:4d:d9:54:09:7a:d7:8f:5e:d6:96:7a:04:26:6a:98:a9:2f:
96:21:0a:49:1f:a4:e9:c6:0c:a5:e7:d7:d6:da:bf:3f:d3:c2:
96:4a:5a:90:fc:83:5b:58:b3:9f:18:a7:6c:ec:b4:3e:ba:de:
61:62:5f:d3:23:e5:6e:e3:eb:43:d4:86:04:83:90:17:2f:72:
45:52:50:63:c7:e6:a7:57:85:f7:43:29:18:f6:d7:d2:54:55:
9a:1e:98:1d:b6:1e:9d:d8:88:e7:0d:83:e3:8f:cd:41:c1:7b:
27:45:b4:6a:b8:5e:5a:23:6d:fc:ab:1f:45:63:f0:19:8c:7c:
65:24:8f:0f:05:3a:db:e2:9a:98:a1:c4:1e:de:95:56:7d:9a:
3c:7a:03:ad:eb:e2:ed:8e:68:2f:07:dc:3c:5c:52:a9:f6:54:
11:2c:81:b4
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB6pTfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NmYmMyMWNkNThj
YTk3MTYyOTExYmFjOTRlZTVkNDNjNmRmNTE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDZ6oselKXlQgisQvv8xZrW3PC98NMlmg6kha8QB3q5mEF/
fGEYO3lum2YJOOST10+oBuNtAV6LmbscG8jHEdzthNzMcI09X92a+LxQUpXk2F8j
epVo65ReJkt6HLnr6bklkZdmBZk6PUlVZXCD07ioYoebMBuf6rXh9P7JX59dnYNR
KAT0FoI31n3Ce+jX/9IacyfybbLGh/f8J6G3AaS+fxNKU7lTjP/l91Cdzzghi4CL
oQCJUY12hkkGlekgRaGHaLnB7QYX4BM6k/pyEMP7AQOzzFL6FPTrinZKJLfhxl3l
zV4WjC/JSVRHJHiP/4ivxjR+u3jJPYI7g+wLSuMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ8+8Ic1YypcWKRG6yU7l1Dxt9RgDAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L1BQdkNITldNcVhGaWtSdXNsTzVkUThiZlVZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJAAcgAjANBgkqhkiG9w0BAQsF
AAOCAQEAWvcbmgPM30V8rsdfvxcgeJKXvsknvuOxQd37+ssU5WmPIW/cH3HNVxS6
LuEFDI+ycxkp8DgiKm5W0d78tb2Vle0K6SK1cL9w2D+3XtmAT+yRxQIVCIR89u5R
503ZVAl6149e1pZ6BCZqmKkvliEKSR+k6cYMpefX1tq/P9PClkpakPyDW1iznxin
bOy0PrreYWJf0yPlbuPrQ9SGBIOQFy9yRVJQY8fmp1eF90MpGPbX0lRVmh6YHbYe
ndiI5w2D44/NQcF7J0W0arheWiNt/KsfRWPwGYx8ZSSPDwU62+KamKHEHt6VVn2a
PHoDrevi7Y5oLwfcPFxSqfZUESyBtA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org