Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/caP5BfJ7CLRUPAw85EVGYsl2VYM.roa
File: caP5BfJ7CLRUPAw85EVGYsl2VYM.roa (raw, json)
Hash identifier: S09QOrca+2m5qgjji4klouZrWFKfqipwreA7kbQ3wVI=
Subject key identifier: 71:A3:F9:05:F2:7B:08:B4:54:3C:0C:3C:E4:45:46:62:C9:76:55:83
Certificate issuer: /CN=0d8fc8df84fbf2ab40412e6d4adff7c1b84a5b2f
Certificate serial: E134
Authority key identifier: 0D:8F:C8:DF:84:FB:F2:AB:40:41:2E:6D:4A:DF:F7:C1:B8:4A:5B:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY_I34T78qtAQS5tSt_3wbhKWy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/caP5BfJ7CLRUPAw85EVGYsl2VYM.roa
Signing time: Thu 03 Feb 2022 18:15:41 +0000
ROA not before: Thu 03 Feb 2022 18:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208985
IP address blocks: 2001:67c:914::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57652 (0xe134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8fc8df84fbf2ab40412e6d4adff7c1b84a5b2f
Validity
Not Before: Feb 3 18:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71a3f905f27b08b4543c0c3ce4454662c9765583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:51:27:d2:9e:23:ef:94:fb:7b:0d:aa:c7:
7f:62:5c:8d:59:18:76:a9:45:cd:2a:44:74:62:ca:
49:99:38:df:2e:a7:e9:86:48:7c:f5:bb:4d:cc:5f:
20:d9:17:ca:6b:97:84:d3:db:3d:0a:1f:30:3d:bf:
5e:72:ad:61:90:70:85:e5:b7:83:b1:fb:84:6f:b1:
fa:38:da:b0:c0:76:08:01:cf:7b:54:df:db:e2:0f:
70:d1:1b:47:14:d2:7c:74:77:fb:e2:ee:57:87:5a:
2d:2b:82:74:64:0b:04:2f:f7:e9:92:d4:7c:d3:e4:
dd:e6:e1:a9:ee:0e:80:17:86:88:af:eb:b0:3d:c8:
ab:b8:2a:cd:8a:37:91:c5:a2:f4:2c:72:5f:c2:ae:
06:7a:0f:fd:46:c3:f4:cc:52:88:ea:1a:e0:0c:02:
d8:8c:11:60:c0:0f:a2:25:0e:26:e1:8a:fc:5c:9e:
5a:d1:1e:c6:03:b0:6b:f9:c7:93:b4:95:18:7d:45:
33:66:a2:1b:7f:e3:da:a0:6c:26:54:d6:e9:20:36:
34:f3:f9:0e:69:1a:5c:02:22:87:a9:3b:cb:ef:54:
0d:b0:c7:17:eb:a9:0d:7c:21:11:77:95:53:7a:91:
1f:76:90:d8:86:fb:fb:36:ac:6f:67:d2:cd:2c:6d:
74:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A3:F9:05:F2:7B:08:B4:54:3C:0C:3C:E4:45:46:62:C9:76:55:83
X509v3 Authority Key Identifier:
keyid:0D:8F:C8:DF:84:FB:F2:AB:40:41:2E:6D:4A:DF:F7:C1:B8:4A:5B:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY_I34T78qtAQS5tSt_3wbhKWy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/caP5BfJ7CLRUPAw85EVGYsl2VYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ece2eb-83fa-476b-ab98-688762bb985e/1/DY_I34T78qtAQS5tSt_3wbhKWy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:914::/48
Signature Algorithm: sha256WithRSAEncryption
