Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa
File: c3_q1_5NEkoz802pTAM0yspJMTY.roa (raw, json)
Hash identifier: 9ocjRANHimUG8IIdEICYSaNs3Xgv7MG/bHMdN2MCTdU=
Subject key identifier: 73:7F:EA:D7:FE:4D:12:4A:33:F3:4D:A9:4C:03:34:CA:CA:49:31:36
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 0184DA4B73BA9F373A215671C2F1C29A76A5
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa
Signing time: Sat 03 Dec 2022 23:21:28 +0000
ROA not before: Sat 03 Dec 2022 23:21:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211672
IP address blocks: 2a0f:b100:40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:da:4b:73:ba:9f:37:3a:21:56:71:c2:f1:c2:9a:76:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Dec 3 23:21:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=737fead7fe4d124a33f34da94c0334caca493136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5e:cb:e8:fa:e1:8b:93:f1:35:8e:92:41:7b:
19:42:e7:c2:c0:86:6e:e4:ec:a2:d6:e8:0c:06:76:
b2:c6:a8:93:42:f5:02:91:ac:82:c3:5a:a0:16:aa:
8a:c9:57:67:32:d3:e1:db:e1:d1:e6:7f:58:48:1d:
dc:88:38:44:35:6b:f8:f6:0e:ca:61:3d:f2:9c:9a:
4a:69:21:82:bc:70:9f:fe:58:61:2f:49:b7:7a:7e:
3a:8d:eb:79:c7:b3:37:62:f2:e1:09:ca:5e:07:e7:
c0:60:e7:8a:71:22:d3:48:2e:4b:24:a7:63:7d:7b:
f5:1e:18:d5:dc:82:84:f7:12:36:f1:91:f6:1a:6e:
11:5c:66:ba:ef:d4:f2:76:34:2b:8e:70:11:f2:3c:
af:da:f4:a1:9b:7d:d1:e7:41:f8:08:03:de:59:dc:
ee:76:92:00:b1:79:1f:45:77:ab:ed:56:1b:49:dc:
af:3c:11:bd:00:6e:df:f3:18:a9:7c:e8:0d:2a:78:
9e:cf:8c:63:46:b8:8e:15:bc:42:29:71:e9:55:c2:
19:a7:31:c6:93:77:bf:5b:4e:94:da:0f:00:1a:45:
e5:a9:ce:68:53:a5:e7:95:e3:59:31:1f:db:eb:24:
e9:f0:38:36:6a:cb:31:9b:82:55:3c:98:30:55:45:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7F:EA:D7:FE:4D:12:4A:33:F3:4D:A9:4C:03:34:CA:CA:49:31:36
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b100:40::/48
Signature Algorithm: sha256WithRSAEncryption
bd:70:27:2a:87:88:9a:35:49:76:75:25:26:b2:9b:fe:e8:8e:
bd:08:7c:b3:f3:aa:f4:f0:d9:4b:23:c4:db:24:6c:11:1c:01:
ce:34:83:65:b6:5e:67:13:59:c4:c5:96:36:de:ae:5c:6d:bd:
48:ae:eb:1d:cd:02:40:cf:c9:9c:65:18:5c:b6:16:ae:82:75:
c3:de:a4:5e:1e:7d:fe:e2:cc:30:40:a1:9c:fc:2b:b4:82:aa:
9b:b9:31:2e:f0:af:31:a1:0c:78:f3:a1:6b:4e:c1:51:28:82:
fc:b0:79:45:37:f7:e8:3d:4e:29:d5:55:6c:4d:34:cd:1b:88:
3d:16:2f:38:ac:b1:3a:57:f0:1c:eb:32:41:cc:9e:d7:fb:5f:
8a:71:c2:49:04:d5:65:42:df:44:79:82:f4:58:fd:31:75:29:
be:be:28:2b:02:dd:0b:73:75:ca:17:16:b4:20:b2:6c:f3:92:
54:7e:88:a9:04:5e:06:b4:80:fb:58:b1:b9:67:9c:64:23:b9:
c0:c7:62:61:9a:e3:50:93:01:a4:14:43:9b:6f:8f:3a:f7:56:
15:21:0a:9d:63:4f:31:4c:fd:73:7c:48:c9:89:aa:1e:74:32:
f6:00:04:fe:25:18:ee:a2:30:cf:7c:f1:ef:05:8d:5a:b3:c4:
f7:3b:e9:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTaS3O6nzc6IVZxwvHCmnalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIxMjAzMjMyMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdmZWFkN2ZlNGQxMjRhMzNmMzRkYTk0YzAzMzRjYWNhNDkzMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF7L6Prhi5PxNY6SQXsZQufCwIZu
5Oyi1ugMBnayxqiTQvUCkayCw1qgFqqKyVdnMtPh2+HR5n9YSB3ciDhENWv49g7K
YT3ynJpKaSGCvHCf/lhhL0m3en46jet5x7M3YvLhCcpeB+fAYOeKcSLTSC5LJKdj
fXv1HhjV3IKE9xI28ZH2Gm4RXGa679TydjQrjnAR8jyv2vShm33R50H4CAPeWdzu
dpIAsXkfRXer7VYbSdyvPBG9AG7f8xipfOgNKniez4xjRriOFbxCKXHpVcIZpzHG
k3e/W06U2g8AGkXlqc5oU6XnleNZMR/b6yTp8Dg2assxm4JVPJgwVUUmRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHN/6tf+TRJKM/NNqUwDNMrKSTE2MB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvYzNfcTFfNU5Fa296ODAycFRBTTB5c3BKTVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+xAABA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9cCcqh4iaNUl2dSUmspv+6I69CHyz86r08NlL
I8TbJGwRHAHONINltl5nE1nExZY23q5cbb1IrusdzQJAz8mcZRhcthaugnXD3qRe
Hn3+4swwQKGc/Cu0gqqbuTEu8K8xoQx486FrTsFRKIL8sHlFN/foPU4p1VVsTTTN
G4g9Fi84rLE6V/Ac6zJBzJ7X+1+KccJJBNVlQt9EeYL0WP0xdSm+vigrAt0Lc3XK
Fxa0ILJs85JUfoipBF4GtID7WLG5Z5xkI7nAx2JhmuNQkwGkFEObb48691YVIQqd
Y08xTP1zfEjJiaoedDL2AAT+JRjuojDPfPHvBY1as8T3O+kl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org