Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/rJdCvvz0cMu0pERlwBUQ1sumWVo.roa
File: rJdCvvz0cMu0pERlwBUQ1sumWVo.roa (raw, json)
Hash identifier: Vosg5UWDFllP1qQsaswKh0dZwZ3HaB5xEznASgVL9AA=
Subject key identifier: AC:97:42:BE:FC:F4:70:CB:B4:A4:44:65:C0:15:10:D6:CB:A6:59:5A
Certificate issuer: /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial: 0DC0BE5B
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/rJdCvvz0cMu0pERlwBUQ1sumWVo.roa
Signing time: Sat 01 Jan 2022 15:58:20 +0000
ROA not before: Sat 01 Jan 2022 15:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212789
IP address blocks: 2001:678:53c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230735451 (0xdc0be5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Validity
Not Before: Jan 1 15:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac9742befcf470cbb4a44465c01510d6cba6595a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:16:34:7d:49:38:91:c5:90:fe:c5:fa:a3:
ec:b6:5c:12:9f:b6:34:74:01:6c:28:1b:70:24:63:
79:1f:4c:7a:bb:79:1d:9d:0f:00:d6:94:5e:f8:5e:
1f:e5:c9:79:98:a0:6b:cc:85:b9:5b:d2:ec:42:53:
38:26:08:b5:95:6b:86:7c:2d:1f:b0:25:cb:e9:f6:
21:31:a0:3d:aa:15:06:01:6a:fe:54:25:87:57:f3:
1d:d1:06:68:97:db:3d:81:de:6d:32:82:fd:09:c8:
ca:1c:4b:05:0a:0c:ef:8c:cd:5f:5d:48:1b:7f:f6:
46:e3:11:82:af:de:c0:34:ef:2a:b5:78:2b:8d:6d:
92:b5:79:8e:78:b9:78:29:f3:0c:c6:d5:0d:a2:b4:
2c:5b:ec:3a:dd:85:da:38:66:dd:62:9b:57:f2:45:
62:5d:0e:a4:ee:f0:f8:85:41:3d:62:ae:d6:3f:fe:
b7:38:d6:b7:3b:fb:74:75:1e:47:2d:54:81:ac:85:
1f:dc:13:f4:a1:19:47:5d:6f:b9:e1:23:e0:0f:24:
e1:55:87:2c:bd:38:8f:3c:2e:33:19:47:78:c5:18:
4e:bb:4b:1c:2c:dc:b9:60:4a:e7:a3:d2:14:a7:69:
b9:76:1d:6f:a7:01:71:d0:01:94:6b:ab:58:ef:6a:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:97:42:BE:FC:F4:70:CB:B4:A4:44:65:C0:15:10:D6:CB:A6:59:5A
X509v3 Authority Key Identifier:
keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/rJdCvvz0cMu0pERlwBUQ1sumWVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:53c::/48
Signature Algorithm: sha256WithRSAEncryption
10:46:d8:7d:65:7c:2a:a1:82:d0:df:6c:59:85:a1:cd:92:6e:
78:56:ec:ff:cc:d0:8e:6e:8d:ad:8c:f9:34:ef:b3:e3:d0:d8:
06:51:85:b4:8a:09:a0:20:a3:44:f8:6f:04:4e:12:56:23:29:
e3:00:04:7c:d2:9c:26:13:71:68:a3:2d:d0:f7:ad:1d:e4:62:
47:85:42:01:cd:8f:0b:f4:74:86:cc:7a:11:b4:cc:53:40:0f:
c5:26:5f:25:18:c0:ac:b1:58:3a:8f:cc:15:4b:74:ec:91:e8:
58:bf:69:8f:84:17:a2:f0:59:f9:95:75:c1:b9:06:72:71:ef:
df:f9:7b:f7:27:14:90:17:ed:34:9f:84:05:6c:3a:ef:8d:04:
8b:06:cc:31:59:cb:ce:29:b9:6a:12:27:57:89:01:e5:83:92:
69:5b:f7:bd:47:e0:84:17:0f:67:b7:1c:93:73:de:4e:a2:75:
0c:64:dd:b9:d3:d9:d1:56:b2:c1:9f:0f:44:82:04:9e:5f:bb:
18:16:ae:e9:e9:12:83:b8:fc:2d:64:2c:8a:87:09:56:3c:a0:
1b:26:c8:82:56:92:5c:60:54:c7:89:a0:89:f7:2e:d4:cc:00:
d8:0b:30:5c:6d:cd:a3:de:61:b3:bc:37:fa:02:35:88:c2:5b:
4d:3f:cf:4f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDcC+WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTc3OGI4MmJhYTk3ODhhMWFjYWYyZWMzNjhiNjE5ODFlZjUxZGYyMB4XDTIyMDEw
MTE1NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM5NzQyYmVmY2Y0
NzBjYmI0YTQ0NDY1YzAxNTEwZDZjYmE2NTk1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIv6FjR9STiRxZD+xfqj7LZcEp+2NHQBbCgbcCRjeR9Mert5
HZ0PANaUXvheH+XJeZiga8yFuVvS7EJTOCYItZVrhnwtH7Aly+n2ITGgPaoVBgFq
/lQlh1fzHdEGaJfbPYHebTKC/QnIyhxLBQoM74zNX11IG3/2RuMRgq/ewDTvKrV4
K41tkrV5jni5eCnzDMbVDaK0LFvsOt2F2jhm3WKbV/JFYl0OpO7w+IVBPWKu1j/+
tzjWtzv7dHUeRy1UgayFH9wT9KEZR11vueEj4A8k4VWHLL04jzwuMxlHeMUYTrtL
HCzcuWBK56PSFKdpuXYdb6cBcdABlGurWO9qLosCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSsl0K+/PRwy7SkRGXAFRDWy6ZZWjAfBgNVHSMEGDAWgBQ6d4uCuql4ihrK
8uw2i2GYHvUd8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09uZUxncnFwZUlvYXl2THNOb3RobUI3MUhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvNDA0YzA0LWE3ZjUtNGNkZi04ZTk3LTE4ZDMzYmViN2MzMS8x
L3JKZEN2dnowY011MHBFUmx3QlVRMXN1bVdWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
NDA0YzA0LWE3ZjUtNGNkZi04ZTk3LTE4ZDMzYmViN2MzMS8xL09uZUxncnFwZUlv
YXl2THNOb3RobUI3MUhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngFPDANBgkqhkiG9w0BAQsF
AAOCAQEAEEbYfWV8KqGC0N9sWYWhzZJueFbs/8zQjm6NrYz5NO+z49DYBlGFtIoJ
oCCjRPhvBE4SViMp4wAEfNKcJhNxaKMt0PetHeRiR4VCAc2PC/R0hsx6EbTMU0AP
xSZfJRjArLFYOo/MFUt07JHoWL9pj4QXovBZ+ZV1wbkGcnHv3/l79ycUkBftNJ+E
BWw6740EiwbMMVnLzim5ahInV4kB5YOSaVv3vUfghBcPZ7cck3PeTqJ1DGTdudPZ
0VaywZ8PRIIEnl+7GBau6ekSg7j8LWQsiocJVjygGybIglaSXGBUx4mgifcu1MwA
2AswXG3No95hs7w3+gI1iMJbTT/PTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:45 2024 by rpki-client on console-fra.rpki-client.org