Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Z3ORR6Gb6J1plDfxE9dbXwMNpqw.roa
File: Z3ORR6Gb6J1plDfxE9dbXwMNpqw.roa (raw, json)
Hash identifier: aKXIS+r/lEnx9q47KQ4y3h0OX6Iy4W+Ga1cGBHDdEi0=
Subject key identifier: 67:73:91:47:A1:9B:E8:9D:69:94:37:F1:13:D7:5B:5F:03:0D:A6:AC
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 06056DC7
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Z3ORR6Gb6J1plDfxE9dbXwMNpqw.roa
Signing time: Sat 01 Jan 2022 16:01:23 +0000
ROA not before: Sat 01 Jan 2022 16:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210972
IP address blocks: 2a0d:f407:1009::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101019079 (0x6056dc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 16:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67739147a19be89d699437f113d75b5f030da6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:48:c7:73:8d:23:0b:55:0b:92:ee:8b:4c:c1:
f1:f5:6a:7b:21:3d:69:fb:16:62:ab:6d:04:af:20:
d9:07:fb:7e:ac:3c:9d:bc:60:37:b6:ea:9a:7f:3a:
18:8e:1b:4e:4c:05:c0:60:39:45:7c:eb:87:5f:82:
07:06:81:53:bb:55:4b:d9:98:92:48:de:e1:a6:75:
02:0a:6a:a1:32:21:79:0c:6c:c0:5a:14:7b:f5:ec:
7c:98:de:17:76:c7:75:32:c4:6f:4b:9e:a8:6c:4b:
88:57:0a:1a:b9:d9:99:5e:15:b2:61:69:80:3e:8a:
f1:42:31:1f:96:0e:18:77:c3:b9:db:b8:b6:78:64:
8f:8d:1b:08:37:64:72:81:f4:22:72:57:a6:64:ed:
bc:40:c2:02:97:ef:0f:83:0e:69:38:da:a8:37:a1:
a2:46:eb:48:47:83:3f:50:20:fb:02:c2:32:7d:b6:
1b:d3:88:7e:85:e1:cc:a9:4a:2f:e1:1f:92:88:9f:
49:37:97:fd:ec:79:5d:8c:0f:0a:08:77:ad:71:1d:
2f:e9:94:40:37:56:d1:41:03:ca:a6:cd:56:ed:66:
a5:4e:c8:9a:6a:4a:75:af:68:a2:6c:20:23:6b:cc:
73:f9:3d:b4:31:4e:06:df:ba:8e:53:b4:c8:c6:ff:
34:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:73:91:47:A1:9B:E8:9D:69:94:37:F1:13:D7:5B:5F:03:0D:A6:AC
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Z3ORR6Gb6J1plDfxE9dbXwMNpqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:1009::/48
Signature Algorithm: sha256WithRSAEncryption
0e:64:bb:f4:60:60:b6:c9:53:44:46:74:f3:24:e6:04:16:12:
ed:4a:4c:fa:e2:ba:dc:f6:78:86:31:d9:9d:fb:9b:2a:92:fc:
73:63:1a:a5:e6:bb:1b:87:72:49:0a:82:26:bb:99:50:7e:df:
7a:9f:95:95:9a:da:3f:c2:70:e9:39:63:e2:04:ff:64:2a:37:
36:ad:11:4f:b5:02:71:94:02:e1:d4:5f:ab:e4:3d:bc:bc:21:
63:5d:4b:e7:cb:c8:79:98:b4:c6:4a:a8:16:38:7f:2b:b7:b3:
74:92:65:dc:53:f0:87:9e:1e:4d:52:3f:6a:cc:68:d1:79:42:
1d:97:28:8a:17:88:15:05:c4:30:83:35:21:07:21:21:74:32:
7a:81:23:22:d1:1d:6d:91:0b:db:4d:01:df:23:81:d9:ed:bc:
6b:07:9b:44:55:c7:07:e5:59:53:dc:c1:89:fc:3a:fa:07:db:
a3:d8:f3:c0:f0:e5:1a:c1:f1:88:c3:df:b2:28:33:b5:35:ec:
2d:55:64:81:94:37:f5:f8:c2:0f:b2:18:fd:a8:97:55:62:40:
4e:d5:50:51:0f:76:94:51:92:11:75:2d:c1:cf:b4:64:ff:e5:
96:af:06:db:3e:66:ae:d1:d2:8e:61:8c:29:cf:19:f6:c5:5b:
1d:50:5c:86
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBgVtxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDEw
MTE2MDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc3MzkxNDdhMTli
ZTg5ZDY5OTQzN2YxMTNkNzViNWYwMzBkYTZhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlIx3ONIwtVC5Lui0zB8fVqeyE9afsWYqttBK8g2Qf7fqw8
nbxgN7bqmn86GI4bTkwFwGA5RXzrh1+CBwaBU7tVS9mYkkje4aZ1AgpqoTIheQxs
wFoUe/XsfJjeF3bHdTLEb0ueqGxLiFcKGrnZmV4VsmFpgD6K8UIxH5YOGHfDudu4
tnhkj40bCDdkcoH0InJXpmTtvEDCApfvD4MOaTjaqDehokbrSEeDP1Ag+wLCMn22
G9OIfoXhzKlKL+EfkoifSTeX/ex5XYwPCgh3rXEdL+mUQDdW0UEDyqbNVu1mpU7I
mmpKda9oomwgI2vMc/k9tDFOBt+6jlO0yMb/NG8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRnc5FHoZvonWmUN/ET11tfAw2mrDAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
L1ozT1JSNkdiNkoxcGxEZnhFOWRiWHdNTnBxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN9AcQCTANBgkqhkiG9w0BAQsF
AAOCAQEADmS79GBgtslTREZ08yTmBBYS7UpM+uK63PZ4hjHZnfubKpL8c2Mapea7
G4dySQqCJruZUH7fep+VlZraP8Jw6Tlj4gT/ZCo3Nq0RT7UCcZQC4dRfq+Q9vLwh
Y11L58vIeZi0xkqoFjh/K7ezdJJl3FPwh54eTVI/asxo0XlCHZcoiheIFQXEMIM1
IQchIXQyeoEjItEdbZEL200B3yOB2e28awebRFXHB+VZU9zBifw6+gfbo9jzwPDl
GsHxiMPfsigztTXsLVVkgZQ39fjCD7IY/aiXVWJATtVQUQ92lFGSEXUtwc+0ZP/l
lq8G2z5mrtHSjmGMKc8Z9sVbHVBchg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org