Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/M6flVKxRTU5SKUdKJrImmRShjY0.roa
File: M6flVKxRTU5SKUdKJrImmRShjY0.roa (raw, json)
Hash identifier: x/O7beTtjUVNgLuWjSpIZsCEDV00gLt+CY4mKqbGYfE=
Subject key identifier: 33:A7:E5:54:AC:51:4D:4E:52:29:47:4A:26:B2:26:99:14:A1:8D:8D
Certificate issuer: /CN=2e41457da1ea6c79b1b6bea52c64a7a1b5f29648
Certificate serial: 1701C450
Authority key identifier: 2E:41:45:7D:A1:EA:6C:79:B1:B6:BE:A5:2C:64:A7:A1:B5:F2:96:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkFFfaHqbHmxtr6lLGSnobXylkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/M6flVKxRTU5SKUdKJrImmRShjY0.roa
Signing time: Sat 01 Jan 2022 14:06:53 +0000
ROA not before: Sat 01 Jan 2022 14:06:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202060
IP address blocks: 2001:67c:558::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385991760 (0x1701c450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e41457da1ea6c79b1b6bea52c64a7a1b5f29648
Validity
Not Before: Jan 1 14:06:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33a7e554ac514d4e5229474a26b2269914a18d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:97:c6:c3:42:90:6b:e5:93:26:e4:62:19:14:
89:59:1f:7c:83:df:cf:22:7c:0b:97:72:42:e8:16:
0e:5a:fa:08:17:a9:d9:fa:20:35:1a:13:a4:d8:34:
42:44:1a:a8:f5:b6:b0:b1:1e:7f:22:c0:0f:2d:38:
15:2f:ca:e1:0f:fa:2e:5e:79:64:0c:7a:28:d5:05:
42:8b:73:46:96:de:63:0b:6d:8f:21:f5:dc:74:a7:
a6:4a:bc:22:a4:df:ba:df:5b:f2:7d:a3:d3:49:4e:
39:b4:d4:10:dd:78:24:ca:24:e4:1c:7c:f2:2e:67:
a9:7b:5b:06:af:f6:85:0b:75:c8:0e:b2:3a:6a:91:
3d:80:97:97:ef:7c:1d:c4:10:bc:2a:32:f0:bd:f8:
25:f9:36:e4:27:58:5b:09:d8:c3:ee:9d:5d:e3:30:
80:05:b9:7b:42:07:cd:31:af:20:e0:13:58:10:f2:
d5:06:a6:b3:34:12:5d:9a:28:9d:5d:d7:3f:ee:88:
80:81:04:4d:89:e8:c9:76:b6:02:5f:89:bf:0e:69:
fb:e0:9f:ae:20:cb:70:3b:59:09:4b:e3:f4:a0:1f:
1a:93:91:53:c2:52:7b:67:ad:68:aa:e7:ba:f5:3f:
4d:f9:ee:3a:da:fb:f2:4e:1b:5a:ff:be:b4:12:5c:
dd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A7:E5:54:AC:51:4D:4E:52:29:47:4A:26:B2:26:99:14:A1:8D:8D
X509v3 Authority Key Identifier:
keyid:2E:41:45:7D:A1:EA:6C:79:B1:B6:BE:A5:2C:64:A7:A1:B5:F2:96:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkFFfaHqbHmxtr6lLGSnobXylkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/M6flVKxRTU5SKUdKJrImmRShjY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/LkFFfaHqbHmxtr6lLGSnobXylkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:558::/48
Signature Algorithm: sha256WithRSAEncryption
