Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/fIn-pWqgb0rET4hYU5ySAM4wdrk.roa
File: fIn-pWqgb0rET4hYU5ySAM4wdrk.roa (raw, json)
Hash identifier: xtj1Y7B+oay5wgqmv1npTCzg0ONb6d8Sr92XgvT8fmM=
Subject key identifier: 7C:89:FE:A5:6A:A0:6F:4A:C4:4F:88:58:53:9C:92:00:CE:30:76:B9
Certificate issuer: /CN=e623299ee47b4f612db90a14f95e40767ae06657
Certificate serial: 01856265529D7C3BA1DF52CB3B92D87592A5
Authority key identifier: E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/fIn-pWqgb0rET4hYU5ySAM4wdrk.roa
Signing time: Fri 30 Dec 2022 09:38:05 +0000
ROA not before: Fri 30 Dec 2022 09:38:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35044
IP address blocks: 2001:67c:484::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:65:52:9d:7c:3b:a1:df:52:cb:3b:92:d8:75:92:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e623299ee47b4f612db90a14f95e40767ae06657
Validity
Not Before: Dec 30 09:38:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c89fea56aa06f4ac44f8858539c9200ce3076b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:a4:34:d1:bc:bc:fe:9f:72:e8:d5:b2:84:
42:47:7c:db:93:f2:e9:b6:b5:c9:28:10:34:c3:82:
1c:34:12:e8:5c:32:2a:c4:c3:9b:df:17:4d:50:58:
01:11:92:6c:b0:1e:71:8e:cc:92:b8:f8:b8:b2:d2:
5f:c3:87:1c:d8:63:b9:22:9c:a3:d2:3d:6a:01:62:
76:c6:d4:82:ec:a3:24:52:c2:b1:80:3e:8a:f8:6c:
64:37:e9:c8:ac:2c:61:09:71:b8:c2:99:a1:c5:e1:
cb:11:33:ce:98:80:c1:c2:0b:12:16:33:3d:79:48:
f5:c1:c0:22:c2:40:33:99:9d:81:28:34:c9:54:6c:
00:25:e0:ba:c2:95:24:20:c0:21:df:44:3e:d0:4a:
15:59:71:eb:9c:1d:d2:0f:45:e2:14:fc:8f:c4:4c:
da:ca:52:3b:cb:0b:5e:6f:95:2e:c5:f2:06:90:8d:
f3:e0:ff:e1:60:e1:92:91:1f:e6:dd:b8:ea:d9:ab:
2b:03:c6:88:17:92:04:77:c5:6e:24:84:9a:e6:b9:
20:b6:2b:cb:e0:c4:b1:46:da:05:96:4e:ab:a0:89:
f6:b2:35:56:41:48:9f:b0:b8:34:ae:d0:b5:8f:8c:
72:c6:20:24:29:3a:6b:41:a9:4a:c3:ef:b5:ba:f8:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:89:FE:A5:6A:A0:6F:4A:C4:4F:88:58:53:9C:92:00:CE:30:76:B9
X509v3 Authority Key Identifier:
keyid:E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/fIn-pWqgb0rET4hYU5ySAM4wdrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5iMpnuR7T2EtuQoU-V5AdnrgZlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:484::/48
Signature Algorithm: sha256WithRSAEncryption
51:b7:5c:a7:ce:13:c8:fe:c1:6e:b5:ca:98:22:d5:1c:b7:87:
89:02:8b:b6:1e:8a:c2:58:cf:2b:ed:fc:26:1e:2a:36:62:ad:
