Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b737f6-304b-4c4f-b887-71108258f1b9/1/aO8b4jqF0OwV5rZkZffexSB8w0M.roa
File: aO8b4jqF0OwV5rZkZffexSB8w0M.roa (raw, json)
Hash identifier: vgxBRpqPzcqJx7QPwSiDMR/KGkc5IDdsNOamfry7xVo=
Subject key identifier: 68:EF:1B:E2:3A:85:D0:EC:15:E6:B6:64:65:F7:DE:C5:20:7C:C3:43
Certificate issuer: /CN=4d3f54f304e6b851608c293978b16ba51ac0350e
Certificate serial: 070CF373
Authority key identifier: 4D:3F:54:F3:04:E6:B8:51:60:8C:29:39:78:B1:6B:A5:1A:C0:35:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TT9U8wTmuFFgjCk5eLFrpRrANQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b737f6-304b-4c4f-b887-71108258f1b9/1/aO8b4jqF0OwV5rZkZffexSB8w0M.roa
Signing time: Sat 01 Jan 2022 15:02:05 +0000
ROA not before: Sat 01 Jan 2022 15:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2119
IP address blocks: 2001:67c:2f50::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118289267 (0x70cf373)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3f54f304e6b851608c293978b16ba51ac0350e
Validity
Not Before: Jan 1 15:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68ef1be23a85d0ec15e6b66465f7dec5207cc343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2c:14:32:f1:9b:98:9e:02:3d:af:f3:e0:5a:
0f:b1:17:d0:29:a4:66:b9:3e:0b:7b:d8:b8:e5:09:
ab:34:84:85:fe:09:49:db:f3:0b:1f:19:a7:fd:35:
2a:c8:83:24:c9:44:b8:42:7d:18:83:6d:2e:cc:d5:
ca:84:aa:40:1f:a8:71:80:44:71:79:34:02:e9:cf:
ea:dd:b3:bc:b3:68:4d:fa:dc:e4:f9:d9:c5:3f:b9:
03:1c:93:04:a0:75:ca:dd:39:af:e7:17:82:6e:b5:
6e:26:cc:34:58:9d:8b:76:32:a8:c9:5a:16:7f:41:
cb:6c:2e:b9:35:3c:b9:5d:e7:c8:fc:74:ba:2a:96:
62:1d:14:8f:82:5d:ab:c2:77:7b:7c:2f:f6:1f:2e:
17:a5:92:d5:7d:f7:e7:3a:8d:fa:07:2c:bb:d9:56:
69:9d:fe:55:17:4f:98:1c:c9:d3:8f:a4:a3:61:0b:
d4:d7:bb:a0:0e:d0:d7:39:d1:d3:97:d0:eb:33:cb:
ae:c2:4c:fb:2d:b1:c8:cc:32:ab:c1:2d:34:20:7f:
37:c9:c3:ff:aa:cb:45:a9:94:4a:20:26:28:a1:47:
99:7b:21:e4:fe:4a:e4:97:63:e3:e2:ce:11:00:02:
0c:23:a5:f0:12:fd:2c:2d:08:de:6a:29:ce:e6:26:
8c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EF:1B:E2:3A:85:D0:EC:15:E6:B6:64:65:F7:DE:C5:20:7C:C3:43
X509v3 Authority Key Identifier:
keyid:4D:3F:54:F3:04:E6:B8:51:60:8C:29:39:78:B1:6B:A5:1A:C0:35:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TT9U8wTmuFFgjCk5eLFrpRrANQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b737f6-304b-4c4f-b887-71108258f1b9/1/aO8b4jqF0OwV5rZkZffexSB8w0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b737f6-304b-4c4f-b887-71108258f1b9/1/TT9U8wTmuFFgjCk5eLFrpRrANQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2f50::/48
