Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a155c9-13e2-4b28-b682-47ea3f874355/1/gj9sqc44enbm01JMDaZ7e0cUCRU.roa
File: gj9sqc44enbm01JMDaZ7e0cUCRU.roa (raw, json)
Hash identifier: VqwoEuWYDCreFiLPtRqlDHMnYY269R1HwFjY7fELE7s=
Subject key identifier: 82:3F:6C:A9:CE:38:7A:76:E6:D3:52:4C:0D:A6:7B:7B:47:14:09:15
Certificate issuer: /CN=1024e66d7cba77b977685559c2481bb9044c5b75
Certificate serial: 1445C4C2
Authority key identifier: 10:24:E6:6D:7C:BA:77:B9:77:68:55:59:C2:48:1B:B9:04:4C:5B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECTmbXy6d7l3aFVZwkgbuQRMW3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a155c9-13e2-4b28-b682-47ea3f874355/1/gj9sqc44enbm01JMDaZ7e0cUCRU.roa
Signing time: Sat 01 Jan 2022 03:55:52 +0000
ROA not before: Sat 01 Jan 2022 03:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203881
IP address blocks: 2001:67c:2ea4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340116674 (0x1445c4c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1024e66d7cba77b977685559c2481bb9044c5b75
Validity
Not Before: Jan 1 03:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=823f6ca9ce387a76e6d3524c0da67b7b47140915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:df:c3:c8:9e:ee:32:8a:6f:cf:7c:29:2a:1f:
56:4e:76:47:81:40:70:e0:d2:f8:d7:12:61:8d:a9:
62:3c:81:61:88:49:84:e8:8f:99:79:ee:3d:f4:d9:
42:f4:fa:a1:ba:a1:99:2e:48:a7:b3:92:57:5b:4e:
7a:8e:5f:36:34:52:50:30:d8:9f:19:6f:31:e8:a1:
d8:c4:5e:7f:0a:87:1f:e6:03:06:02:24:1d:49:2d:
cb:91:7f:e3:ff:b1:d8:6e:6e:b2:de:94:81:82:a7:
2f:e3:8d:8c:2c:36:45:5e:eb:1f:d5:34:8e:24:09:
dd:6f:24:27:9f:b9:a8:47:ad:e4:19:88:7e:a5:7d:
b9:3b:39:7c:83:b6:47:cd:3a:db:a0:77:be:03:1b:
21:57:a0:f0:79:18:c4:7d:97:a7:94:c0:b0:d4:fd:
2b:40:9d:a6:12:00:93:77:a3:0e:47:a8:02:93:03:
b2:cf:20:ee:d9:92:69:93:b8:8e:52:71:f9:dc:61:
aa:13:a5:f8:8e:f7:33:1b:c5:a2:19:08:74:2a:9f:
05:d4:7a:e2:14:f5:5d:bb:82:6a:78:ca:2a:c8:ea:
07:84:10:70:0c:6e:90:18:01:f4:e4:ab:72:81:4d:
62:d8:57:23:90:d4:85:20:67:b9:8a:00:dc:64:a6:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3F:6C:A9:CE:38:7A:76:E6:D3:52:4C:0D:A6:7B:7B:47:14:09:15
X509v3 Authority Key Identifier:
keyid:10:24:E6:6D:7C:BA:77:B9:77:68:55:59:C2:48:1B:B9:04:4C:5B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECTmbXy6d7l3aFVZwkgbuQRMW3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a155c9-13e2-4b28-b682-47ea3f874355/1/gj9sqc44enbm01JMDaZ7e0cUCRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a155c9-13e2-4b28-b682-47ea3f874355/1/ECTmbXy6d7l3aFVZwkgbuQRMW3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ea4::/48
