Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/799f0d-a4f1-4a5b-8cc0-3a703789b03b/1/8isARl2yZLh3n7FD_ZOa9pB4k8c.roa
File: 8isARl2yZLh3n7FD_ZOa9pB4k8c.roa (raw, json)
Hash identifier: cIBV1qvN4hAvpMH74+EnCFST3MPJvYUsWldw0BxbYEU=
Subject key identifier: F2:2B:00:46:5D:B2:64:B8:77:9F:B1:43:FD:93:9A:F6:90:78:93:C7
Certificate issuer: /CN=2ad354bba0e04d7e5aad27792789fc26ddd6df51
Certificate serial: 017287FE
Authority key identifier: 2A:D3:54:BB:A0:E0:4D:7E:5A:AD:27:79:27:89:FC:26:DD:D6:DF:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtNUu6DgTX5arSd5J4n8Jt3W31E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/799f0d-a4f1-4a5b-8cc0-3a703789b03b/1/8isARl2yZLh3n7FD_ZOa9pB4k8c.roa
Signing time: Sat 01 Jan 2022 14:54:43 +0000
ROA not before: Sat 01 Jan 2022 14:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29670
IP address blocks: 2001:678:fd8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24283134 (0x17287fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad354bba0e04d7e5aad27792789fc26ddd6df51
Validity
Not Before: Jan 1 14:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f22b00465db264b8779fb143fd939af6907893c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:01:2a:07:06:3c:e1:7c:49:89:55:dd:48:9c:
eb:b9:88:06:32:9f:64:04:d4:15:7e:ec:8b:f3:a2:
05:8f:e0:de:99:74:a9:dc:34:f0:da:a4:f6:b7:b9:
84:18:73:fb:77:82:6f:28:28:07:df:07:88:c4:06:
53:b9:e6:5f:7e:fb:72:d6:9a:21:27:06:55:dd:a6:
97:8c:8c:ac:0a:b1:02:e5:71:4c:16:d5:ba:64:a4:
cb:60:7b:01:d3:f7:33:e2:5b:6b:59:9e:aa:6e:c2:
e9:9c:26:c9:af:b0:c9:fe:1b:0d:87:7a:fe:5c:c0:
b8:6e:22:08:de:0e:50:a3:4b:2a:e4:3e:e4:0f:18:
4b:43:af:e3:dc:62:cb:9f:0a:da:b2:a8:e7:4e:28:
4a:d8:bb:0b:a5:f8:16:7d:fc:5f:85:48:cf:fd:6f:
89:33:c8:32:de:64:f5:4d:2b:50:3f:03:9f:4e:4f:
d5:e1:85:d6:22:fb:ab:cd:35:81:d6:86:4e:50:60:
57:8c:b5:88:71:5c:0f:60:7c:8c:19:2d:63:a1:b3:
0a:fb:b7:72:3c:b5:2d:9b:00:21:b2:59:b4:e6:8a:
6b:78:ef:7a:4d:84:92:43:41:f0:f2:70:57:7d:0a:
5a:57:94:41:1a:53:e0:d4:c4:3d:90:8f:d8:be:fd:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2B:00:46:5D:B2:64:B8:77:9F:B1:43:FD:93:9A:F6:90:78:93:C7
X509v3 Authority Key Identifier:
keyid:2A:D3:54:BB:A0:E0:4D:7E:5A:AD:27:79:27:89:FC:26:DD:D6:DF:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtNUu6DgTX5arSd5J4n8Jt3W31E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/799f0d-a4f1-4a5b-8cc0-3a703789b03b/1/8isARl2yZLh3n7FD_ZOa9pB4k8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/799f0d-a4f1-4a5b-8cc0-3a703789b03b/1/KtNUu6DgTX5arSd5J4n8Jt3W31E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fd8::/48