4f:f1:55:24:15:db:e5:4c:8f:6d:c3:3f:29:4d:95:fe:82:7e:
4d:eb:72:1e:af:57:90:ee:aa:80:4c:2f:c2:b8:9b:c6:08:15:
0f:66:12:19:11:9d:59:32:29:7c:e9:8f:e0:b4:d8:7b:5b:7d:
6f:97:d8:eb:ce:de:75:8e:61:05:c3:ca:d1:bb:3e:29:44:db:
24:97:9f:a2:57:74:2f:0b:7e:3a:44:69:2c:29:a2:58:7d:df:
28:9d:c1:7c:12:e4:53:41:61:4f:0d:73:e1:ec:e2:35:8d:92:
05:4a:96:95:2a:7e:8b:f7:98:84:05:c7:1f:0b:1d:d0:23:07:
c9:a6:36:f2:a2:ed:14:d2:05:d1:89:9b:f3:59:70:f8:5c:73:
d0:cd:63:a5:61:bd:30:2f:0e:4d:c1:42:67:47:8d:57:01:38:
09:02:60:fc:72:c1:0c:8d:ac:b3:62:07:d4:99:3b:4e:be:0e:
88:11:50:e9:3c:a8:2b:48:a1:0d:8e:5a:f4:31:33:49:d3:ce:
0d:c1:22:ed:f5:b5:cc:5c:c6:3c:03:5e:af:6e:9b:c6:6c:16:
12:82:8b:c0:40:5c:cb:ec:b4:45:10:24:5b:24:aa:ca:0b:b5:
2a:fa:5b:a4:8b:3e:85:2c:4f:e0:9d:6f:d3:06:60:74:38:4f:
ff:ee:16:26
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFwHEUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTQxNDU3ZGExZWE2Yzc5YjFiNmJlYTUyYzY0YTdhMWI1ZjI5NjQ4MB4XDTIyMDEw
MTE0MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNhN2U1NTRhYzUx
NGQ0ZTUyMjk0NzRhMjZiMjI2OTkxNGExOGQ4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6XxsNCkGvlkybkYhkUiVkffIPfzyJ8C5dyQugWDlr6CBep
2fogNRoTpNg0QkQaqPW2sLEefyLADy04FS/K4Q/6Ll55ZAx6KNUFQotzRpbeYwtt
jyH13HSnpkq8IqTfut9b8n2j00lOObTUEN14JMok5Bx88i5nqXtbBq/2hQt1yA6y
OmqRPYCXl+98HcQQvCoy8L34Jfk25CdYWwnYw+6dXeMwgAW5e0IHzTGvIOATWBDy
1QamszQSXZoonV3XP+6IgIEETYnoyXa2Al+Jvw5p++CfriDLcDtZCUvj9KAfGpOR
U8JSe2etaKrnuvU/TfnuOtr78k4bWv++tBJc3esCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQzp+VUrFFNTlIpR0omsiaZFKGNjTAfBgNVHSMEGDAWgBQuQUV9oepsebG2
vqUsZKehtfKWSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xrRkZmYUhxYkhteHRyNmxMR1Nub2JYeWxrZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOGZhZDhiLWEwMzMtNDQ4NC04ODVlLWUwMjg3MmQxZGIwMS8x
L002ZmxWS3hSVFU1U0tVZEtKckltbVJTaGpZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OGZhZDhiLWEwMzMtNDQ4NC04ODVlLWUwMjg3MmQxZGIwMS8xL0xrRkZmYUhxYkht
eHRyNmxMR1Nub2JYeWxrZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwFWDANBgkqhkiG9w0BAQsF
AAOCAQEAT/FVJBXb5UyPbcM/KU2V/oJ+TetyHq9XkO6qgEwvwribxggVD2YSGRGd
WTIpfOmP4LTYe1t9b5fY687edY5hBcPK0bs+KUTbJJefold0Lwt+OkRpLCmiWH3f
KJ3BfBLkU0FhTw1z4eziNY2SBUqWlSp+i/eYhAXHHwsd0CMHyaY28qLtFNIF0Ymb
81lw+Fxz0M1jpWG9MC8OTcFCZ0eNVwE4CQJg/HLBDI2ss2IH1Jk7Tr4OiBFQ6Tyo
K0ihDY5a9DEzSdPODcEi7fW1zFzGPANer26bxmwWEoKLwEBcy+y0RRAkWySqygu1
KvpbpIs+hSxP4J1v0wZgdDhP/+4WJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:18 2024 by rpki-client on console-fra.rpki-client.org