Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/DcBfIfNFc0bx33zoSs8GC7NQAtY.roa
File: DcBfIfNFc0bx33zoSs8GC7NQAtY.roa (raw, json)
Hash identifier: 6BSQcK4fl1vTR1WplRbBxlGyw0aeymipDVzraW5DrYI=
Subject key identifier: 0D:C0:5F:21:F3:45:73:46:F1:DF:7C:E8:4A:CF:06:0B:B3:50:02:D6
Certificate issuer: /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial: 04B521D0
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/DcBfIfNFc0bx33zoSs8GC7NQAtY.roa
Signing time: Tue 08 Feb 2022 20:15:07 +0000
ROA not before: Tue 08 Feb 2022 20:15:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208768
IP address blocks: 2a10:4741:22::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78979536 (0x4b521d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Validity
Not Before: Feb 8 20:15:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dc05f21f3457346f1df7ce84acf060bb35002d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c4:1b:8e:02:5c:c9:83:bf:6e:59:fd:f3:5b:
14:d0:29:a2:72:f9:bb:0b:14:40:dd:35:20:3d:b9:
8b:d5:b3:2c:2d:59:b2:16:8c:74:3d:06:b5:68:2a:
b6:22:3f:45:e8:32:78:ee:0d:e2:cb:49:8a:97:08:
0c:8c:3d:9f:ec:a0:f5:e0:62:9b:0e:c3:cf:93:45:
35:98:1e:b7:9c:c9:7e:2b:68:a1:aa:cb:0d:e5:c3:
15:0a:9b:f8:de:67:b0:72:ed:45:ea:10:83:10:43:
b4:17:f4:86:20:28:56:3a:7f:e2:58:06:31:48:70:
b1:d7:fe:52:3d:37:b5:c9:fd:46:74:29:b7:be:30:
03:7b:f9:39:f2:e9:07:98:d3:54:d9:3c:5e:f6:51:
ed:fe:af:ed:44:f8:a1:64:64:89:bc:b3:1d:0d:b3:
18:df:69:45:a9:1e:b3:be:c2:37:88:cd:fc:3e:e0:
b9:24:cf:58:28:f2:60:4c:5a:a9:a7:98:00:91:74:
ff:6e:9c:04:f8:fb:77:65:af:87:df:62:b8:b2:43:
62:f4:42:ac:e6:d9:c4:dd:17:a4:49:6f:d3:16:34:
9c:29:ff:99:13:58:04:42:6e:fb:ae:27:33:97:0b:
1d:76:13:78:e6:86:8f:f6:b0:29:c5:d8:a3:3a:19:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C0:5F:21:F3:45:73:46:F1:DF:7C:E8:4A:CF:06:0B:B3:50:02:D6
X509v3 Authority Key Identifier:
keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/DcBfIfNFc0bx33zoSs8GC7NQAtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:22::/48
Signature Algorithm: sha256WithRSAEncryption
ac:07:24:ed:d4:2a:1e:54:ed:a1:ca:83:1c:e2:47:d0:8d:d5:
61:a4:d2:72:1d:ac:7c:68:c9:ac:4c:70:ba:b1:e3:73:16:ba:
42:bb:93:a9:8c:b0:67:f6:e8:d7:b3:de:1c:3e:e3:b3:a3:a9:
af:9d:7c:ba:51:b2:bd:2a:b5:7b:19:c7:6a:e9:85:37:ec:7f:
21:55:a8:6b:f7:5e:a2:77:6e:e6:2f:e6:e8:b5:1d:e2:19:b7:
2e:49:bb:2b:e5:3a:ce:98:1e:5e:9c:f5:0f:0a:21:21:31:0c:
b3:59:0b:53:7d:66:7c:7e:9d:bb:46:8a:a5:dd:6d:31:a4:dd:
d4:04:4a:42:6e:ca:9f:0c:c1:b5:aa:60:f1:d4:aa:1e:6b:73:
62:4e:32:e0:68:30:9c:c4:61:c8:04:0f:1b:30:71:3c:cb:57:
50:e3:b6:44:fe:f1:bf:08:cb:01:d4:7b:d7:ed:f1:f3:bd:c2:
d3:ed:68:75:14:2b:42:b0:64:d6:2b:8c:75:87:b0:ee:19:54:
2d:11:dd:60:e4:4b:10:76:cb:1c:3c:c0:d9:97:7e:c3:57:f5:
4f:9d:5c:f3:72:50:4c:7c:cf:de:55:af:cc:c6:34:53:4e:ff:
33:83:35:2e:b2:67:ad:d0:90:c0:1d:23:d9:26:7f:21:b7:27:
fd:2d:b5:95
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBLUh0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY1MzY0NTg0M2U2ZDI4ODNkYzhmOWM0ZjQxNWMxZWFkYmJmNjBhMB4XDTIyMDIw
ODIwMTUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRjMDVmMjFmMzQ1
NzM0NmYxZGY3Y2U4NGFjZjA2MGJiMzUwMDJkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOzEG44CXMmDv25Z/fNbFNAponL5uwsUQN01ID25i9WzLC1Z
shaMdD0GtWgqtiI/RegyeO4N4stJipcIDIw9n+yg9eBimw7Dz5NFNZget5zJfito
oarLDeXDFQqb+N5nsHLtReoQgxBDtBf0hiAoVjp/4lgGMUhwsdf+Uj03tcn9RnQp
t74wA3v5OfLpB5jTVNk8XvZR7f6v7UT4oWRkibyzHQ2zGN9pRakes77CN4jN/D7g
uSTPWCjyYExaqaeYAJF0/26cBPj7d2Wvh99iuLJDYvRCrObZxN0XpElv0xY0nCn/
mRNYBEJu+64nM5cLHXYTeOaGj/awKcXYozoZteUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQNwF8h80VzRvHffOhKzwYLs1AC1jAfBgNVHSMEGDAWgBRd9TZFhD5tKIPc
j5xPQVwerbv2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmVTJSWVEtYlNpRDNJLWNUMEZjSHEyNzlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8x
L0RjQmZJZk5GYzBieDMzem9TczhHQzdOUUF0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8xL1hmVTJSWVEtYlNp
RDNJLWNUMEZjSHEyNzlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQR0EAIjANBgkqhkiG9w0BAQsF
AAOCAQEArAck7dQqHlTtocqDHOJH0I3VYaTSch2sfGjJrExwurHjcxa6QruTqYyw
Z/bo17PeHD7js6Opr518ulGyvSq1exnHaumFN+x/IVWoa/deondu5i/m6LUd4hm3
Lkm7K+U6zpgeXpz1DwohITEMs1kLU31mfH6du0aKpd1tMaTd1ARKQm7KnwzBtapg
8dSqHmtzYk4y4GgwnMRhyAQPGzBxPMtXUOO2RP7xvwjLAdR71+3x873C0+1odRQr
QrBk1iuMdYew7hlULRHdYORLEHbLHDzA2Zd+w1f1T51c83JQTHzP3lWvzMY0U07/
M4M1LrJnrdCQwB0j2SZ/Ibcn/S21lQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:04 2023 by rpki-client on console-fra.rpki-client.org