Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/k3fwFpDGJK-B-Yzk5s7JxjOk_xo.roa
File: k3fwFpDGJK-B-Yzk5s7JxjOk_xo.roa (raw, json)
Hash identifier: ftCnuh2gdb4p1bc3c8AJGmL32dWgWR45gxEuf3CNiTg=
Subject key identifier: 93:77:F0:16:90:C6:24:AF:81:F9:8C:E4:E6:CE:C9:C6:33:A4:FF:1A
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 07489340
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/k3fwFpDGJK-B-Yzk5s7JxjOk_xo.roa
Signing time: Sat 01 Jan 2022 14:00:22 +0000
ROA not before: Sat 01 Jan 2022 14:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212085
IP address blocks: 2a0f:ca81:1330::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122196800 (0x7489340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 14:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9377f01690c624af81f98ce4e6cec9c633a4ff1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:53:94:40:6c:8a:8b:d0:60:9a:10:56:82:00:
de:ab:63:ae:b1:9d:e8:af:d1:48:c8:5c:59:83:ed:
d8:ef:cf:6d:78:ac:d4:0d:d6:42:4b:d4:84:fa:96:
05:f0:d3:d0:55:43:95:e0:da:8e:9b:92:17:5e:f6:
7c:56:99:48:71:09:cc:9e:90:71:f7:c5:af:a1:71:
b3:7a:83:c8:ed:ba:47:75:ed:e1:4f:92:17:2f:33:
45:d5:27:63:dd:1f:5d:fd:5e:21:28:cc:01:79:26:
13:c1:9c:84:59:e6:94:a2:e0:8d:8a:2d:91:e8:5f:
b6:85:3c:17:93:b6:a1:9a:ce:83:c9:7e:7a:c6:44:
db:b1:91:cf:35:11:3d:db:a2:96:f4:a1:8e:3c:6f:
12:ec:7f:7c:26:62:f7:6e:2f:2a:4d:3a:c6:ab:4d:
6c:c5:9d:14:b4:44:1b:1f:b1:60:4e:45:65:d8:87:
99:b7:cf:ff:86:62:05:54:54:b4:2d:9a:fa:22:04:
eb:9f:8d:be:5f:1e:1e:20:d5:06:04:b8:95:da:cb:
f1:b1:43:08:b9:3a:a9:68:1c:95:2e:28:8e:1b:07:
c4:04:56:2b:80:9b:96:81:65:34:b4:f2:1d:4e:c4:
40:21:28:53:83:07:a8:43:3f:4e:4f:47:36:47:7c:
c4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:77:F0:16:90:C6:24:AF:81:F9:8C:E4:E6:CE:C9:C6:33:A4:FF:1A
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/k3fwFpDGJK-B-Yzk5s7JxjOk_xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca81:1330::/44
Signature Algorithm: sha256WithRSAEncryption
9f:ab:55:27:d3:51:4d:22:d2:e3:38:1a:1d:d2:3d:7f:10:65:
0e:14:f0:3a:73:54:4f:89:24:84:67:da:14:ce:10:6a:25:3d:
9c:f9:e6:be:9d:a6:81:45:d7:f9:05:97:7b:44:a2:b8:69:dd:
1b:aa:19:74:4c:62:c2:ac:18:c6:52:46:fb:3d:7a:76:7e:4e:
54:f4:f3:17:59:bc:ab:88:5f:e0:c3:29:7c:7d:37:83:89:84:
49:42:fe:23:87:8f:6a:96:94:41:eb:3e:86:c9:a7:b2:44:ee:
0e:2b:71:30:af:10:f4:ef:b8:3f:e8:ac:7b:d6:d9:6f:b9:32:
9b:c8:c7:f2:dd:b6:2e:66:4d:1a:14:65:ee:b8:de:28:91:e4:
0b:ed:f7:58:af:be:32:df:a1:6e:ad:44:2b:d4:aa:f2:89:2f:
e4:d9:51:c0:8b:cb:b4:2b:5b:9f:92:38:eb:58:f1:7a:8c:ec:
84:f6:6b:41:a4:3b:05:c4:12:26:59:8c:89:1a:16:7e:33:bc:
b5:bb:00:7f:e0:e4:f4:42:8d:ea:fe:84:6e:e9:46:95:ab:89:
73:74:0c:da:3a:16:80:65:b1:7a:5b:90:64:32:de:7b:f2:18:
e3:d1:9e:74:db:3c:3b:d6:4d:fa:72:79:98:94:21:0b:e7:d8:
a1:eb:c3:ea
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB0iTQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU2YWI4ZTBjNDZlODQxYjQ0ZDJiOWM2YjAzYmI2NWY1NjIxZGIxMB4XDTIyMDEw
MTE0MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM3N2YwMTY5MGM2
MjRhZjgxZjk4Y2U0ZTZjZWM5YzYzM2E0ZmYxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZTlEBsiovQYJoQVoIA3qtjrrGd6K/RSMhcWYPt2O/PbXis
1A3WQkvUhPqWBfDT0FVDleDajpuSF172fFaZSHEJzJ6QcffFr6Fxs3qDyO26R3Xt
4U+SFy8zRdUnY90fXf1eISjMAXkmE8GchFnmlKLgjYotkehftoU8F5O2oZrOg8l+
esZE27GRzzURPduilvShjjxvEux/fCZi924vKk06xqtNbMWdFLREGx+xYE5FZdiH
mbfP/4ZiBVRUtC2a+iIE65+Nvl8eHiDVBgS4ldrL8bFDCLk6qWgclS4ojhsHxARW
K4CbloFlNLTyHU7EQCEoU4MHqEM/Tk9HNkd8xOUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSTd/AWkMYkr4H5jOTmzsnGM6T/GjAfBgNVHSMEGDAWgBTb5quODEboQbRN
K5xrA7tl9WIdsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItYXJqZ3hHNkVHMFRTdWNhd083WmZWaUhiRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8x
L2szZndGcERHSkstQi1Zems1czdKeGpPa194by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8xLzItYXJqZ3hHNkVH
MFRTdWNhd083WmZWaUhiRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoPyoETMDANBgkqhkiG9w0BAQsF
AAOCAQEAn6tVJ9NRTSLS4zgaHdI9fxBlDhTwOnNUT4kkhGfaFM4QaiU9nPnmvp2m
gUXX+QWXe0SiuGndG6oZdExiwqwYxlJG+z16dn5OVPTzF1m8q4hf4MMpfH03g4mE
SUL+I4ePapaUQes+hsmnskTuDitxMK8Q9O+4P+ise9bZb7kym8jH8t22LmZNGhRl
7rjeKJHkC+33WK++Mt+hbq1EK9Sq8okv5NlRwIvLtCtbn5I461jxeozshPZrQaQ7
BcQSJlmMiRoWfjO8tbsAf+Dk9EKN6v6EbulGlauJc3QM2joWgGWxeluQZDLee/IY
49GedNs8O9ZN+nJ5mJQhC+fYoevD6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org