Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/9BGtUIJHpFLgVumIW_neMc-8dt4.roa
File: 9BGtUIJHpFLgVumIW_neMc-8dt4.roa (raw, json)
Hash identifier: nMq2Te8vrkA0yLwobKOLxus0KgcS72zD9gdj/AmSGD0=
Subject key identifier: F4:11:AD:50:82:47:A4:52:E0:56:E9:88:5B:F9:DE:31:CF:BC:76:DE
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 0F9A6B89
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/9BGtUIJHpFLgVumIW_neMc-8dt4.roa
Signing time: Sat 01 Jan 2022 03:57:22 +0000
ROA not before: Sat 01 Jan 2022 03:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47543
IP address blocks: 2001:678:1c8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261778313 (0xf9a6b89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Jan 1 03:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f411ad508247a452e056e9885bf9de31cfbc76de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:2f:d6:59:22:ad:15:f5:f9:af:a0:44:4a:
44:0c:33:16:78:b9:c4:d2:b7:97:34:cb:5d:db:f2:
42:5f:30:2f:49:33:76:bc:d4:6b:a1:0f:fd:46:ff:
32:ad:f3:ac:27:bf:c5:1d:f4:de:22:87:2a:b0:b1:
3d:75:90:fa:d2:23:ce:26:c3:24:2c:64:58:c9:2c:
06:5f:00:1d:70:63:10:7e:5a:6f:00:ab:a6:03:88:
95:34:ff:b1:28:82:c7:83:bc:df:c2:b6:00:2f:19:
2a:11:db:32:cc:7a:32:dd:fb:af:e2:49:cc:6e:46:
f9:ec:ee:75:17:ea:53:d9:1f:49:aa:bc:3c:09:3d:
18:d8:02:29:e4:7a:3c:f9:42:0f:08:60:6b:26:4a:
09:51:7e:e6:86:56:8b:12:d2:c0:c2:0d:c3:45:2c:
73:4b:b2:1d:02:3d:4e:8b:05:47:e5:2c:91:9e:49:
ba:34:01:05:cf:fe:d6:b8:b0:c2:75:38:9a:e3:6f:
c5:a2:6e:34:88:45:11:2e:c6:31:5e:75:1a:66:e8:
9a:b5:3d:12:e7:ac:06:5d:4c:cd:d9:b6:34:8c:fc:
b4:92:af:a5:ea:8c:14:7d:97:4b:f5:99:98:fa:ed:
c2:09:b4:88:c7:f7:37:bc:55:88:3f:a8:08:d5:e8:
c7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:11:AD:50:82:47:A4:52:E0:56:E9:88:5B:F9:DE:31:CF:BC:76:DE
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/9BGtUIJHpFLgVumIW_neMc-8dt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1c8::/48
Signature Algorithm: sha256WithRSAEncryption
c1:76:13:b6:b3:12:c1:b9:7d:18:2c:9b:60:9b:88:22:a9:77:
61:5e:af:93:b7:86:fd:12:2d:7b:62:4f:03:bf:16:b9:00:9a:
5a:79:70:c5:af:51:b4:aa:9f:74:83:27:19:2e:b6:c3:61:e9:
f4:63:5f:f4:5a:1e:81:10:83:3f:82:ba:b5:d3:f0:96:94:cc:
d0:1e:20:10:81:6d:49:57:cd:29:aa:6d:a7:b3:f4:62:4a:af:
21:ca:12:21:be:1a:c5:fd:80:8f:bb:de:4b:f0:00:b7:5c:3f:
08:49:ae:c5:ff:bf:50:7b:9c:8d:ed:ab:6d:6b:de:7b:7d:63:
fe:aa:c7:33:4e:cf:e0:fd:ce:bb:70:bc:33:06:90:6b:b6:e6:
52:eb:48:f3:04:8e:dd:9b:c9:70:72:c0:48:fd:1a:73:77:15:
f2:68:82:81:d8:a2:44:dd:1d:ea:0f:c4:ff:78:ab:df:b8:0e:
48:b4:e9:f1:5c:85:5a:7a:3a:f7:cb:9f:4f:e1:9d:68:e9:4e:
50:d6:1a:95:08:f9:3c:3a:52:cc:cf:92:08:8c:1c:c0:33:55:
37:2b:62:03:65:97:6f:f4:92:01:a9:cb:94:64:f2:86:61:27:
50:26:15:90:21:9a:70:ec:71:72:ff:6a:61:d5:33:d0:ca:21:
9b:2c:60:95
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED5priTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTQ4ZTAzM2RlYjY0YWM0MjQzYzcyY2U4OTlkNTM4MjJkZjY5OTZkMB4XDTIyMDEw
MTAzNTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQxMWFkNTA4MjQ3
YTQ1MmUwNTZlOTg4NWJmOWRlMzFjZmJjNzZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXyL9ZZIq0V9fmvoERKRAwzFni5xNK3lzTLXdvyQl8wL0kz
drzUa6EP/Ub/Mq3zrCe/xR303iKHKrCxPXWQ+tIjzibDJCxkWMksBl8AHXBjEH5a
bwCrpgOIlTT/sSiCx4O838K2AC8ZKhHbMsx6Mt37r+JJzG5G+ezudRfqU9kfSaq8
PAk9GNgCKeR6PPlCDwhgayZKCVF+5oZWixLSwMINw0Usc0uyHQI9TosFR+UskZ5J
ujQBBc/+1riwwnU4muNvxaJuNIhFES7GMV51GmbomrU9EuesBl1Mzdm2NIz8tJKv
peqMFH2XS/WZmPrtwgm0iMf3N7xViD+oCNXox0MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT0Ea1QgkekUuBW6Yhb+d4xz7x23jAfBgNVHSMEGDAWgBQ6SOAz3rZKxCQ8
cs6JnVOCLfaZbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09ramdNOTYyU3NRa1BITE9pWjFUZ2kzMm1XMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvN2ZhN2IwLWFjZTQtNDkyZC04ZTkxLWM1MzIxZGM5ZTY0Yi8x
LzlCR3RVSUpIcEZMZ1Z1bUlXX25lTWMtOGR0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
N2ZhN2IwLWFjZTQtNDkyZC04ZTkxLWM1MzIxZGM5ZTY0Yi8xL09ramdNOTYyU3NR
a1BITE9pWjFUZ2kzMm1XMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngByDANBgkqhkiG9w0BAQsF
AAOCAQEAwXYTtrMSwbl9GCybYJuIIql3YV6vk7eG/RIte2JPA78WuQCaWnlwxa9R
tKqfdIMnGS62w2Hp9GNf9FoegRCDP4K6tdPwlpTM0B4gEIFtSVfNKaptp7P0Ykqv
IcoSIb4axf2Aj7veS/AAt1w/CEmuxf+/UHucje2rbWvee31j/qrHM07P4P3Ou3C8
MwaQa7bmUutI8wSO3ZvJcHLASP0ac3cV8miCgdiiRN0d6g/E/3ir37gOSLTp8VyF
Wno698ufT+GdaOlOUNYalQj5PDpSzM+SCIwcwDNVNytiA2WXb/SSAanLlGTyhmEn
UCYVkCGacOxxcv9qYdUz0MohmyxglQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:56 2023 by rpki-client on console-fra.rpki-client.org