09:39:b0:74:da:5b:27:4f:23:22:f8:ee:b4:8c:9f:04:2b:93:
d6:0e:11:16:9d:75:49:58:32:34:4e:05:23:29:ac:3e:66:24:
cf:7c:d7:1b:71:31:6e:58:1e:fd:37:0f:94:4d:b6:26:1c:11:
60:54:c5:fe:76:b0:cd:75:d9:c9:65:f8:04:4d:e2:41:eb:80:
23:f1:19:44:ac:b0:4d:fe:42:e4:da:d8:25:28:35:0b:cb:39:
95:85:a1:2a:ef:d7:a5:8a:b2:4a:d1:c6:dd:26:cc:8f:e7:5b:
89:07:34:26:5e:70:72:d3:7a:a8:bb:f9:9b:e7:c1:7b:e6:46:
a6:3d:30:ab:8b:20:4c:55:1c:de:d9:05:1c:42:e5:60:b7:4f:
5e:3f:77:58:a4:33:7b:1e:8a:32:29:c6:fe:f6:31:1c:d3:5b:
39:33:27:ab:79:46:d8:b5:b6:a0:2b:03:d8:88:76:15:89:41:
90:62:7d:eb:40:83:fc:98:ac:f1:d0:21:ed:c9:a3:ab:ae:89:
52:25:4c:7e:fb:93:28:fb:96:d9:5a:4f:0f:a6:05:ec:3f:ed:
cb:93:cd:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYViZVKdfDuh31LLO5LYdZKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MjMyOTllZTQ3YjRmNjEyZGI5MGExNGY5NWU0MDc2N2Fl
MDY2NTcwHhcNMjIxMjMwMDkzODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg5ZmVhNTZhYTA2ZjRhYzQ0Zjg4NTg1MzljOTIwMGNlMzA3NmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqukNNG8vP6fcujVsoRCR3zbk/Lp
trXJKBA0w4IcNBLoXDIqxMOb3xdNUFgBEZJssB5xjsySuPi4stJfw4cc2GO5Ipyj
0j1qAWJ2xtSC7KMkUsKxgD6K+GxkN+nIrCxhCXG4wpmhxeHLETPOmIDBwgsSFjM9
eUj1wcAiwkAzmZ2BKDTJVGwAJeC6wpUkIMAh30Q+0EoVWXHrnB3SD0XiFPyPxEza
ylI7ywteb5UuxfIGkI3z4P/hYOGSkR/m3bjq2asrA8aIF5IEd8VuJISa5rkgtivL
4MSxRtoFlk6roIn2sjVWQUifsLg0rtC1j4xyxiAkKTprQalKw++1uvhbxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHyJ/qVqoG9KxE+IWFOckgDOMHa5MB8GA1UdIwQY
MBaAFOYjKZ7ke09hLbkKFPleQHZ64GZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWlNcG51UjdUMkV0dVFvVS1WNUFkbnJnWmxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mMzcyMDMtZjE3Mi00NTlmLTgzMTUt
ODJmMjVhYzY4ODdmLzEvZkluLXBXcWdiMHJFVDRoWVU1eVNBTTR3ZHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mMzcyMDMtZjE3Mi00NTlmLTgzMTUtODJmMjVhYzY4ODdm
LzEvNWlNcG51UjdUMkV0dVFvVS1WNUFkbnJnWmxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASE
MA0GCSqGSIb3DQEBCwUAA4IBAQBRt1ynzhPI/sFutcqYItUct4eJAou2HorCWM8r
7fwmHio2Yq0JObB02lsnTyMi+O60jJ8EK5PWDhEWnXVJWDI0TgUjKaw+ZiTPfNcb
cTFuWB79Nw+UTbYmHBFgVMX+drDNddnJZfgETeJB64Aj8RlErLBN/kLk2tglKDUL
yzmVhaEq79elirJK0cbdJsyP51uJBzQmXnBy03qou/mb58F75kamPTCriyBMVRze
2QUcQuVgt09eP3dYpDN7HooyKcb+9jEc01s5MyereUbYtbagKwPYiHYViUGQYn3r
QIP8mKzx0CHtyaOrrolSJUx++5Mo+5bZWk8PpgXsP+3Lk82o
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:25 2023 by rpki-client on console-fra.rpki-client.org