Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/cF8kuOxrkBZkHEozyGyuvK5RnzE.roa
File: cF8kuOxrkBZkHEozyGyuvK5RnzE.roa (raw, json)
Hash identifier: 2OYOvUjF/YHng8WYRBn9uxG7RPAffw2pJPaoNpeUohA=
Subject key identifier: 70:5F:24:B8:EC:6B:90:16:64:1C:4A:33:C8:6C:AE:BC:AE:51:9F:31
Certificate issuer: /CN=7587902ce7a6a334a4e0db73e721989015d6489b
Certificate serial: 04A9C7EE
Authority key identifier: 75:87:90:2C:E7:A6:A3:34:A4:E0:DB:73:E7:21:98:90:15:D6:48:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYeQLOemozSk4Ntz5yGYkBXWSJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/cF8kuOxrkBZkHEozyGyuvK5RnzE.roa
Signing time: Sat 01 Jan 2022 00:52:38 +0000
ROA not before: Sat 01 Jan 2022 00:52:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207111
IP address blocks: 2001:67c:770::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78235630 (0x4a9c7ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7587902ce7a6a334a4e0db73e721989015d6489b
Validity
Not Before: Jan 1 00:52:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=705f24b8ec6b9016641c4a33c86caebcae519f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:27:c2:75:f4:db:bf:6f:fe:90:53:f2:3e:c3:
9b:8e:f5:22:7b:cd:0b:21:5b:a9:fb:a8:78:b3:5b:
51:d4:41:23:64:9a:c4:54:c9:6c:93:7c:8c:0d:50:
29:3e:90:53:f1:74:53:13:9a:0d:56:dd:7b:ab:7f:
3f:23:5b:7b:a9:13:18:76:2a:34:d3:e2:7c:23:3a:
05:df:8c:25:80:82:0d:54:88:9f:de:3c:fa:60:b0:
29:b7:49:90:bf:a3:4d:2d:3f:85:d7:02:e0:51:75:
c0:f3:c4:dd:b7:4f:df:ab:74:2a:01:18:cc:9b:e4:
cf:d8:da:6e:96:51:39:35:f5:3f:82:ee:c6:7c:9b:
fd:10:86:df:f2:40:a7:2a:09:8e:34:5d:8b:23:ca:
2c:f8:ca:d0:41:fd:9b:97:ba:46:5e:6e:d9:f7:1d:
26:89:fa:25:2b:86:a7:87:4e:34:b8:39:f5:1a:67:
47:b6:0b:bd:46:3a:ff:39:4d:62:dc:f7:4b:c8:0b:
eb:9c:82:6b:de:e3:29:ea:dd:03:3c:b3:56:98:0e:
c4:cf:d0:06:ef:f3:7c:32:c8:89:f0:c0:2a:5f:a4:
b7:0e:19:14:68:5d:4b:25:3b:23:90:99:7a:4b:fd:
9d:11:83:c4:15:8f:fb:16:df:fe:3e:c7:94:76:b0:
24:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5F:24:B8:EC:6B:90:16:64:1C:4A:33:C8:6C:AE:BC:AE:51:9F:31
X509v3 Authority Key Identifier:
keyid:75:87:90:2C:E7:A6:A3:34:A4:E0:DB:73:E7:21:98:90:15:D6:48:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYeQLOemozSk4Ntz5yGYkBXWSJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/cF8kuOxrkBZkHEozyGyuvK5RnzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/dYeQLOemozSk4Ntz5yGYkBXWSJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:770::/48
Signature Algorithm: sha256WithRSAEncryption
