Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3qr5wkgjhWCH6m0mSbUs3NpwHGk.roa
File: 3qr5wkgjhWCH6m0mSbUs3NpwHGk.roa (raw, json)
Hash identifier: +jYqpd3HF8sphhttvma3v7IEjjyh92UWOVoP6lOc1Ig=
Subject key identifier: DE:AA:F9:C2:48:23:85:60:87:EA:6D:26:49:B5:2C:DC:DA:70:1C:69
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 059AC7B3
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3qr5wkgjhWCH6m0mSbUs3NpwHGk.roa
Signing time: Sat 01 Jan 2022 07:03:59 +0000
ROA not before: Sat 01 Jan 2022 07:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43443
IP address blocks: 2a03:9c00:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94029747 (0x59ac7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=deaaf9c24823856087ea6d2649b52cdcda701c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9d:dd:2b:e5:47:dd:1a:56:3c:3b:01:b4:df:
46:af:30:d1:2b:a7:e3:70:cd:03:ea:c4:5b:bc:a4:
a8:08:d3:54:1d:d9:a8:bb:8f:84:cb:c6:8c:25:fc:
b1:0a:80:cc:e6:47:8f:62:92:25:41:ce:c5:4a:81:
59:27:2f:b0:8a:36:72:13:c8:11:92:63:10:8f:b0:
2d:e0:5f:db:1b:1c:8e:b2:f6:50:3a:1f:08:29:73:
74:12:dd:61:55:00:93:f8:de:b0:aa:5c:17:75:67:
13:8b:44:0e:c4:5e:13:0a:23:11:c6:ef:0f:50:32:
d9:48:ae:5d:c8:20:f2:83:89:fb:76:b9:1e:28:1c:
95:aa:1d:a1:b6:9e:a4:f8:6a:12:59:15:45:94:9a:
41:cd:b8:ca:44:88:f5:05:7e:ad:7c:e3:81:5e:eb:
4e:28:21:3a:54:34:1f:2b:25:40:cf:43:7c:af:e0:
85:5e:a5:f4:96:c9:33:67:78:4a:d2:15:88:6a:69:
06:ce:14:fe:11:7d:d1:43:cd:bf:34:d5:be:73:ef:
9e:9b:5d:03:25:b3:16:26:3b:af:59:d6:0d:5a:91:
29:53:83:52:bb:c4:69:f5:41:d9:3e:c2:8e:e3:f8:
ab:31:20:05:9a:3c:43:60:f7:42:34:43:aa:e3:d5:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AA:F9:C2:48:23:85:60:87:EA:6D:26:49:B5:2C:DC:DA:70:1C:69
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3qr5wkgjhWCH6m0mSbUs3NpwHGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:a::/48
Signature Algorithm: sha256WithRSAEncryption
9b:b7:cb:15:aa:6a:a7:37:15:7b:56:87:93:b6:08:3c:99:65:
85:25:74:40:53:05:d0:94:e9:2a:34:ca:c3:54:36:12:0f:72:
76:8a:f8:e7:fb:4f:dc:ec:f2:18:47:90:10:52:7d:e8:15:c8:
47:f8:2e:ba:a1:3a:9c:4f:0c:0f:b3:9d:f8:0f:85:b5:a3:ee:
b8:f1:48:68:fc:b4:6d:3e:03:60:da:bd:66:4e:c1:48:fc:08:
9c:56:19:bd:24:1a:85:00:b0:3e:1e:b8:ea:1d:f8:e5:d3:fb:
ff:07:bc:fb:54:6b:51:66:23:63:de:6f:93:5e:7b:8a:a3:65:
e9:5e:73:8a:1d:20:79:6d:df:b1:c5:3c:eb:bf:a0:9c:59:21:
22:e6:fd:2d:1a:0e:3d:97:75:c2:4a:37:c4:f7:c5:25:ba:c6:
46:16:f8:7d:94:45:93:3f:d6:90:b9:f2:89:14:51:da:84:57:
4b:cd:83:69:1c:62:52:d3:c3:48:73:be:51:25:a7:10:19:13:
6a:0e:2b:ba:79:28:12:a9:11:02:55:20:0e:1c:37:d9:1a:74:
26:64:b5:29:aa:de:4a:0e:57:ae:e8:c6:5b:c3:36:f6:ba:28:
9d:94:ba:b1:5c:83:83:dc:4c:fa:fe:93:16:3c:7f:b8:96:f6:
41:57:b1:80
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBZrHszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVhYWY5YzI0ODIz
ODU2MDg3ZWE2ZDI2NDliNTJjZGNkYTcwMWM2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyd3SvlR90aVjw7AbTfRq8w0Sun43DNA+rEW7ykqAjTVB3Z
qLuPhMvGjCX8sQqAzOZHj2KSJUHOxUqBWScvsIo2chPIEZJjEI+wLeBf2xscjrL2
UDofCClzdBLdYVUAk/jesKpcF3VnE4tEDsReEwojEcbvD1Ay2UiuXcgg8oOJ+3a5
HigclaodobaepPhqElkVRZSaQc24ykSI9QV+rXzjgV7rTighOlQ0HyslQM9DfK/g
hV6l9JbJM2d4StIViGppBs4U/hF90UPNvzTVvnPvnptdAyWzFiY7r1nWDVqRKVOD
UrvEafVB2T7CjuP4qzEgBZo8Q2D3QjRDquPV+ssCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTeqvnCSCOFYIfqbSZJtSzc2nAcaTAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
LzNxcjV3a2dqaFdDSDZtMG1TYlVzM05wd0hHay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDnAAACjANBgkqhkiG9w0BAQsF
AAOCAQEAm7fLFapqpzcVe1aHk7YIPJllhSV0QFMF0JTpKjTKw1Q2Eg9ydor45/tP
3OzyGEeQEFJ96BXIR/guuqE6nE8MD7Od+A+FtaPuuPFIaPy0bT4DYNq9Zk7BSPwI
nFYZvSQahQCwPh646h345dP7/we8+1RrUWYjY95vk157iqNl6V5zih0geW3fscU8
67+gnFkhIub9LRoOPZd1wko3xPfFJbrGRhb4fZRFkz/WkLnyiRRR2oRXS82DaRxi
UtPDSHO+USWnEBkTag4runkoEqkRAlUgDhw32Rp0JmS1KareSg5XrujGW8M29roo
nZS6sVyDg9xM+v6TFjx/uJb2QVexgA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-fra.rpki-client.org