Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/WT-z2Vq3FhOXFqCF1oh1dRYbkc0.roa
File: WT-z2Vq3FhOXFqCF1oh1dRYbkc0.roa (raw, json)
Hash identifier: pnSFbqba/VmfnZv6dqkb5eeP0uKgbIOoNDN4dztBK6c=
Subject key identifier: 59:3F:B3:D9:5A:B7:16:13:97:16:A0:85:D6:88:75:75:16:1B:91:CD
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 05ED8439
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/WT-z2Vq3FhOXFqCF1oh1dRYbkc0.roa
Signing time: Sat 01 Jan 2022 06:02:15 +0000
ROA not before: Sat 01 Jan 2022 06:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208942
IP address blocks: 2001:bf7:fc00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99451961 (0x5ed8439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 06:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=593fb3d95ab716139716a085d6887575161b91cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:63:b2:b7:0f:95:20:60:d1:bc:e4:b2:fb:be:
07:16:fe:c0:58:3f:56:0a:2d:cd:2f:32:9e:ca:e9:
17:eb:51:21:b3:56:bf:76:17:b5:e9:80:cc:bb:7d:
9e:2e:73:95:ad:57:2a:93:5d:1c:bb:60:2d:c2:4e:
93:ca:c9:cb:12:e5:a4:a3:9e:13:0d:80:70:a0:92:
48:88:f0:ef:24:24:ca:ed:4a:29:e3:3c:99:89:5f:
9f:53:cf:a1:77:28:8d:25:4c:3f:84:5e:b7:ac:a3:
03:0b:c2:69:88:00:31:23:6e:77:78:cf:52:e2:2c:
8c:08:e6:56:08:0b:62:07:77:b4:7d:d2:e7:90:18:
98:34:a6:49:ad:1f:2e:85:16:f5:98:89:fb:0a:a8:
4b:1d:06:dc:72:74:9c:2d:ed:fb:fb:64:06:d4:0b:
56:15:4c:84:e0:7a:da:38:af:f3:28:3c:35:7a:c3:
30:d6:8a:3a:b3:ba:d1:bd:63:26:40:d6:00:89:7f:
e6:97:e5:f9:e5:1d:49:0d:d6:0f:67:e5:07:21:81:
41:fd:94:5d:6d:3c:cd:72:93:64:c8:60:fe:d4:78:
34:be:38:c4:67:fb:ee:e7:c0:a7:fc:fb:cb:e8:b7:
7b:9a:fe:52:79:db:e7:41:aa:96:95:84:b6:d2:91:
25:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3F:B3:D9:5A:B7:16:13:97:16:A0:85:D6:88:75:75:16:1B:91:CD
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/WT-z2Vq3FhOXFqCF1oh1dRYbkc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:fc00::/44
Signature Algorithm: sha256WithRSAEncryption
14:2f:e6:67:06:92:72:a3:1f:24:1f:86:3e:87:16:d2:13:8e:
4d:26:f8:86:93:13:c8:ed:d4:5f:13:7b:1c:99:44:39:69:e3:
48:e7:2f:6a:99:b6:c3:7a:03:24:10:93:02:ce:26:be:19:93:
67:dd:dd:4f:f8:57:e5:0a:f4:99:1a:2f:77:8b:b3:0a:51:09:
eb:0b:bc:c1:5a:86:79:e0:d8:27:36:90:23:ea:bc:c1:da:d9:
c9:31:9e:ee:de:97:4c:80:92:92:65:ff:ba:bb:6d:0d:a4:12:
a1:b3:41:2f:22:96:8e:e5:00:99:00:9c:96:a8:93:ea:e2:86:
01:43:8e:81:0e:28:9d:b3:52:a3:ea:24:f0:eb:0c:1c:82:80:
1f:1c:ff:8c:c5:5c:51:78:ce:59:30:77:7e:ab:58:5d:27:f1:
13:12:8b:1a:66:8c:f1:ce:2f:dd:24:70:a5:e1:9d:67:cd:83:
4f:d7:fe:e5:3b:1e:09:6a:06:4e:07:62:e8:f5:8f:6a:87:50:
6e:ee:5f:a7:95:1e:b3:31:df:d4:ef:09:2c:a6:95:f8:43:da:
7d:54:d8:66:3c:55:3b:7e:ac:fb:58:58:3d:b9:ba:be:f3:52:
25:0d:f4:dd:87:60:cb:0a:b9:32:ad:a2:7a:72:20:4f:3e:9e:
85:90:9a:24
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBe2EOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjMxNDkyNDczYTc4YzZmZTlmNTM5ZjlmYTdkMjI1MjU2MGEyYjdlMB4XDTIyMDEw
MTA2MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkzZmIzZDk1YWI3
MTYxMzk3MTZhMDg1ZDY4ODc1NzUxNjFiOTFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZjsrcPlSBg0bzksvu+Bxb+wFg/VgotzS8ynsrpF+tRIbNW
v3YXtemAzLt9ni5zla1XKpNdHLtgLcJOk8rJyxLlpKOeEw2AcKCSSIjw7yQkyu1K
KeM8mYlfn1PPoXcojSVMP4Ret6yjAwvCaYgAMSNud3jPUuIsjAjmVggLYgd3tH3S
55AYmDSmSa0fLoUW9ZiJ+wqoSx0G3HJ0nC3t+/tkBtQLVhVMhOB62jiv8yg8NXrD
MNaKOrO60b1jJkDWAIl/5pfl+eUdSQ3WD2flByGBQf2UXW08zXKTZMhg/tR4NL44
xGf77ufAp/z7y+i3e5r+Unnb50GqlpWEttKRJf0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRZP7PZWrcWE5cWoIXWiHV1FhuRzTAfBgNVHSMEGDAWgBT/MUkkc6eMb+n1
Ofn6fSJSVgorfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196RkpKSE9uakdfcDlUbjUtbjBpVWxZS0szNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvMWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8x
L1dULXoyVnEzRmhPWEZxQ0Yxb2gxZFJZYmtjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
MWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8xL196RkpKSE9uakdf
cDlUbjUtbjBpVWxZS0szNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABC/f8ADANBgkqhkiG9w0BAQsF
AAOCAQEAFC/mZwaScqMfJB+GPocW0hOOTSb4hpMTyO3UXxN7HJlEOWnjSOcvapm2
w3oDJBCTAs4mvhmTZ93dT/hX5Qr0mRovd4uzClEJ6wu8wVqGeeDYJzaQI+q8wdrZ
yTGe7t6XTICSkmX/urttDaQSobNBLyKWjuUAmQCclqiT6uKGAUOOgQ4onbNSo+ok
8OsMHIKAHxz/jMVcUXjOWTB3fqtYXSfxExKLGmaM8c4v3SRwpeGdZ82DT9f+5Tse
CWoGTgdi6PWPaodQbu5fp5UeszHf1O8JLKaV+EPafVTYZjxVO36s+1hYPbm6vvNS
JQ303Ydgywq5Mq2ienIgTz6ehZCaJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:40 2024 by rpki-client on console-ams.rpki-client.org