4c:1a:58:bc:4c:2f:5f:fc:f1:bc:c8:27:55:9b:a7:e2:52:f7:
dc:57:3a:85:47:2e:19:cd:84:d9:ce:90:e2:4c:d7:3d:96:95:
71:6c:61:e7:a6:92:7f:6d:b0:6d:2f:84:f0:0a:d0:a6:7a:ca:
2f:df:60:ac:29:9c:70:a9:f1:d4:87:8a:1a:05:90:68:89:b6:
33:dc:a7:99:24:e8:84:49:47:93:f3:b9:a6:c3:99:70:34:64:
84:96:22:81:23:47:b1:ad:09:5a:ad:c8:49:66:70:e8:71:56:
83:fb:01:9e:eb:14:c6:6c:e5:b3:20:53:4a:2b:58:8c:78:40:
b2:ca:94:6c:23:62:fa:a7:91:7b:f1:19:b9:a3:9b:1a:9d:0a:
69:1f:84:c6:d8:e6:35:d0:26:80:1f:9b:62:9e:e2:bb:cd:10:
2a:d0:11:38:8b:6f:1e:a8:06:d9:35:2d:b8:64:8c:ce:15:b1:
75:ce:02:d4:71:76:b3:e7:30:3f:a4:af:5a:7e:03:bb:40:71:
80:dd:07:90:12:08:1c:e4:e7:e8:ee:72:6c:8d:74:33:2a:38:
90:c2:17:56:64:bb:01:f9:00:fa:df:27:a3:44:e3:60:c2:45:
e1:01:67:af:33:fa:19:15:83:c0:a1:d2:7a:9e:5c:aa:ed:8d:
87:43:90:d6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAOE0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
OGZjOGRmODRmYmYyYWI0MDQxMmU2ZDRhZGZmN2MxYjg0YTViMmYwHhcNMjIwMjAz
MTgxNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MWEzZjkwNWYyN2Iw
OGI0NTQzYzBjM2NlNDQ1NDY2MmM5NzY1NTgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq+NRJ9KeI++U+3sNqsd/YlyNWRh2qUXNKkR0YspJmTjfLqfp
hkh89btNzF8g2RfKa5eE09s9Ch8wPb9ecq1hkHCF5beDsfuEb7H6ONqwwHYIAc97
VN/b4g9w0RtHFNJ8dHf74u5Xh1otK4J0ZAsEL/fpktR80+Td5uGp7g6AF4aIr+uw
PciruCrNijeRxaL0LHJfwq4Geg/9RsP0zFKI6hrgDALYjBFgwA+iJQ4m4Yr8XJ5a
0R7GA7Br+ceTtJUYfUUzZqIbf+PaoGwmVNbpIDY08/kOaRpcAiKHqTvL71QNsMcX
66kNfCERd5VTepEfdpDYhvv7NqxvZ9LNLG10qwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFHGj+QXyewi0VDwMPORFRmLJdlWDMB8GA1UdIwQYMBaAFA2PyN+E+/KrQEEu
bUrf98G4SlsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFlfSTM0VDc4cXRBUVM1dFN0XzN3YmhLV3k4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMy9lY2UyZWItODNmYS00NzZiLWFiOTgtNjg4NzYyYmI5ODVlLzEv
Y2FQNUJmSjdDTFJVUEF3ODVFVkdZc2wyVllNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9l
Y2UyZWItODNmYS00NzZiLWFiOTgtNjg4NzYyYmI5ODVlLzEvRFlfSTM0VDc4cXRB
UVM1dFN0XzN3YmhLV3k4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAkUMA0GCSqGSIb3DQEBCwUA
A4IBAQBMGli8TC9f/PG8yCdVm6fiUvfcVzqFRy4ZzYTZzpDiTNc9lpVxbGHnppJ/
bbBtL4TwCtCmesov32CsKZxwqfHUh4oaBZBoibYz3KeZJOiESUeT87mmw5lwNGSE
liKBI0exrQlarchJZnDocVaD+wGe6xTGbOWzIFNKK1iMeECyypRsI2L6p5F78Rm5
o5sanQppH4TG2OY10CaAH5tinuK7zRAq0BE4i28eqAbZNS24ZIzOFbF1zgLUcXaz
5zA/pK9afgO7QHGA3QeQEggc5Ofo7nJsjXQzKjiQwhdWZLsB+QD63yejRONgwkXh
AWevM/oZFYPAodJ6nlyq7Y2HQ5DW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:32 2023 by rpki-client on console-fra.rpki-client.org