Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/40Y527JHT8QkL_kCmL-RZYo-_J4.roa
File: 40Y527JHT8QkL_kCmL-RZYo-_J4.roa (raw, json)
Hash identifier: Tg/bxWYhk6pQryjToSdFVVat/wPQxty9L6RXL9sGJ8M=
Subject key identifier: E3:46:39:DB:B2:47:4F:C4:24:2F:F9:02:98:BF:91:65:8A:3E:FC:9E
Certificate issuer: /CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Certificate serial: 0A5B1F1C
Authority key identifier: 92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/40Y527JHT8QkL_kCmL-RZYo-_J4.roa
Signing time: Sat 01 Jan 2022 01:56:45 +0000
ROA not before: Sat 01 Jan 2022 01:56:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395403
IP address blocks: 2a00:edc0:1007::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173743900 (0xa5b1f1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Validity
Not Before: Jan 1 01:56:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e34639dbb2474fc4242ff90298bf91658a3efc9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c9:5f:40:ed:e9:45:41:64:95:eb:0b:51:18:
d5:9f:e7:dc:c6:4f:39:34:4c:3a:ad:c0:cb:68:16:
19:17:c7:83:5d:b5:84:42:f1:25:ae:44:50:da:98:
52:e0:5a:f5:1a:24:59:f3:50:ec:6a:11:ad:72:12:
75:58:5e:9c:7f:5e:39:d3:8c:8f:93:44:4e:e7:2f:
e9:ba:4a:81:f9:a8:b7:79:f1:21:2a:ed:74:0e:db:
ef:a8:4b:e1:70:0c:de:16:b7:30:b2:9f:ca:7b:2e:
db:bd:37:72:4e:3e:f8:7c:f7:eb:5d:db:3c:f7:29:
93:64:28:b0:54:70:24:17:35:4f:d4:84:fb:38:89:
c8:d9:ef:e3:b6:c3:fb:cf:08:57:8e:16:77:8f:2b:
69:c6:97:f2:54:d3:65:ad:c8:84:12:35:08:1a:3e:
e9:ab:36:c0:44:7d:11:18:39:47:df:16:a2:22:6f:
7b:14:76:99:fc:36:74:12:79:7c:8d:27:08:ea:51:
31:36:ac:23:9c:98:27:26:bc:7f:40:4d:6f:b9:d5:
67:36:44:2e:d7:38:93:5b:64:55:36:86:26:81:1c:
85:b0:d0:4b:ed:d5:a0:63:d1:ec:ce:b8:75:f5:28:
0b:eb:8c:8c:3e:ce:c5:d7:4d:82:63:98:b4:66:41:
bb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:46:39:DB:B2:47:4F:C4:24:2F:F9:02:98:BF:91:65:8A:3E:FC:9E
X509v3 Authority Key Identifier:
keyid:92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/40Y527JHT8QkL_kCmL-RZYo-_J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/kjGbzZsJqYSwcOLvWI_8-otzyKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:edc0:1007::/48
Signature Algorithm: sha256WithRSAEncryption
3a:63:48:fa:f7:7a:f2:90:a5:84:8d:ae:df:83:f7:5a:7b:a2:
93:ed:3e:18:29:c3:52:39:52:3b:38:67:43:eb:cf:85:e1:39:
06:41:42:8e:aa:38:84:96:0a:1e:6e:63:83:a7:9d:07:67:30:
a7:3e:5b:6f:7b:96:de:54:bb:8a:a1:ce:62:41:93:03:7e:e5:
23:ba:05:cc:91:9a:0f:fc:13:f9:3a:69:3e:5a:48:33:ac:04:
78:64:e9:6f:e0:df:e8:8c:d9:7d:41:65:64:a8:d6:b3:b4:f5:
c2:66:be:8a:44:8b:82:de:3b:a6:26:fe:7f:b3:cd:20:fa:3e:
0a:af:cd:61:57:b0:3b:86:79:1b:30:9f:1f:69:53:48:57:45:
4b:ec:71:04:54:28:31:83:c9:23:92:a0:b2:32:78:30:4c:ad:
ee:bb:2a:53:6d:e4:f4:1d:c8:a5:c4:0e:5b:fd:ea:32:ca:d9:
c6:d7:35:73:bd:1c:43:41:20:a3:ae:45:ca:e6:38:77:ef:d4:
4b:1f:e3:a1:52:41:35:e3:c7:f1:0f:6d:90:07:ca:9f:f1:6a:
a5:77:88:0a:5a:aa:f5:a1:2d:5e:e2:af:0c:f1:a2:ce:79:e9:
b7:66:32:7f:26:66:64:ed:8d:d5:ad:f5:73:86:e3:fe:35:1b:
be:0a:08:0d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEClsfHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjMxOWJjZDliMDlhOTg0YjA3MGUyZWY1ODhmZmNmYThiNzNjOGEyMB4XDTIyMDEw
MTAxNTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM0NjM5ZGJiMjQ3
NGZjNDI0MmZmOTAyOThiZjkxNjU4YTNlZmM5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbJX0Dt6UVBZJXrC1EY1Z/n3MZPOTRMOq3Ay2gWGRfHg121
hELxJa5EUNqYUuBa9RokWfNQ7GoRrXISdVhenH9eOdOMj5NETucv6bpKgfmot3nx
ISrtdA7b76hL4XAM3ha3MLKfynsu2703ck4++Hz3613bPPcpk2QosFRwJBc1T9SE
+ziJyNnv47bD+88IV44Wd48racaX8lTTZa3IhBI1CBo+6as2wER9ERg5R98WoiJv
exR2mfw2dBJ5fI0nCOpRMTasI5yYJya8f0BNb7nVZzZELtc4k1tkVTaGJoEchbDQ
S+3VoGPR7M64dfUoC+uMjD7OxddNgmOYtGZBu7kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTjRjnbskdPxCQv+QKYv5Flij78njAfBgNVHSMEGDAWgBSSMZvNmwmphLBw
4u9Yj/z6i3PIojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tqR2J6WnNKcVlTd2NPTHZXSV84LW90enlLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYjJiMmM2LTM1ZWUtNDJmNS1hMjY4LWNkYmViYmM2NTJkZS8x
LzQwWTUyN0pIVDhRa0xfa0NtTC1SWllvLV9KNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YjJiMmM2LTM1ZWUtNDJmNS1hMjY4LWNkYmViYmM2NTJkZS8xL2tqR2J6WnNKcVlT
d2NPTHZXSV84LW90enlLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA7cAQBzANBgkqhkiG9w0BAQsF
AAOCAQEAOmNI+vd68pClhI2u34P3Wnuik+0+GCnDUjlSOzhnQ+vPheE5BkFCjqo4
hJYKHm5jg6edB2cwpz5bb3uW3lS7iqHOYkGTA37lI7oFzJGaD/wT+TppPlpIM6wE
eGTpb+Df6IzZfUFlZKjWs7T1wma+ikSLgt47pib+f7PNIPo+Cq/NYVewO4Z5GzCf
H2lTSFdFS+xxBFQoMYPJI5KgsjJ4MEyt7rsqU23k9B3IpcQOW/3qMsrZxtc1c70c
Q0Ego65FyuY4d+/USx/joVJBNePH8Q9tkAfKn/FqpXeIClqq9aEtXuKvDPGiznnp
t2YyfyZmZO2N1a31c4bj/jUbvgoIDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org