Signature Algorithm: sha256WithRSAEncryption
2d:04:1d:55:49:12:52:4d:46:0a:e0:80:d6:24:53:2f:61:4d:
ca:bb:28:3f:61:db:20:ee:d2:c7:01:8b:eb:d7:2b:a3:d5:33:
7b:25:80:41:4a:5b:b7:7c:49:68:b0:68:78:fa:b8:7f:71:11:
ac:30:91:19:29:17:a6:93:5e:73:dd:66:b9:85:f2:7a:5f:e4:
03:9e:96:27:de:92:ff:08:ed:de:37:a4:c0:ef:e2:05:4e:5e:
b8:ca:96:02:56:6c:79:33:7f:d8:36:37:d5:27:cb:68:c6:0f:
ae:c8:54:06:5a:60:ac:bb:7e:2a:03:65:85:41:cb:0d:d1:37:
57:38:b5:43:c5:aa:49:71:13:76:c4:25:a0:34:4e:17:5d:91:
b3:b4:cd:ac:7e:f7:67:22:63:40:e3:bd:44:dc:79:be:03:b9:
e5:dd:a0:e0:f1:82:4d:4d:bc:82:0a:22:63:3e:e6:46:4b:b4:
bd:dc:42:a9:c0:35:b9:91:31:c9:5e:fa:e5:01:08:02:a7:fa:
05:6e:d1:aa:c0:06:9a:05:6f:44:76:04:3f:6c:48:d6:8c:36:
82:55:88:df:fe:9e:1a:8b:8e:96:0d:a7:f3:0f:8c:b7:f0:88:
ab:c4:e7:92:6c:8a:17:3b:8a:fd:5e:18:1e:6a:04:b7:d5:2c:
d0:e5:d5:96
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFEXEwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDI0ZTY2ZDdjYmE3N2I5Nzc2ODU1NTljMjQ4MWJiOTA0NGM1Yjc1MB4XDTIyMDEw
MTAzNTU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIzZjZjYTljZTM4
N2E3NmU2ZDM1MjRjMGRhNjdiN2I0NzE0MDkxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDfw8ie7jKKb898KSofVk52R4FAcODS+NcSYY2pYjyBYYhJ
hOiPmXnuPfTZQvT6obqhmS5Ip7OSV1tOeo5fNjRSUDDYnxlvMeih2MRefwqHH+YD
BgIkHUkty5F/4/+x2G5ust6UgYKnL+ONjCw2RV7rH9U0jiQJ3W8kJ5+5qEet5BmI
fqV9uTs5fIO2R80626B3vgMbIVeg8HkYxH2Xp5TAsNT9K0CdphIAk3ejDkeoApMD
ss8g7tmSaZO4jlJx+dxhqhOl+I73MxvFohkIdCqfBdR64hT1XbuCanjKKsjqB4QQ
cAxukBgB9OSrcoFNYthXI5DUhSBnuYoA3GSmPSECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSCP2ypzjh6dubTUkwNpnt7RxQJFTAfBgNVHSMEGDAWgBQQJOZtfLp3uXdo
VVnCSBu5BExbdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VDVG1iWHk2ZDdsM2FGVlp3a2didVFSTVczVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvYTE1NWM5LTEzZTItNGIyOC1iNjgyLTQ3ZWEzZjg3NDM1NS8x
L2dqOXNxYzQ0ZW5ibTAxSk1EYVo3ZTBjVUNSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
YTE1NWM5LTEzZTItNGIyOC1iNjgyLTQ3ZWEzZjg3NDM1NS8xL0VDVG1iWHk2ZDds
M2FGVlp3a2didVFSTVczVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwupDANBgkqhkiG9w0BAQsF
AAOCAQEALQQdVUkSUk1GCuCA1iRTL2FNyrsoP2HbIO7SxwGL69cro9UzeyWAQUpb
t3xJaLBoePq4f3ERrDCRGSkXppNec91muYXyel/kA56WJ96S/wjt3jekwO/iBU5e
uMqWAlZseTN/2DY31SfLaMYPrshUBlpgrLt+KgNlhUHLDdE3Vzi1Q8WqSXETdsQl
oDROF12Rs7TNrH73ZyJjQOO9RNx5vgO55d2g4PGCTU28ggoiYz7mRku0vdxCqcA1
uZExyV765QEIAqf6BW7RqsAGmgVvRHYEP2xI1ow2glWI3/6eGouOlg2n8w+Mt/CI
q8TnkmyKFzuK/V4YHmoEt9Us0OXVlg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:55 2023 by rpki-client on console-ams.rpki-client.org