Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c2fcfa-7dc1-4200-899e-bc493d5cbb5c/1/kOqGr5iTLt281CZEsBf2vfFl4sg.roa
File: kOqGr5iTLt281CZEsBf2vfFl4sg.roa (raw, json)
Hash identifier: BbrEmLoXSxKdFaNAaO5QLs70hupDEhHLRA2cs4viY2c=
Subject key identifier: 90:EA:86:AF:98:93:2E:DD:BC:D4:26:44:B0:17:F6:BD:F1:65:E2:C8
Certificate issuer: /CN=3708e04fd7bf81b675dcbe7b29aa263c912078b6
Certificate serial: 01852C241F12436271B01ADBAC1CADFD31A2
Authority key identifier: 37:08:E0:4F:D7:BF:81:B6:75:DC:BE:7B:29:AA:26:3C:91:20:78:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NwjgT9e_gbZ13L57KaomPJEgeLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c2fcfa-7dc1-4200-899e-bc493d5cbb5c/1/kOqGr5iTLt281CZEsBf2vfFl4sg.roa
Signing time: Mon 19 Dec 2022 20:47:22 +0000
ROA not before: Mon 19 Dec 2022 20:47:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203269
IP address blocks: 2001:67c:428::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:24:1f:12:43:62:71:b0:1a:db:ac:1c:ad:fd:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3708e04fd7bf81b675dcbe7b29aa263c912078b6
Validity
Not Before: Dec 19 20:47:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90ea86af98932eddbcd42644b017f6bdf165e2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:a3:3e:22:97:13:b2:f4:a5:18:78:70:d5:
56:76:92:02:ff:e8:03:2e:c6:2c:6a:c7:ad:98:0d:
91:c6:d9:56:ab:f2:de:61:32:df:b0:a6:f8:52:4e:
15:9c:4e:7a:56:5a:e0:6f:26:8a:09:ae:7f:2c:54:
e0:26:ef:9c:2e:91:22:fd:5c:69:26:d5:a6:44:27:
b3:74:d4:ed:42:0f:4a:b4:e7:1b:e1:96:2d:ff:72:
df:1f:64:ae:68:4c:a8:2b:46:be:2d:65:f1:3b:cc:
0c:b1:ac:2e:26:3d:dc:a5:e2:3b:54:6a:14:8b:54:
96:40:39:d6:25:0e:51:85:86:82:77:5d:e6:e1:15:
ed:91:6f:a9:3e:16:17:95:c3:87:7e:0f:01:b2:eb:
99:58:50:f0:40:b5:6b:c6:f8:2a:b7:96:a5:5d:c1:
ca:da:ca:2a:55:42:e9:3e:66:59:6f:64:30:a1:89:
85:31:5e:0f:cc:29:ae:8a:ed:df:60:81:74:a1:d3:
f3:d7:72:49:2f:1b:86:55:fc:f9:e6:f2:e1:b2:9a:
e1:19:05:9a:c3:34:f9:7c:17:5c:6e:23:59:26:78:
df:85:9c:df:d5:b5:34:1c:d3:0c:5b:96:bb:b9:b1:
c2:6d:fd:53:27:aa:8d:d0:0a:1f:88:9b:5c:d0:1f:
70:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EA:86:AF:98:93:2E:DD:BC:D4:26:44:B0:17:F6:BD:F1:65:E2:C8
X509v3 Authority Key Identifier:
keyid:37:08:E0:4F:D7:BF:81:B6:75:DC:BE:7B:29:AA:26:3C:91:20:78:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NwjgT9e_gbZ13L57KaomPJEgeLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c2fcfa-7dc1-4200-899e-bc493d5cbb5c/1/kOqGr5iTLt281CZEsBf2vfFl4sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c2fcfa-7dc1-4200-899e-bc493d5cbb5c/1/NwjgT9e_gbZ13L57KaomPJEgeLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:428::/48
