Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/l-ckbeXQP_ZyUKNP1JqIF7dPVZo.roa
File: l-ckbeXQP_ZyUKNP1JqIF7dPVZo.roa (raw, json)
Hash identifier: 0sVmFjny8UGNz7lsW9UpjZ0F21DwsPonHuvitRdC9qs=
Subject key identifier: 97:E7:24:6D:E5:D0:3F:F6:72:50:A3:4F:D4:9A:88:17:B7:4F:55:9A
Certificate issuer: /CN=f0eccc48200cef0216c2ce53869fd192b4a23f54
Certificate serial: 0188B595
Authority key identifier: F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/l-ckbeXQP_ZyUKNP1JqIF7dPVZo.roa
Signing time: Sat 01 Jan 2022 10:56:52 +0000
ROA not before: Sat 01 Jan 2022 10:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 2001:678:fb4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25736597 (0x188b595)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0eccc48200cef0216c2ce53869fd192b4a23f54
Validity
Not Before: Jan 1 10:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97e7246de5d03ff67250a34fd49a8817b74f559a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f2:1d:fa:21:36:f7:37:fd:c8:75:65:88:ab:
95:70:af:73:34:e9:aa:cd:ba:fc:c2:e9:55:96:2e:
8c:17:c6:f7:d5:4b:50:5f:b7:95:43:17:f3:f0:45:
c0:6e:6c:32:dc:8a:5c:25:d5:b5:e9:8c:10:9c:88:
f8:30:62:06:07:4b:e6:40:e6:41:59:34:61:ca:ab:
59:0c:17:9b:19:77:4f:82:b6:5f:65:04:c1:3c:b3:
ba:60:ed:30:9c:6d:1e:73:26:2e:bf:36:ae:16:bc:
86:5e:4b:92:a9:06:e2:2c:b1:84:9d:07:17:bd:71:
aa:4a:b4:fb:fc:a8:24:57:20:9d:cd:dc:5c:fb:b6:
bf:04:c7:00:1c:35:9d:c7:77:ab:51:f9:2f:1e:80:
07:7d:c8:9d:9e:05:a0:fb:ea:46:e0:4d:ca:1f:76:
6c:d8:c1:cb:df:ac:a0:0b:13:93:36:1d:c4:79:cd:
8d:6f:1f:18:05:15:42:99:03:1a:83:20:7f:db:94:
29:2e:b5:76:c6:ec:33:7a:4f:f9:da:87:fb:b6:21:
2c:c7:dd:ff:a7:27:fc:6a:da:c6:bd:91:ac:ab:af:
f0:b6:40:53:94:4b:f3:38:4d:d8:f9:e2:11:bd:8f:
b1:fb:13:ef:6c:eb:98:38:18:ca:d8:b6:46:cd:49:
ad:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E7:24:6D:E5:D0:3F:F6:72:50:A3:4F:D4:9A:88:17:B7:4F:55:9A
X509v3 Authority Key Identifier:
keyid:F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/l-ckbeXQP_ZyUKNP1JqIF7dPVZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/8OzMSCAM7wIWws5Thp_RkrSiP1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fb4::/48
Signature Algorithm: sha256WithRSAEncryption
05:20:1c:24:6f:3d:33:30:b7:51:38:bd:d6:e3:3b:fd:41:8c:
47:e9:a5:a5:9d:99:5e:7c:30:0f:8b:3a:d8:3d:68:14:6b:b5:
85:29:8d:be:c3:54:15:21:29:39:f3:4f:15:45:07:fc:b5:36:
8c:9f:5f:b8:50:d0:e6:6b:a3:d0:63:e4:3c:6b:4a:f1:7a:71:
c3:4b:16:d2:8a:84:3c:23:7d:fd:f4:aa:4c:e8:a0:2c:d8:42:
0d:1c:70:47:b0:60:1b:67:ef:b1:01:ac:de:83:ab:c5:65:e5:
3c:aa:df:52:23:bc:8e:c4:8b:c4:3a:ad:0c:71:ef:8d:b8:84:
70:91:5f:f5:50:c3:ce:0e:54:fb:ea:0e:8b:b5:84:fd:23:0a:
68:ca:1d:1a:42:fc:f8:2d:9e:30:5a:00:0c:e8:ee:04:07:3d:
b5:d4:12:02:ba:13:32:2f:00:5d:30:21:d1:08:f0:3a:13:a9:
3e:7a:ad:b4:8e:28:74:d0:8f:72:71:6f:d4:b4:36:7a:05:ce:
c8:7a:dd:c9:67:c3:54:bf:9e:9d:f8:52:76:51:70:6d:33:be:
d0:25:72:d3:7c:0b:9f:ef:83:ff:2d:fe:50:4d:df:77:97:93:
cd:5e:fe:90:24:fa:6b:7a:ad:cc:16:e5:e6:44:8c:3a:93:3d:
92:a3:a7:0d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAYi1lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGVjY2M0ODIwMGNlZjAyMTZjMmNlNTM4NjlmZDE5MmI0YTIzZjU0MB4XDTIyMDEw
MTEwNTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdlNzI0NmRlNWQw
M2ZmNjcyNTBhMzRmZDQ5YTg4MTdiNzRmNTU5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvyHfohNvc3/ch1ZYirlXCvczTpqs26/MLpVZYujBfG99VL
UF+3lUMX8/BFwG5sMtyKXCXVtemMEJyI+DBiBgdL5kDmQVk0YcqrWQwXmxl3T4K2
X2UEwTyzumDtMJxtHnMmLr82rha8hl5LkqkG4iyxhJ0HF71xqkq0+/yoJFcgnc3c
XPu2vwTHABw1ncd3q1H5Lx6AB33InZ4FoPvqRuBNyh92bNjBy9+soAsTkzYdxHnN
jW8fGAUVQpkDGoMgf9uUKS61dsbsM3pP+dqH+7YhLMfd/6cn/Graxr2RrKuv8LZA
U5RL8zhN2PniEb2PsfsT72zrmDgYyti2Rs1JrbsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSX5yRt5dA/9nJQo0/UmogXt09VmjAfBgNVHSMEGDAWgBTw7MxIIAzvAhbC
zlOGn9GStKI/VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhPek1TQ0FNN3dJV3dzNVRocF9Sa3JTaVAxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvY2RiODA5LWQxZDQtNDU1Ny1iNDMwLWJiNjVjNTkwMGY3NS8x
L2wtY2tiZVhRUF9aeVVLTlAxSnFJRjdkUFZaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
Y2RiODA5LWQxZDQtNDU1Ny1iNDMwLWJiNjVjNTkwMGY3NS8xLzhPek1TQ0FNN3dJ
V3dzNVRocF9Sa3JTaVAxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngPtDANBgkqhkiG9w0BAQsF
AAOCAQEABSAcJG89MzC3UTi91uM7/UGMR+mlpZ2ZXnwwD4s62D1oFGu1hSmNvsNU
FSEpOfNPFUUH/LU2jJ9fuFDQ5muj0GPkPGtK8Xpxw0sW0oqEPCN9/fSqTOigLNhC
DRxwR7BgG2fvsQGs3oOrxWXlPKrfUiO8jsSLxDqtDHHvjbiEcJFf9VDDzg5U++oO
i7WE/SMKaModGkL8+C2eMFoADOjuBAc9tdQSAroTMi8AXTAh0QjwOhOpPnqttI4o
dNCPcnFv1LQ2egXOyHrdyWfDVL+enfhSdlFwbTO+0CVy03wLn++D/y3+UE3fd5eT
zV7+kCT6a3qtzBbl5kSMOpM9kqOnDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:34 2023 by rpki-client on console-ams.rpki-client.org