Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/dpFSX4XLrdQp93R2l8g_VtI0YAY.roa
File: dpFSX4XLrdQp93R2l8g_VtI0YAY.roa (raw, json)
Hash identifier: tjYDKxYcoHkTLgRLgDV3nRR8A/qReObBpt1FBKdrblg=
Subject key identifier: 76:91:52:5F:85:CB:AD:D4:29:F7:74:76:97:C8:3F:56:D2:34:60:06
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 0A5BA283
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/dpFSX4XLrdQp93R2l8g_VtI0YAY.roa
Signing time: Sat 01 Jan 2022 06:57:17 +0000
ROA not before: Sat 01 Jan 2022 06:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200299
IP address blocks: 2a09:3a00:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173777539 (0xa5ba283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Jan 1 06:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7691525f85cbadd429f7747697c83f56d2346006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:be:a3:f1:02:78:da:4a:8c:81:ee:f9:20:4d:
fb:70:c8:be:49:a7:20:04:67:5f:19:7b:66:4c:11:
75:21:63:0b:14:3e:14:f9:cc:9e:e8:08:8b:b0:40:
79:36:ff:1d:7c:8e:96:67:b7:68:4c:b3:ab:1f:7d:
88:87:b8:68:51:4f:79:b8:6c:78:13:d2:f3:69:37:
43:9a:23:da:89:54:31:11:7f:37:9f:48:03:62:30:
7d:f8:d6:f0:84:16:47:58:c3:dc:23:1f:19:f8:2f:
d1:f0:ef:92:02:64:d8:10:43:8d:bc:8e:c0:69:ea:
43:e0:89:c2:2e:4f:fc:ca:c0:f2:d1:7e:ff:37:19:
14:b9:91:da:57:22:58:e1:73:19:67:9f:48:85:b9:
bd:a6:85:dd:e6:56:1e:a1:12:ff:6b:18:e7:7c:57:
da:67:eb:08:02:14:ef:2d:b0:92:2b:ac:16:79:c5:
56:fb:bf:8f:ae:81:c3:cc:0a:ae:c1:51:de:8e:c0:
1a:4c:67:0b:f7:d4:6a:82:94:17:c2:15:55:4d:52:
0b:5d:32:11:f4:92:e2:6b:b3:16:ff:6d:59:36:fd:
5a:70:39:e0:59:4d:50:cf:ac:50:95:68:b8:9b:7c:
f0:26:4f:73:95:99:71:ac:12:c7:31:bf:1c:d7:37:
d4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:91:52:5F:85:CB:AD:D4:29:F7:74:76:97:C8:3F:56:D2:34:60:06
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/dpFSX4XLrdQp93R2l8g_VtI0YAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3a00:2000::/48
Signature Algorithm: sha256WithRSAEncryption
21:02:77:ca:2a:02:6c:47:bd:98:4a:7c:f7:9f:21:49:3f:b7:
75:b6:e9:6d:26:c4:6f:ff:81:9f:e3:5d:99:ea:fa:22:62:5a:
ba:46:90:88:b3:fb:dc:86:5c:7c:d3:a5:bd:80:b3:b4:f0:19:
5d:ee:c5:87:70:80:fa:5f:6a:ae:7a:a4:45:fb:4b:ca:23:23:
25:0f:b1:e7:de:c2:43:3b:2a:4c:29:3a:f6:23:30:11:8d:40:
70:e2:7e:06:03:29:62:ee:aa:69:ae:5c:42:59:47:c8:3d:2f:
b2:ea:ca:9b:c8:9f:da:42:8e:37:75:8f:4e:1e:c0:a1:9c:f7:
db:d8:39:40:8e:e1:06:49:0c:b9:24:4d:e0:07:19:77:0e:96:
55:3f:ce:e9:08:1e:d9:df:df:ff:b0:d8:2c:b4:53:c8:6d:4a:
cd:19:d2:1f:1d:8e:5c:7c:04:ca:0d:5e:ab:25:73:47:83:6e:
c6:4e:20:e1:b9:69:52:74:70:a0:b8:db:49:9b:79:18:4c:b6:
9e:39:8c:e5:03:8b:ff:5f:a5:7f:27:13:34:18:65:72:d8:59:
bc:e4:64:e8:11:30:64:f5:b0:6b:9b:20:4f:74:3c:2f:b6:cf:
45:da:f3:9c:f0:dc:db:e1:14:cb:ad:20:5e:86:1b:41:23:e0:
88:85:0b:9d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECluigzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTFiYWQ5NTI3Njk0N2M3YmU1MzZhZjRjODcwYTM3MjFmMGI3NzYxMB4XDTIyMDEw
MTA2NTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY5MTUyNWY4NWNi
YWRkNDI5Zjc3NDc2OTdjODNmNTZkMjM0NjAwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJO+o/ECeNpKjIHu+SBN+3DIvkmnIARnXxl7ZkwRdSFjCxQ+
FPnMnugIi7BAeTb/HXyOlme3aEyzqx99iIe4aFFPebhseBPS82k3Q5oj2olUMRF/
N59IA2IwffjW8IQWR1jD3CMfGfgv0fDvkgJk2BBDjbyOwGnqQ+CJwi5P/MrA8tF+
/zcZFLmR2lciWOFzGWefSIW5vaaF3eZWHqES/2sY53xX2mfrCAIU7y2wkiusFnnF
Vvu/j66Bw8wKrsFR3o7AGkxnC/fUaoKUF8IVVU1SC10yEfSS4muzFv9tWTb9WnA5
4FlNUM+sUJVouJt88CZPc5WZcawSxzG/HNc31JMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR2kVJfhcut1Cn3dHaXyD9W0jRgBjAfBgNVHSMEGDAWgBRlG62VJ2lHx75T
avTIcKNyHwt3YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pSdXRsU2RwUjhlLVUycjB5SENqY2g4TGQyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvMWRiZDZiLTM1Y2MtNGYwOS1iOTJlLTE5OGI2YTYxY2U4NS8x
L2RwRlNYNFhMcmRRcDkzUjJsOGdfVnRJMFlBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
MWRiZDZiLTM1Y2MtNGYwOS1iOTJlLTE5OGI2YTYxY2U4NS8xL1pSdXRsU2RwUjhl
LVUycjB5SENqY2g4TGQyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJOgAgADANBgkqhkiG9w0BAQsF
AAOCAQEAIQJ3yioCbEe9mEp8958hST+3dbbpbSbEb/+Bn+Ndmer6ImJaukaQiLP7
3IZcfNOlvYCztPAZXe7Fh3CA+l9qrnqkRftLyiMjJQ+x597CQzsqTCk69iMwEY1A
cOJ+BgMpYu6qaa5cQllHyD0vsurKm8if2kKON3WPTh7AoZz329g5QI7hBkkMuSRN
4AcZdw6WVT/O6Qge2d/f/7DYLLRTyG1KzRnSHx2OXHwEyg1eqyVzR4Nuxk4g4blp
UnRwoLjbSZt5GEy2njmM5QOL/1+lfycTNBhlcthZvORk6BEwZPWwa5sgT3Q8L7bP
RdrznPDc2+EUy60gXoYbQSPgiIULnQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-ams.rpki-client.org