Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/4kUBmoIPYfQ1wTmy195KRahN2bE.roa
File: 4kUBmoIPYfQ1wTmy195KRahN2bE.roa (raw, json)
Hash identifier: IpzKj5Qm3mVQ2UhQQ1uPpBmD/Jk1UIwlQ8jU7B30hkc=
Subject key identifier: E2:45:01:9A:82:0F:61:F4:35:C1:39:B2:D7:DE:4A:45:A8:4D:D9:B1
Certificate issuer: /CN=0f7290752730779e98f8ebe3287adf1b8a65b43f
Certificate serial: 091A6437
Authority key identifier: 0F:72:90:75:27:30:77:9E:98:F8:EB:E3:28:7A:DF:1B:8A:65:B4:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3KQdScwd56Y-OvjKHrfG4pltD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/4kUBmoIPYfQ1wTmy195KRahN2bE.roa
Signing time: Sat 01 Jan 2022 16:06:12 +0000
ROA not before: Sat 01 Jan 2022 16:06:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12843
IP address blocks: 2001:67c:1820::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152724535 (0x91a6437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f7290752730779e98f8ebe3287adf1b8a65b43f
Validity
Not Before: Jan 1 16:06:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e245019a820f61f435c139b2d7de4a45a84dd9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:4c:eb:ab:51:99:97:05:d9:62:c3:78:c7:
dd:76:ae:28:bf:40:35:37:a1:c6:95:7e:d5:22:ac:
7c:9d:4b:be:85:4a:cb:89:18:64:ec:71:7c:6e:44:
77:32:02:39:be:26:45:97:9a:ec:d7:e4:b3:16:cb:
ff:45:76:6b:97:f8:68:62:5b:13:b6:b1:e1:a3:66:
05:14:28:98:86:86:4e:e0:ce:c5:35:16:90:59:ea:
ac:b6:02:5b:a6:13:45:ed:29:0f:9e:46:05:08:3c:
54:67:72:46:5e:a4:15:3b:e5:32:6b:c4:33:cf:e8:
38:1d:dc:6b:56:c4:60:c8:c3:59:b0:da:5d:ec:98:
24:5c:cb:b1:bf:19:b0:54:c5:c1:47:03:2f:ce:52:
7a:a8:74:f5:48:4f:93:56:09:56:f6:06:4c:cc:99:
0f:6d:24:bd:79:6f:b0:0f:a7:68:d5:d8:27:7d:04:
00:2d:ba:bc:ad:aa:53:77:40:98:83:1b:85:3e:77:
cb:37:ea:41:f3:27:f6:fe:76:6e:2e:8d:4a:73:c8:
3b:f2:8a:76:35:2f:31:ce:12:a3:2d:f1:e5:76:c2:
7e:23:49:01:c9:dc:56:22:64:c4:a8:ea:8b:64:c1:
d0:62:59:66:79:94:43:ce:37:94:5e:71:4e:9a:54:
4d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:45:01:9A:82:0F:61:F4:35:C1:39:B2:D7:DE:4A:45:A8:4D:D9:B1
X509v3 Authority Key Identifier:
keyid:0F:72:90:75:27:30:77:9E:98:F8:EB:E3:28:7A:DF:1B:8A:65:B4:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3KQdScwd56Y-OvjKHrfG4pltD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/4kUBmoIPYfQ1wTmy195KRahN2bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/D3KQdScwd56Y-OvjKHrfG4pltD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1820::/48
Signature Algorithm: sha256WithRSAEncryption