61:72:a7:95:7f:80:33:bd:0b:b4:8b:84:c9:db:e8:3e:78:d2:
5f:36:8d:6d:8f:bd:cd:07:08:71:e3:f2:22:47:25:4b:99:22:
24:87:ea:cb:53:89:1b:8c:1e:e9:b9:2c:02:06:75:f5:c1:19:
93:f9:ba:7b:cc:9d:fe:02:7e:33:6c:1b:dc:47:0c:d5:d6:6d:
df:2d:9d:b3:3a:20:8f:4e:ef:a1:ff:b2:59:ed:89:b5:b3:5c:
10:57:f6:d1:e2:ea:2f:ab:4d:dd:23:e1:ec:e5:83:7b:69:b0:
fc:65:c4:61:13:e2:6f:87:69:4a:6b:f8:3a:47:7b:5d:da:89:
b2:e5:bb:64:ca:dd:16:46:d7:43:7c:0d:1b:43:5f:9f:5b:85:
dd:9f:ad:a3:6b:2d:17:b7:c3:01:72:34:e5:cc:f7:20:68:04:
7c:f3:2e:be:c6:07:e1:f9:76:45:ab:56:75:3d:98:66:3a:58:
a5:09:83:16:41:86:43:de:0a:b1:d2:2a:35:37:55:86:4e:65:
88:85:3e:54:59:42:89:da:e0:98:4e:31:7c:8c:39:da:a6:64:
8f:06:ac:ee:2a:4b:61:93:40:e4:f1:1e:52:d8:38:ce:d3:75:
2a:17:0b:8d:02:41:86:95:4c:63:7e:5a:d9:5c:d0:da:0f:19:
0b:9b:74:8a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBKnH7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTg3OTAyY2U3YTZhMzM0YTRlMGRiNzNlNzIxOTg5MDE1ZDY0ODliMB4XDTIyMDEw
MTAwNTIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA1ZjI0YjhlYzZi
OTAxNjY0MWM0YTMzYzg2Y2FlYmNhZTUxOWYzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcnwnX0279v/pBT8j7Dm471InvNCyFbqfuoeLNbUdRBI2Sa
xFTJbJN8jA1QKT6QU/F0UxOaDVbde6t/PyNbe6kTGHYqNNPifCM6Bd+MJYCCDVSI
n948+mCwKbdJkL+jTS0/hdcC4FF1wPPE3bdP36t0KgEYzJvkz9jabpZROTX1P4Lu
xnyb/RCG3/JApyoJjjRdiyPKLPjK0EH9m5e6Rl5u2fcdJon6JSuGp4dONLg59Rpn
R7YLvUY6/zlNYtz3S8gL65yCa97jKerdAzyzVpgOxM/QBu/zfDLIifDAKl+ktw4Z
FGhdSyU7I5CZekv9nRGDxBWP+xbf/j7HlHawJP8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRwXyS47GuQFmQcSjPIbK68rlGfMTAfBgNVHSMEGDAWgBR1h5As56ajNKTg
23PnIZiQFdZImzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RZZVFMT2Vtb3pTazROdHo1eUdZa0JYV1NKcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNGRlOWJhLTBhNmItNDdmOC05NzcwLWY5MjAxOTM3NWJjOC8x
L2NGOGt1T3hya0Jaa0hFb3p5R3l1dks1Um56RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NGRlOWJhLTBhNmItNDdmOC05NzcwLWY5MjAxOTM3NWJjOC8xL2RZZVFMT2Vtb3pT
azROdHo1eUdZa0JYV1NKcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwHcDANBgkqhkiG9w0BAQsF
AAOCAQEAYXKnlX+AM70LtIuEydvoPnjSXzaNbY+9zQcIcePyIkclS5kiJIfqy1OJ
G4we6bksAgZ19cEZk/m6e8yd/gJ+M2wb3EcM1dZt3y2dszogj07vof+yWe2JtbNc
EFf20eLqL6tN3SPh7OWDe2mw/GXEYRPib4dpSmv4Okd7XdqJsuW7ZMrdFkbXQ3wN
G0Nfn1uF3Z+to2stF7fDAXI05cz3IGgEfPMuvsYH4fl2RatWdT2YZjpYpQmDFkGG
Q94KsdIqNTdVhk5liIU+VFlCidrgmE4xfIw52qZkjwas7ipLYZNA5PEeUtg4ztN1
KhcLjQJBhpVMY35a2VzQ2g8ZC5t0ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:03 2024 by rpki-client on console-ams.rpki-client.org