Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PpfPQpXn_o8314skDyu8SzDJDfQ.roa
File: PpfPQpXn_o8314skDyu8SzDJDfQ.roa (raw, json)
Hash identifier: Zn5AhMBBtIWq8eqg3vr+mqgBtXDi1H5hC36qO1Ff0fg=
Subject key identifier: 3E:97:CF:42:95:E7:FE:8F:37:D7:8B:24:0F:2B:BC:4B:30:C9:0D:F4
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 1B4B52FB
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PpfPQpXn_o8314skDyu8SzDJDfQ.roa
Signing time: Sat 19 Mar 2022 08:39:47 +0000
ROA not before: Sat 19 Mar 2022 08:39:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29802
IP address blocks: 2a00:17c0:c4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457921275 (0x1b4b52fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Mar 19 08:39:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e97cf4295e7fe8f37d78b240f2bbc4b30c90df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:a8:70:43:00:c6:28:44:ff:7e:ab:fb:6c:
28:1f:a1:23:e9:09:c3:8a:f7:73:47:46:bb:2a:4c:
17:ef:5a:09:57:d0:aa:71:56:57:16:c0:87:fe:d7:
52:0d:c5:0f:be:85:95:17:4c:06:24:ea:ff:6d:67:
61:79:24:7d:aa:cb:78:de:3c:61:e6:31:14:d3:56:
48:89:50:b9:60:55:6a:70:3c:61:a6:9b:b0:04:bb:
cd:ae:d9:6a:ba:8c:04:da:71:d8:50:db:4a:13:e8:
d6:25:9f:44:f1:a8:06:8d:49:a3:b1:fb:87:1b:37:
51:52:0f:c8:af:d1:c0:ee:0a:90:aa:62:f9:f5:21:
22:9d:f3:e6:2a:a2:4f:fd:86:84:bd:0c:03:bd:6f:
4f:11:8c:c4:ec:67:81:ec:eb:14:0a:a4:b8:d3:25:
d7:2f:96:bc:89:32:c8:ec:74:ae:0f:1e:cd:82:2c:
43:6a:f5:31:9e:57:36:c1:36:61:7c:92:27:fd:ee:
aa:15:00:92:d1:e2:09:20:e9:82:c8:67:60:de:d5:
3a:30:8e:42:46:7a:40:1c:27:bf:24:86:8c:93:b0:
12:e2:6c:e4:94:03:23:04:af:15:c7:58:0c:3b:1a:
a1:c1:20:66:61:e8:3e:e5:82:58:da:fd:d8:0e:38:
82:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:97:CF:42:95:E7:FE:8F:37:D7:8B:24:0F:2B:BC:4B:30:C9:0D:F4
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PpfPQpXn_o8314skDyu8SzDJDfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:17c0:c4::/48
Signature Algorithm: sha256WithRSAEncryption
90:a0:83:dc:04:b8:20:3b:a4:72:14:a0:b1:b0:fe:ab:ee:93:
10:ae:5e:80:cd:d4:60:22:74:8b:38:72:e0:a8:3e:7d:8f:76:
4c:b5:b6:23:e4:5f:23:c3:a5:02:63:ce:4c:12:96:2c:80:03:
1a:c4:01:3e:12:b8:c1:da:88:5b:c9:98:a8:4d:9c:7d:6a:45:
10:e8:9a:35:88:cb:ef:6f:ce:8d:7f:b5:e5:38:c5:4b:a2:15:
43:a7:4c:c4:d0:bb:48:65:cc:ce:40:f2:79:3e:ec:2a:2a:25:
9f:d5:9b:b6:3e:71:83:9a:11:c6:20:65:48:cd:ab:83:ff:f3:
51:24:20:6d:6e:5d:7a:98:62:41:91:47:df:e4:8a:09:b0:0a:
b4:a7:61:bc:28:46:3b:1c:96:5e:23:a4:e1:cf:79:03:65:14:
51:9d:87:1c:38:a2:33:19:9b:9c:6a:4f:89:ee:f9:b0:e2:b0:
be:5d:e4:00:49:d7:11:a3:25:00:37:f3:29:8d:48:92:92:7e:
9e:b4:86:94:12:6b:94:0f:63:f9:4e:87:b7:b1:81:fe:30:86:
b8:d5:b4:ac:48:04:6f:b5:23:08:51:77:61:26:e8:fa:72:46:
bb:23:33:4b:42:cb:75:5a:df:05:60:1d:5a:00:7a:df:d5:ac:
ff:59:35:dc
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEG0tS+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2MyMDNlM2YzNjU5MjNhODQzZDMyMjAzMTdhMWM2OGNmNzRkZTBmMB4XDTIyMDMx
OTA4Mzk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U5N2NmNDI5NWU3
ZmU4ZjM3ZDc4YjI0MGYyYmJjNGIzMGM5MGRmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiIqHBDAMYoRP9+q/tsKB+hI+kJw4r3c0dGuypMF+9aCVfQ
qnFWVxbAh/7XUg3FD76FlRdMBiTq/21nYXkkfarLeN48YeYxFNNWSIlQuWBVanA8
YaabsAS7za7ZarqMBNpx2FDbShPo1iWfRPGoBo1Jo7H7hxs3UVIPyK/RwO4KkKpi
+fUhIp3z5iqiT/2GhL0MA71vTxGMxOxngezrFAqkuNMl1y+WvIkyyOx0rg8ezYIs
Q2r1MZ5XNsE2YXySJ/3uqhUAktHiCSDpgshnYN7VOjCOQkZ6QBwnvySGjJOwEuJs
5JQDIwSvFcdYDDsaocEgZmHoPuWCWNr92A44gn0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ+l89Clef+jzfXiyQPK7xLMMkN9DAfBgNVHSMEGDAWgBQXwgPj82WSOoQ9
MiAxehxoz3TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y4SUQ0X05sa2pxRVBUSWdNWG9jYU05MDNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvODlhZThlLTQ2NzQtNDU1ZC05ZjIzLWFjNjdhMzZlNGFhYi8x
L1BwZlBRcFhuX284MzE0c2tEeXU4U3pESkRmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ODlhZThlLTQ2NzQtNDU1ZC05ZjIzLWFjNjdhMzZlNGFhYi8xL0Y4SUQ0X05sa2px
RVBUSWdNWG9jYU05MDNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAF8AAxDANBgkqhkiG9w0BAQsF
AAOCAQEAkKCD3AS4IDukchSgsbD+q+6TEK5egM3UYCJ0izhy4Kg+fY92TLW2I+Rf
I8OlAmPOTBKWLIADGsQBPhK4wdqIW8mYqE2cfWpFEOiaNYjL72/OjX+15TjFS6IV
Q6dMxNC7SGXMzkDyeT7sKioln9Wbtj5xg5oRxiBlSM2rg//zUSQgbW5dephiQZFH
3+SKCbAKtKdhvChGOxyWXiOk4c95A2UUUZ2HHDiiMxmbnGpPie75sOKwvl3kAEnX
EaMlADfzKY1IkpJ+nrSGlBJrlA9j+U6Ht7GB/jCGuNW0rEgEb7UjCFF3YSbo+nJG
uyMzS0LLdVrfBWAdWgB639Ws/1k13A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:47 2023 by rpki-client on console-ams.rpki-client.org