Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d003ae-35a6-44f2-aad8-f8b12f982fe2/1/P-ibg2QV0xfgnfOhRQ38a_6AT_o.roa
File: P-ibg2QV0xfgnfOhRQ38a_6AT_o.roa (raw, json)
Hash identifier: Vi5nQk14tL5+VqOOYmQ0veUx/+g6G1MT98UAzu0Pgm0=
Subject key identifier: 3F:E8:9B:83:64:15:D3:17:E0:9D:F3:A1:45:0D:FC:6B:FE:80:4F:FA
Certificate issuer: /CN=fec35d4f2f2d247ea08c4a0117d328e4e8edf152
Certificate serial: 0B06D4B9
Authority key identifier: FE:C3:5D:4F:2F:2D:24:7E:A0:8C:4A:01:17:D3:28:E4:E8:ED:F1:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_sNdTy8tJH6gjEoBF9Mo5Ojt8VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/d003ae-35a6-44f2-aad8-f8b12f982fe2/1/P-ibg2QV0xfgnfOhRQ38a_6AT_o.roa
Signing time: Sat 01 Jan 2022 06:59:16 +0000
ROA not before: Sat 01 Jan 2022 06:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201281
IP address blocks: 2001:678:794::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184997049 (0xb06d4b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fec35d4f2f2d247ea08c4a0117d328e4e8edf152
Validity
Not Before: Jan 1 06:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fe89b836415d317e09df3a1450dfc6bfe804ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ac:8b:07:cb:1a:cb:56:ad:52:31:a1:42:4c:
49:b1:38:58:09:51:fd:ce:ec:47:75:7f:49:57:8c:
70:40:4c:50:14:8f:27:4d:34:9d:03:ec:19:75:bf:
fb:6a:f9:34:da:2a:6c:7d:37:b9:4c:98:8f:ac:ca:
84:3d:be:3e:26:62:86:2f:d8:79:51:f4:5d:b9:3e:
dc:12:d2:f4:cc:2d:fb:af:87:94:83:e4:77:44:3c:
3f:50:99:0b:88:78:74:5a:99:06:5e:76:60:29:51:
bd:ed:12:23:43:7d:08:72:b5:6a:99:6f:75:16:5e:
de:52:a3:0f:1e:c8:8f:cb:85:24:56:41:a3:d6:6d:
1e:42:07:0c:51:b6:b6:a6:5c:42:62:c6:e0:be:b7:
7d:1b:8f:e5:12:5a:17:15:10:3c:ac:c0:28:78:91:
4b:ba:a8:ab:fe:5c:7a:4f:e5:db:8c:df:92:34:a8:
f5:a9:d2:fc:9a:b3:39:dd:ef:0d:56:f2:51:be:af:
05:10:7e:f8:7c:2e:cb:57:40:cb:9c:29:50:79:96:
ca:68:cb:6d:f7:c4:4a:15:dc:00:6c:2a:8f:c4:91:
79:31:14:29:80:19:96:de:96:b3:13:45:3f:17:15:
aa:62:1c:57:56:ee:68:8b:55:47:e1:c1:ab:b8:ab:
3b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E8:9B:83:64:15:D3:17:E0:9D:F3:A1:45:0D:FC:6B:FE:80:4F:FA
X509v3 Authority Key Identifier:
keyid:FE:C3:5D:4F:2F:2D:24:7E:A0:8C:4A:01:17:D3:28:E4:E8:ED:F1:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sNdTy8tJH6gjEoBF9Mo5Ojt8VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d003ae-35a6-44f2-aad8-f8b12f982fe2/1/P-ibg2QV0xfgnfOhRQ38a_6AT_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d003ae-35a6-44f2-aad8-f8b12f982fe2/1/_sNdTy8tJH6gjEoBF9Mo5Ojt8VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:794::/48
