Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa
File: 8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa (raw, json)
Hash identifier: a3dAEI5e5c0mEh/sfpM2egRnAfEjLKoZ6ErzhlXJ28I=
Subject key identifier: F0:61:85:08:A8:45:55:F8:67:07:C1:5D:25:67:33:DA:68:41:FF:B8
Certificate issuer: /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial: 085354A3
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa
Signing time: Sat 01 Jan 2022 16:06:48 +0000
ROA not before: Sat 01 Jan 2022 16:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:a90::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139678883 (0x85354a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Validity
Not Before: Jan 1 16:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0618508a84555f86707c15d256733da6841ffb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:87:57:64:ee:65:c5:2c:83:c4:8b:f8:b6:05:
e9:21:69:a2:66:37:94:c4:34:e6:5e:31:29:58:03:
53:a4:5f:27:c8:77:d8:04:ec:f2:22:dc:93:99:41:
90:7a:2e:47:03:f8:a3:20:6e:2f:80:2a:f2:db:fd:
aa:37:99:be:39:56:34:00:e2:43:d4:3a:17:13:2e:
09:57:27:10:1d:22:d3:d1:ef:4a:5f:89:1a:0a:e5:
c4:c2:10:fd:60:31:47:3f:0e:34:14:2d:a6:59:bd:
db:ad:05:5d:c6:fb:f9:ef:1a:12:35:e2:40:36:02:
59:9b:79:63:93:62:d4:98:f4:3d:a4:b5:48:c2:64:
5b:8c:11:7d:61:21:d5:64:b8:96:b2:d9:bd:36:8d:
70:af:fc:7a:80:25:12:de:44:12:e6:c6:38:7f:9d:
43:d4:09:eb:52:a3:1c:7d:5f:9e:8e:ad:28:e4:bc:
39:9b:cd:09:df:c8:e9:75:04:35:19:54:4e:69:0e:
a7:dd:1c:ba:d1:6f:8f:b3:1f:e8:7d:07:1c:b2:96:
fc:8e:95:b9:00:70:0f:bb:c6:fa:4b:a1:ce:4e:b5:
f9:ff:a9:e6:2b:fe:a3:f4:50:d6:c5:80:fc:35:33:
3b:82:fd:4d:3e:7b:86:f4:0e:ef:29:df:30:1a:e2:
2e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:61:85:08:A8:45:55:F8:67:07:C1:5D:25:67:33:DA:68:41:FF:B8
X509v3 Authority Key Identifier:
keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a90::/48
Signature Algorithm: sha256WithRSAEncryption
14:c4:32:52:d4:28:27:91:af:40:20:63:48:4a:73:45:94:51:
ae:cf:44:84:ee:bc:84:9f:13:9e:60:0a:50:b4:2b:ab:39:df:
84:82:86:28:93:09:98:a8:38:5c:48:36:a8:a4:ed:29:6d:8c:
1e:40:82:83:f0:0c:9f:81:c7:5c:06:94:b7:fe:e5:82:02:11:
a6:53:b3:79:83:10:10:6a:bf:1d:e9:ea:99:40:2c:0a:0d:d2:
1f:cf:f4:ff:83:60:ec:ec:d4:6f:54:b9:51:34:38:8a:c1:c1:
93:e9:48:e4:c2:22:84:10:24:30:00:67:6b:cf:2b:57:11:a4:
6a:18:4f:1e:2c:9a:80:8d:68:2a:de:79:4a:3a:9d:59:25:e9:
85:06:a3:cd:dc:74:26:50:b2:e5:46:4e:dc:c7:cc:08:ca:02:
6f:30:22:e5:f4:64:f4:04:67:65:3f:72:b6:52:80:3a:3d:95:
52:78:2d:16:74:a5:f2:a3:de:80:dd:b7:eb:59:a9:67:67:cf:
ad:7b:af:5e:b6:1b:7b:04:cd:82:13:44:f5:44:d0:7b:92:61:
3e:de:ec:57:78:01:62:af:74:b0:5a:8d:07:6e:88:ba:5b:0f:
bc:4f:70:64:58:ae:d8:b5:14:76:81:96:a5:3f:68:cc:4b:d5:
13:4b:85:a3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECFNUozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGY0ZWU4ODU4NGQ2ZGZkOWUzYWE5YmMyMDFjNTBmNDRlMzUzZDljMB4XDTIyMDEw
MTE2MDY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA2MTg1MDhhODQ1
NTVmODY3MDdjMTVkMjU2NzMzZGE2ODQxZmZiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSHV2TuZcUsg8SL+LYF6SFpomY3lMQ05l4xKVgDU6RfJ8h3
2ATs8iLck5lBkHouRwP4oyBuL4Aq8tv9qjeZvjlWNADiQ9Q6FxMuCVcnEB0i09Hv
Sl+JGgrlxMIQ/WAxRz8ONBQtplm9260FXcb7+e8aEjXiQDYCWZt5Y5Ni1Jj0PaS1
SMJkW4wRfWEh1WS4lrLZvTaNcK/8eoAlEt5EEubGOH+dQ9QJ61KjHH1fno6tKOS8
OZvNCd/I6XUENRlUTmkOp90cutFvj7Mf6H0HHLKW/I6VuQBwD7vG+kuhzk61+f+p
5iv+o/RQ1sWA/DUzO4L9TT57hvQO7ynfMBriLh0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTwYYUIqEVV+GcHwV0lZzPaaEH/uDAfBgNVHSMEGDAWgBQY9O6IWE1t/Z46
qbwgHFD0TjU9nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dQVHVpRmhOYmYyZU9xbThJQnhROUU0MVBady5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOWY4ZmJlLWIyZTgtNDcyZC05ZWJjLTBiOTg4NTg2M2ViZi8x
LzhHR0ZDS2hGVmZobkI4RmRKV2N6Mm1oQl83Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OWY4ZmJlLWIyZTgtNDcyZC05ZWJjLTBiOTg4NTg2M2ViZi8xL0dQVHVpRmhOYmYy
ZU9xbThJQnhROUU0MVBady5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKkDANBgkqhkiG9w0BAQsF
AAOCAQEAFMQyUtQoJ5GvQCBjSEpzRZRRrs9EhO68hJ8TnmAKULQrqznfhIKGKJMJ
mKg4XEg2qKTtKW2MHkCCg/AMn4HHXAaUt/7lggIRplOzeYMQEGq/HenqmUAsCg3S
H8/0/4Ng7OzUb1S5UTQ4isHBk+lI5MIihBAkMABna88rVxGkahhPHiyagI1oKt55
SjqdWSXphQajzdx0JlCy5UZO3MfMCMoCbzAi5fRk9ARnZT9ytlKAOj2VUngtFnSl
8qPegN2361mpZ2fPrXuvXrYbewTNghNE9UTQe5JhPt7sV3gBYq90sFqNB26IulsP
vE9wZFiu2LUUdoGWpT9ozEvVE0uFow==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:08 2023 by rpki-client on console-fra.rpki-client.org