Signature Algorithm: sha256WithRSAEncryption
00:15:b2:b5:f3:01:38:f7:4f:9c:47:02:37:77:85:75:33:dd:
94:0c:48:f2:61:0a:eb:ea:33:94:d0:34:d0:bc:6e:bb:5b:43:
05:56:01:38:aa:9d:80:98:63:34:d0:9e:a5:8f:ad:8b:56:01:
d5:71:d8:44:d8:3a:1e:89:5e:f1:66:ca:a6:41:a9:ce:9b:42:
54:ec:74:44:44:5e:a4:b3:23:45:b9:ad:83:9b:da:0b:a1:81:
32:07:04:d5:72:0c:37:78:63:df:2f:be:38:67:01:74:1b:b7:
c5:e6:40:b4:84:20:d4:d7:69:1a:44:6f:6b:d2:2e:9b:d6:76:
05:46:ff:b5:c4:d9:b5:76:95:8d:01:eb:04:05:b0:ee:6c:4e:
c9:52:a9:09:7e:91:92:84:60:ed:dc:8e:2f:6b:bd:41:c3:55:
3e:a5:73:84:98:9e:f6:ce:01:d7:b7:1e:d8:f5:7f:6f:da:41:
28:56:7a:6f:22:05:96:e9:82:54:c3:a7:27:d9:d2:dc:82:0c:
96:f0:30:46:bc:0a:3f:3c:50:83:3a:ef:ad:b7:b2:4d:95:a0:
ae:94:c7:31:66:b8:1f:36:7b:8a:4d:14:ed:d8:92:a6:a9:38:
dd:59:67:60:cf:5e:a2:2e:cc:d5:6b:46:5a:45:dc:ed:50:1c:
2a:91:c1:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUsJB8SQ2JxsBrbrByt/TGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MDhlMDRmZDdiZjgxYjY3NWRjYmU3YjI5YWEyNjNjOTEy
MDc4YjYwHhcNMjIxMjE5MjA0NzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVhODZhZjk4OTMyZWRkYmNkNDI2NDRiMDE3ZjZiZGYxNjVlMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1WjPiKXE7L0pRh4cNVWdpIC/+gD
LsYsasetmA2RxtlWq/LeYTLfsKb4Uk4VnE56VlrgbyaKCa5/LFTgJu+cLpEi/Vxp
JtWmRCezdNTtQg9KtOcb4ZYt/3LfH2SuaEyoK0a+LWXxO8wMsawuJj3cpeI7VGoU
i1SWQDnWJQ5RhYaCd13m4RXtkW+pPhYXlcOHfg8BsuuZWFDwQLVrxvgqt5alXcHK
2soqVULpPmZZb2QwoYmFMV4PzCmuiu3fYIF0odPz13JJLxuGVfz55vLhsprhGQWa
wzT5fBdcbiNZJnjfhZzf1bU0HNMMW5a7ubHCbf1TJ6qN0AofiJtc0B9wDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJDqhq+Yky7dvNQmRLAX9r3xZeLIMB8GA1UdIwQY
MBaAFDcI4E/Xv4G2ddy+eymqJjyRIHi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTndqZ1Q5ZV9nYloxM0w1N0thb21QSkVnZUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMmZjZmEtN2RjMS00MjAwLTg5OWUt
YmM0OTNkNWNiYjVjLzEva09xR3I1aVRMdDI4MUNaRXNCZjJ2ZkZsNHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMmZjZmEtN2RjMS00MjAwLTg5OWUtYmM0OTNkNWNiYjVj
LzEvTndqZ1Q5ZV9nYloxM0w1N0thb21QSkVnZUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAQo
MA0GCSqGSIb3DQEBCwUAA4IBAQAAFbK18wE490+cRwI3d4V1M92UDEjyYQrr6jOU
0DTQvG67W0MFVgE4qp2AmGM00J6lj62LVgHVcdhE2DoeiV7xZsqmQanOm0JU7HRE
RF6ksyNFua2Dm9oLoYEyBwTVcgw3eGPfL744ZwF0G7fF5kC0hCDU12kaRG9r0i6b
1nYFRv+1xNm1dpWNAesEBbDubE7JUqkJfpGShGDt3I4va71Bw1U+pXOEmJ72zgHX
tx7Y9X9v2kEoVnpvIgWW6YJUw6cn2dLcggyW8DBGvAo/PFCDOu+tt7JNlaCulMcx
ZrgfNnuKTRTt2JKmqTjdWWdgz16iLszVa0ZaRdztUBwqkcGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org