Signature Algorithm: sha256WithRSAEncryption
08:27:cc:ca:71:9b:be:44:0d:32:14:d7:59:fd:35:9e:23:09:
28:0d:84:6c:61:95:f7:30:02:86:8f:9e:d0:d4:3c:23:cc:29:
e5:36:f3:07:84:0f:03:18:b1:ce:2d:3d:df:30:0b:71:b3:51:
b2:8d:2e:c8:b8:7b:3a:24:d8:a0:a6:5b:54:e7:df:5e:82:ab:
54:e8:b0:5b:56:30:c1:4c:11:24:56:a2:f7:c8:ea:7c:d0:45:
92:ff:0c:20:e6:be:74:31:a5:3f:f2:f9:11:59:93:e2:5e:d4:
77:71:e2:47:d5:d6:41:6e:c8:73:2c:53:5f:64:5d:eb:0f:d7:
77:c9:b8:ce:54:02:54:92:fe:6d:f2:82:79:b3:9b:5a:45:8b:
11:fb:5f:31:4e:8e:28:4f:05:98:ee:00:11:e3:6a:45:e8:a6:
c1:dd:32:94:32:c7:16:f8:d0:f8:e1:c7:61:ee:07:57:07:42:
92:e8:50:9a:33:a1:84:d3:23:48:98:6e:54:ed:61:33:62:54:
06:1e:9c:ad:25:cd:0d:b4:85:04:39:62:dc:7c:fc:75:12:43:
db:27:49:1f:41:74:37:02:85:8d:84:77:d6:c4:dc:47:05:04:
5b:53:42:14:5e:4d:ee:01:dd:bb:40:45:0f:36:67:ee:35:d5:
5e:84:61:f7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECwbUuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWMzNWQ0ZjJmMmQyNDdlYTA4YzRhMDExN2QzMjhlNGU4ZWRmMTUyMB4XDTIyMDEw
MTA2NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZlODliODM2NDE1
ZDMxN2UwOWRmM2ExNDUwZGZjNmJmZTgwNGZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmsiwfLGstWrVIxoUJMSbE4WAlR/c7sR3V/SVeMcEBMUBSP
J000nQPsGXW/+2r5NNoqbH03uUyYj6zKhD2+PiZihi/YeVH0Xbk+3BLS9Mwt+6+H
lIPkd0Q8P1CZC4h4dFqZBl52YClRve0SI0N9CHK1aplvdRZe3lKjDx7Ij8uFJFZB
o9ZtHkIHDFG2tqZcQmLG4L63fRuP5RJaFxUQPKzAKHiRS7qoq/5cek/l24zfkjSo
9anS/JqzOd3vDVbyUb6vBRB++Hwuy1dAy5wpUHmWymjLbffEShXcAGwqj8SReTEU
KYAZlt6WsxNFPxcVqmIcV1buaItVR+HBq7irO2MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ/6JuDZBXTF+Cd86FFDfxr/oBP+jAfBgNVHSMEGDAWgBT+w11PLy0kfqCM
SgEX0yjk6O3xUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19zTmRUeTh0Skg2Z2pFb0JGOU1vNU9qdDhWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvZDAwM2FlLTM1YTYtNDRmMi1hYWQ4LWY4YjEyZjk4MmZlMi8x
L1AtaWJnMlFWMHhmZ25mT2hSUTM4YV82QVRfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
ZDAwM2FlLTM1YTYtNDRmMi1hYWQ4LWY4YjEyZjk4MmZlMi8xL19zTmRUeTh0Skg2
Z2pFb0JGOU1vNU9qdDhWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngHlDANBgkqhkiG9w0BAQsF
AAOCAQEACCfMynGbvkQNMhTXWf01niMJKA2EbGGV9zACho+e0NQ8I8wp5TbzB4QP
Axixzi093zALcbNRso0uyLh7OiTYoKZbVOffXoKrVOiwW1YwwUwRJFai98jqfNBF
kv8MIOa+dDGlP/L5EVmT4l7Ud3HiR9XWQW7IcyxTX2Rd6w/Xd8m4zlQCVJL+bfKC
ebObWkWLEftfMU6OKE8FmO4AEeNqReimwd0ylDLHFvjQ+OHHYe4HVwdCkuhQmjOh
hNMjSJhuVO1hM2JUBh6crSXNDbSFBDli3Hz8dRJD2ydJH0F0NwKFjYR31sTcRwUE
W1NCFF5N7gHdu0BFDzZn7jXVXoRh9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org