Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A3_3W9M4fhJXTqYgSGlnFwmbR2E.roa
File: A3_3W9M4fhJXTqYgSGlnFwmbR2E.roa (raw, json)
Hash identifier: IvTHDTakH9usL2/Oof7klDpLHw/0+M59PSMk+Q5nIP8=
Subject key identifier: 03:7F:F7:5B:D3:38:7E:12:57:4E:A6:20:48:69:67:17:09:9B:47:61
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 074742B9
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A3_3W9M4fhJXTqYgSGlnFwmbR2E.roa
Signing time: Sat 01 Jan 2022 14:00:22 +0000
ROA not before: Sat 01 Jan 2022 14:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211481
IP address blocks: 2a0f:ca81:6960::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122110649 (0x74742b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 14:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=037ff75bd3387e12574ea62048696717099b4761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8c:37:e2:e5:a9:3a:44:10:12:cb:b8:0d:ea:
62:28:26:d6:94:b1:21:ce:00:93:ef:0e:c4:16:39:
84:ee:9b:70:de:57:bf:87:f9:60:ce:d8:b7:21:d9:
1f:c7:d1:31:1c:c4:c0:fd:92:31:5f:6e:50:93:c3:
ec:ec:2f:90:08:de:01:99:60:c6:e5:2a:2a:e8:74:
63:20:75:9d:98:f2:0c:47:8c:f5:dc:fb:8d:8f:cc:
2f:c2:c7:35:24:20:b7:22:09:a7:90:36:3f:90:1f:
6b:a9:bd:da:07:38:8a:47:ef:d1:b5:23:7c:27:ed:
f5:76:da:86:09:53:03:3f:77:9b:1c:7f:44:2c:84:
47:e1:f3:7c:d7:ff:25:73:a7:72:eb:06:14:22:07:
e8:bc:0f:84:fe:10:f7:9b:db:3f:10:32:d9:ef:87:
4e:78:8a:e6:ac:3a:03:2a:2d:4d:5e:5d:09:6b:27:
53:bc:1c:f5:78:d1:43:52:d4:8f:36:15:d3:0f:98:
b7:ac:b0:d9:ad:08:a8:61:61:29:26:a5:0c:ff:9f:
4d:37:f3:01:a4:93:bd:bc:34:a7:35:13:b0:bf:e1:
bc:d5:97:ca:f8:df:04:7a:08:7a:0c:b9:8e:74:48:
69:af:56:30:2c:41:28:4a:b4:52:c1:6d:71:bc:a3:
2d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7F:F7:5B:D3:38:7E:12:57:4E:A6:20:48:69:67:17:09:9B:47:61
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A3_3W9M4fhJXTqYgSGlnFwmbR2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca81:6960::/44
Signature Algorithm: sha256WithRSAEncryption
59:df:25:ba:69:7c:c6:15:6c:a8:2e:b9:ca:50:62:71:14:b1:
1e:f0:5d:2f:c3:94:ca:0c:0d:51:a9:32:55:6b:55:20:14:5b:
26:9d:d8:be:c0:2a:b9:0f:63:35:a3:44:74:00:e9:4b:93:a4:
bc:c7:2a:1f:4e:04:65:4e:ac:54:64:6e:7a:2b:77:2a:57:9b:
ad:ac:59:9b:4d:34:85:06:00:0e:4d:05:8d:43:d7:6a:3a:9f:
a2:4c:15:d4:0c:4d:07:e6:ee:1c:5f:01:32:64:99:39:5f:ac:
fc:9e:f5:00:b1:7e:3e:37:c6:11:df:a6:ce:03:c4:8b:8c:24:
bb:77:db:73:ee:d9:74:61:68:ec:a0:83:77:21:c5:d6:13:69:
32:6a:8a:39:91:53:02:a1:40:08:d6:54:a2:d8:26:f5:c1:55:
9a:0e:1b:e0:08:78:bc:64:3c:96:7f:e0:36:5f:c0:3f:e5:f2:
19:f8:c4:a9:20:98:99:f7:c2:d8:e3:39:4c:5d:51:cb:31:c0:
8b:62:0e:3c:e0:4c:5f:ec:3a:4c:14:e7:4a:1e:b7:7b:85:1e:
80:0f:b3:25:d0:53:25:40:cd:7a:45:04:46:cd:09:f8:18:f9:
79:af:c9:a0:e1:44:d2:fd:5e:e9:63:41:44:ef:55:4b:d6:98:
dd:82:1f:e4
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB0dCuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU2YWI4ZTBjNDZlODQxYjQ0ZDJiOWM2YjAzYmI2NWY1NjIxZGIxMB4XDTIyMDEw
MTE0MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM3ZmY3NWJkMzM4
N2UxMjU3NGVhNjIwNDg2OTY3MTcwOTliNDc2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaMN+LlqTpEEBLLuA3qYigm1pSxIc4Ak+8OxBY5hO6bcN5X
v4f5YM7YtyHZH8fRMRzEwP2SMV9uUJPD7OwvkAjeAZlgxuUqKuh0YyB1nZjyDEeM
9dz7jY/ML8LHNSQgtyIJp5A2P5Afa6m92gc4ikfv0bUjfCft9XbahglTAz93mxx/
RCyER+HzfNf/JXOncusGFCIH6LwPhP4Q95vbPxAy2e+HTniK5qw6AyotTV5dCWsn
U7wc9XjRQ1LUjzYV0w+Yt6yw2a0IqGFhKSalDP+fTTfzAaSTvbw0pzUTsL/hvNWX
yvjfBHoIegy5jnRIaa9WMCxBKEq0UsFtcbyjLWUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQDf/db0zh+EldOpiBIaWcXCZtHYTAfBgNVHSMEGDAWgBTb5quODEboQbRN
K5xrA7tl9WIdsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItYXJqZ3hHNkVHMFRTdWNhd083WmZWaUhiRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8x
L0EzXzNXOU00ZmhKWFRxWWdTR2xuRndtYlIyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8xLzItYXJqZ3hHNkVH
MFRTdWNhd083WmZWaUhiRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoPyoFpYDANBgkqhkiG9w0BAQsF
AAOCAQEAWd8luml8xhVsqC65ylBicRSxHvBdL8OUygwNUakyVWtVIBRbJp3YvsAq
uQ9jNaNEdADpS5OkvMcqH04EZU6sVGRueit3KlebraxZm000hQYADk0FjUPXajqf
okwV1AxNB+buHF8BMmSZOV+s/J71ALF+PjfGEd+mzgPEi4wku3fbc+7ZdGFo7KCD
dyHF1hNpMmqKOZFTAqFACNZUotgm9cFVmg4b4Ah4vGQ8ln/gNl/AP+XyGfjEqSCY
mffC2OM5TF1RyzHAi2IOPOBMX+w6TBTnSh63e4UegA+zJdBTJUDNekUERs0J+Bj5
ea/JoOFE0v1e6WNBRO9VS9aY3YIf5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org