Signature Algorithm: sha256WithRSAEncryption
23:d9:c4:26:d8:65:c3:72:e9:9b:3a:3d:96:d9:b6:f5:bd:d8:
69:56:ef:11:bf:17:93:94:f3:e5:11:8b:22:71:89:45:96:77:
db:cc:02:cb:8d:5e:14:7c:f9:39:c8:09:98:2e:e7:4e:96:82:
c8:f1:ea:d2:0c:f7:49:9e:fb:10:89:df:c2:e7:2e:20:64:f6:
99:35:96:83:b2:df:cc:f6:b7:8f:14:3a:42:26:98:b5:14:eb:
93:4f:db:46:60:8f:95:66:20:f1:cd:d5:bc:35:ea:49:8a:d6:
fb:4c:c0:52:d0:d2:7b:1d:8e:a5:74:ee:8c:76:f8:9c:89:56:
a9:86:a7:29:73:63:a2:88:57:60:0f:b9:96:22:2d:ab:de:67:
2c:26:cb:a5:2b:83:f7:b7:6e:c1:99:15:e0:e2:0d:08:ed:dd:
3b:a9:30:cd:6f:1a:70:aa:95:1f:56:3b:ca:e2:d6:bb:84:1d:
42:21:9b:c5:cc:31:55:80:05:e1:6a:07:16:a0:31:9e:37:71:
dd:a3:0e:00:6a:7d:bb:91:98:7e:ef:09:dd:56:36:a7:e5:6d:
d6:bb:e8:1d:a9:c6:81:ed:24:40:ce:ab:60:cc:2f:77:22:05:
f1:94:ad:d3:90:6c:69:4b:e6:2b:d0:de:00:c1:8a:3d:98:15:
37:72:4f:8f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAXKH/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWQzNTRiYmEwZTA0ZDdlNWFhZDI3NzkyNzg5ZmMyNmRkZDZkZjUxMB4XDTIyMDEw
MTE0NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIyYjAwNDY1ZGIy
NjRiODc3OWZiMTQzZmQ5MzlhZjY5MDc4OTNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoBKgcGPOF8SYlV3Uic67mIBjKfZATUFX7si/OiBY/g3pl0
qdw08Nqk9re5hBhz+3eCbygoB98HiMQGU7nmX377ctaaIScGVd2ml4yMrAqxAuVx
TBbVumSky2B7AdP3M+Jba1meqm7C6Zwmya+wyf4bDYd6/lzAuG4iCN4OUKNLKuQ+
5A8YS0Ov49xiy58K2rKo504oSti7C6X4Fn38X4VIz/1viTPIMt5k9U0rUD8Dn05P
1eGF1iL7q801gdaGTlBgV4y1iHFcD2B8jBktY6GzCvu3cjy1LZsAIbJZtOaKa3jv
ek2EkkNB8PJwV30KWleUQRpT4NTEPZCP2L79uQkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTyKwBGXbJkuHefsUP9k5r2kHiTxzAfBgNVHSMEGDAWgBQq01S7oOBNflqt
J3knifwm3dbfUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t0TlV1NkRnVFg1YXJTZDVKNG44SnQzVzMxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNzk5ZjBkLWE0ZjEtNGE1Yi04Y2MwLTNhNzAzNzg5YjAzYi8x
Lzhpc0FSbDJ5WkxoM243RkRfWk9hOXBCNGs4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
Nzk5ZjBkLWE0ZjEtNGE1Yi04Y2MwLTNhNzAzNzg5YjAzYi8xL0t0TlV1NkRnVFg1
YXJTZDVKNG44SnQzVzMxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngP2DANBgkqhkiG9w0BAQsF
AAOCAQEAI9nEJthlw3Lpmzo9ltm29b3YaVbvEb8Xk5Tz5RGLInGJRZZ328wCy41e
FHz5OcgJmC7nTpaCyPHq0gz3SZ77EInfwucuIGT2mTWWg7LfzPa3jxQ6QiaYtRTr
k0/bRmCPlWYg8c3VvDXqSYrW+0zAUtDSex2OpXTujHb4nIlWqYanKXNjoohXYA+5
liItq95nLCbLpSuD97duwZkV4OINCO3dO6kwzW8acKqVH1Y7yuLWu4QdQiGbxcwx
VYAF4WoHFqAxnjdx3aMOAGp9u5GYfu8J3VY2p+Vt1rvoHanGge0kQM6rYMwvdyIF
8ZSt05BsaUvmK9DeAMGKPZgVN3JPjw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:33 2025 by rpki-client