60:f1:fc:e5:93:3f:78:63:2d:6a:a2:1a:6f:75:87:c2:93:b2:
a3:fe:5e:b5:27:0c:ff:40:25:71:bb:85:a9:38:1f:de:92:84:
0c:c1:ee:75:df:7e:48:18:c9:79:50:eb:a6:98:d0:d0:5a:9c:
68:49:86:b2:19:35:d7:77:e1:ef:9f:31:61:9b:83:be:6a:7b:
3f:5d:29:c5:70:a0:80:c3:0e:df:73:17:2a:ff:27:73:6d:39:
f4:21:b8:f0:d7:b1:83:c0:69:d6:57:bc:fa:ed:75:c3:02:e4:
a3:bb:06:fb:3a:ac:40:8a:54:f3:38:17:f1:ae:44:6e:5a:4b:
8d:76:71:0e:7f:87:18:58:81:41:f9:e0:6b:c3:7d:41:d2:5e:
1e:6e:42:f3:72:20:30:1b:04:3e:82:3f:77:6a:8c:c4:ba:30:
13:df:ad:a8:9b:f3:5c:30:bb:6c:64:0a:f7:d1:1d:2a:d3:ef:
da:64:26:6f:6f:d9:a5:54:23:f3:bd:f4:53:31:bc:4e:25:8c:
fb:f7:22:b5:de:4d:4e:9e:c2:1f:3f:03:9a:64:c5:c8:af:c1:
49:05:01:c4:8a:89:cb:f3:24:14:23:be:69:86:82:0a:f5:96:
cf:70:15:af:f0:1f:57:2a:2b:0b:0b:04:96:fb:e0:35:41:07:
35:c6:6b:c3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECRpkNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjcyOTA3NTI3MzA3NzllOThmOGViZTMyODdhZGYxYjhhNjViNDNmMB4XDTIyMDEw
MTE2MDYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI0NTAxOWE4MjBm
NjFmNDM1YzEzOWIyZDdkZTRhNDVhODRkZDliMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+4TOurUZmXBdliw3jH3XauKL9ANTehxpV+1SKsfJ1LvoVK
y4kYZOxxfG5EdzICOb4mRZea7NfksxbL/0V2a5f4aGJbE7ax4aNmBRQomIaGTuDO
xTUWkFnqrLYCW6YTRe0pD55GBQg8VGdyRl6kFTvlMmvEM8/oOB3ca1bEYMjDWbDa
XeyYJFzLsb8ZsFTFwUcDL85Seqh09UhPk1YJVvYGTMyZD20kvXlvsA+naNXYJ30E
AC26vK2qU3dAmIMbhT53yzfqQfMn9v52bi6NSnPIO/KKdjUvMc4Soy3x5XbCfiNJ
AcncViJkxKjqi2TB0GJZZnmUQ843lF5xTppUTUUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTiRQGagg9h9DXBObLX3kpFqE3ZsTAfBgNVHSMEGDAWgBQPcpB1JzB3npj4
6+Moet8bimW0PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QzS1FkU2N3ZDU2WS1PdmpLSHJmRzRwbHREOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvMjYzMDgyLTQ3ODQtNGNiYy1hMzU1LWM0MWZhZTI0YmJiMi8x
LzRrVUJtb0lQWWZRMXdUbXkxOTVLUmFoTjJiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
MjYzMDgyLTQ3ODQtNGNiYy1hMzU1LWM0MWZhZTI0YmJiMi8xL0QzS1FkU2N3ZDU2
WS1PdmpLSHJmRzRwbHREOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwYIDANBgkqhkiG9w0BAQsF
AAOCAQEAYPH85ZM/eGMtaqIab3WHwpOyo/5etScM/0AlcbuFqTgf3pKEDMHudd9+
SBjJeVDrppjQ0FqcaEmGshk113fh758xYZuDvmp7P10pxXCggMMO33MXKv8nc205
9CG48Nexg8Bp1le8+u11wwLko7sG+zqsQIpU8zgX8a5EblpLjXZxDn+HGFiBQfng
a8N9QdJeHm5C83IgMBsEPoI/d2qMxLowE9+tqJvzXDC7bGQK99EdKtPv2mQmb2/Z
pVQj8730UzG8TiWM+/citd5NTp7CHz8DmmTFyK/BSQUBxIqJy/MkFCO+aYaCCvWW
z3AVr/AfVyorCwsElvvgNUEHNcZrww==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:23 2023 by rpki-client on console-fra.rpki-client.org