Signature Algorithm: sha256WithRSAEncryption
4e:8b:86:0d:01:5e:32:6f:5e:f3:e7:6b:f1:53:6e:72:47:e8:
1c:c3:4b:5f:0d:48:15:b7:cc:12:51:6c:88:d2:fc:70:de:57:
15:93:c4:08:75:63:d3:9b:30:cd:0f:14:4e:8e:ba:d5:0d:3c:
67:9c:6b:50:79:19:a2:e1:22:cf:41:9f:60:49:0f:ce:2f:e2:
fd:fa:5c:44:bc:80:5a:4e:2a:79:3c:7b:1d:f9:90:84:e1:2b:
b2:5a:22:44:85:97:4b:c4:43:24:71:9e:38:5b:e3:0f:57:5e:
b3:1d:f5:5f:36:b5:2f:fd:66:0b:7d:1a:54:1d:a6:7d:e1:07:
36:28:d9:42:39:40:43:76:a4:2d:72:91:48:d2:bc:47:66:c2:
64:89:a6:ed:ae:75:07:c2:b3:b0:d7:e9:b7:d0:83:4c:b1:62:
fe:5d:f0:01:45:40:44:e2:0a:06:6a:ec:0f:ce:e1:e3:1c:b3:
a3:1f:14:d0:e4:a1:66:5a:93:ff:61:65:f0:ef:bd:fa:25:30:
9f:43:0a:58:3a:8a:1a:d8:a4:7d:f8:88:ed:50:01:2a:d5:ce:
26:16:58:68:4a:3a:12:ed:a0:26:73:e5:d3:eb:f5:c8:6d:48:
c9:20:81:09:aa:eb:a4:cf:6b:ee:d5:e3:e3:14:f2:19:8e:ce:
68:56:73:ee
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBwzzczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDNmNTRmMzA0ZTZiODUxNjA4YzI5Mzk3OGIxNmJhNTFhYzAzNTBlMB4XDTIyMDEw
MTE1MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhlZjFiZTIzYTg1
ZDBlYzE1ZTZiNjY0NjVmN2RlYzUyMDdjYzM0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOgsFDLxm5ieAj2v8+BaD7EX0CmkZrk+C3vYuOUJqzSEhf4J
SdvzCx8Zp/01KsiDJMlEuEJ9GINtLszVyoSqQB+ocYBEcXk0AunP6t2zvLNoTfrc
5PnZxT+5AxyTBKB1yt05r+cXgm61bibMNFidi3YyqMlaFn9By2wuuTU8uV3nyPx0
uiqWYh0Uj4Jdq8J3e3wv9h8uF6WS1X335zqN+gcsu9lWaZ3+VRdPmBzJ04+ko2EL
1Ne7oA7Q1znR05fQ6zPLrsJM+y2xyMwyq8EtNCB/N8nD/6rLRamUSiAmKKFHmXsh
5P5K5Jdj4+LOEQACDCOl8BL9LC0I3mopzuYmjHsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRo7xviOoXQ7BXmtmRl997FIHzDQzAfBgNVHSMEGDAWgBRNP1TzBOa4UWCM
KTl4sWulGsA1DjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RUOVU4d1RtdUZGZ2pDazVlTEZycFJyQU5RNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvYjczN2Y2LTMwNGItNGM0Zi1iODg3LTcxMTA4MjU4ZjFiOS8x
L2FPOGI0anFGME93VjVyWmtaZmZleFNCOHcwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
YjczN2Y2LTMwNGItNGM0Zi1iODg3LTcxMTA4MjU4ZjFiOS8xL1RUOVU4d1RtdUZG
Z2pDazVlTEZycFJyQU5RNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwvUDANBgkqhkiG9w0BAQsF
AAOCAQEATouGDQFeMm9e8+dr8VNuckfoHMNLXw1IFbfMElFsiNL8cN5XFZPECHVj
05swzQ8UTo661Q08Z5xrUHkZouEiz0GfYEkPzi/i/fpcRLyAWk4qeTx7HfmQhOEr
sloiRIWXS8RDJHGeOFvjD1desx31Xza1L/1mC30aVB2mfeEHNijZQjlAQ3akLXKR
SNK8R2bCZImm7a51B8KzsNfpt9CDTLFi/l3wAUVAROIKBmrsD87h4xyzox8U0OSh
ZlqT/2Fl8O+9+iUwn0MKWDqKGtikffiI7VABKtXOJhZYaEo6Eu2gJnPl0+v1yG1I
ySCBCarrpM9r7tXj4xTyGY7OaFZz7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org