Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ctc-SDFh6FbT6HhZsEr10pvXvIY.roa
File: ctc-SDFh6FbT6HhZsEr10pvXvIY.roa (raw, json)
Hash identifier: TNecreJ6Jrqm5vCvdedl38pAOesQKDUNkuxB4xSR7Z8=
Subject key identifier: 72:D7:3E:48:31:61:E8:56:D3:E8:78:59:B0:4A:F5:D2:9B:D7:BC:86
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 02A88CC9
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ctc-SDFh6FbT6HhZsEr10pvXvIY.roa
Signing time: Sat 01 Jan 2022 15:57:07 +0000
ROA not before: Sat 01 Jan 2022 15:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12635
IP address blocks: 2001:4b6c::/30 maxlen: 30
2001:4b69::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44600521 (0x2a88cc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 1 15:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72d73e483161e856d3e87859b04af5d29bd7bc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bb:8a:90:47:a9:45:b6:68:d1:b9:51:37:f5:
7e:95:71:55:4f:7f:90:48:be:26:74:d6:e3:a0:14:
88:d0:fa:43:3f:a7:f4:d0:98:d9:39:09:da:d8:05:
2b:b1:c6:20:cd:43:27:b4:cd:a3:35:6a:35:02:47:
2a:9a:bc:43:71:ad:63:54:41:47:3b:05:ab:b2:9e:
94:9a:17:6f:92:ac:f4:14:98:7a:20:3d:7f:4b:0e:
4b:19:5a:05:1f:5d:63:5a:97:bb:4a:6d:f4:aa:14:
d1:d7:33:ba:cf:e6:ac:87:48:1a:82:07:52:aa:e9:
e6:c2:79:8f:93:76:2e:1a:ec:f5:2b:05:20:03:3a:
79:6e:46:ae:22:1c:98:1c:bd:d8:93:6d:c4:d8:66:
41:04:5f:75:25:b3:dd:af:97:a0:93:f9:9c:3f:a9:
40:f1:71:29:9c:5e:8a:fc:b2:71:bc:3d:11:ec:5c:
bd:2f:28:00:93:4d:a1:ac:78:6e:1f:59:5b:e2:15:
e2:25:2e:7e:df:fe:10:ce:18:d7:07:d3:35:eb:18:
9b:b8:2c:c7:75:80:60:f8:26:2a:b1:2e:79:e0:90:
f2:7d:53:e9:69:94:ed:5c:20:f2:1d:13:27:2a:a2:
92:80:7c:d2:4c:a5:11:e7:2d:ff:90:aa:da:a6:1b:
c5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D7:3E:48:31:61:E8:56:D3:E8:78:59:B0:4A:F5:D2:9B:D7:BC:86
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/ctc-SDFh6FbT6HhZsEr10pvXvIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4b69::/32
2001:4b6c::/30
Signature Algorithm: sha256WithRSAEncryption
02:69:14:35:63:41:23:e6:04:31:7a:57:3c:8c:eb:ca:83:fd:
32:3d:d0:a8:80:0b:30:95:07:13:e3:d8:62:55:23:dc:79:35:
80:c1:0e:cb:07:68:20:9d:c1:69:a2:d0:6c:d3:1b:bf:b9:ac:
29:9b:97:2c:58:65:c8:44:80:b4:c3:3b:22:62:a7:90:6d:56:
32:65:ae:12:70:d8:79:1a:e5:e0:91:9f:1f:e8:28:e1:5f:10:
37:99:92:87:9a:34:8a:07:51:13:57:0b:47:44:64:af:48:8b:
6a:c2:e8:1f:4d:c2:9d:78:7a:84:e9:d8:04:13:56:2c:35:dc:
fc:dd:2b:30:89:30:05:10:91:06:28:59:ab:14:c9:af:a8:02:
d4:8c:26:b7:c6:6e:95:7d:a9:5e:a0:c8:30:da:59:19:27:22:
ff:a0:ca:05:d5:ac:6d:fa:32:f5:df:95:9d:6b:55:05:90:b2:
3a:a3:92:39:23:21:8c:bf:7d:87:c3:ee:74:79:eb:70:ea:cb:
94:86:1f:20:a2:61:e4:e4:a2:61:6b:29:ce:4a:f4:cc:76:1b:
34:55:24:b8:a1:16:a4:43:a4:b4:0b:fb:ee:55:c8:30:f0:a7:
a5:1f:41:a3:17:22:a4:67:15:c8:f3:5b:69:15:05:2d:e7:fe:
ba:d9:6d:50
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAqiMyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjlkMTk3ZmJiZWUyYTFkY2NiNGY1NTcyMmE4MjEwZDMxMDViMDQyMB4XDTIyMDEw
MTE1NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJkNzNlNDgzMTYx
ZTg1NmQzZTg3ODU5YjA0YWY1ZDI5YmQ3YmM4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMu7ipBHqUW2aNG5UTf1fpVxVU9/kEi+JnTW46AUiND6Qz+n
9NCY2TkJ2tgFK7HGIM1DJ7TNozVqNQJHKpq8Q3GtY1RBRzsFq7KelJoXb5Ks9BSY
eiA9f0sOSxlaBR9dY1qXu0pt9KoU0dczus/mrIdIGoIHUqrp5sJ5j5N2Lhrs9SsF
IAM6eW5GriIcmBy92JNtxNhmQQRfdSWz3a+XoJP5nD+pQPFxKZxeivyycbw9Eexc
vS8oAJNNoax4bh9ZW+IV4iUuft/+EM4Y1wfTNesYm7gsx3WAYPgmKrEueeCQ8n1T
6WmU7Vwg8h0TJyqikoB80kylEect/5Cq2qYbxY0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRy1z5IMWHoVtPoeFmwSvXSm9e8hjAfBgNVHSMEGDAWgBTbnRl/u+4qHcy0
9VciqCENMQWwQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI1MFpmN3Z1S2gzTXRQVlhJcWdoRFRFRnNFSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMDlkMTM3LTQ3N2ItNGVmZS1hM2QzLTRiMjM5NTZmYmQ4Ni8x
L2N0Yy1TREZoNkZiVDZIaFpzRXIxMHB2WHZJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
MDlkMTM3LTQ3N2ItNGVmZS1hM2QzLTRiMjM5NTZmYmQ4Ni8xLzI1MFpmN3Z1S2gz
TXRQVlhJcWdoRFRFRnNFSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFACABS2kDBQIgAUtsMA0GCSqGSIb3
DQEBCwUAA4IBAQACaRQ1Y0Ej5gQxelc8jOvKg/0yPdCogAswlQcT49hiVSPceTWA
wQ7LB2ggncFpotBs0xu/uawpm5csWGXIRIC0wzsiYqeQbVYyZa4ScNh5GuXgkZ8f
6CjhXxA3mZKHmjSKB1ETVwtHRGSvSItqwugfTcKdeHqE6dgEE1YsNdz83SswiTAF
EJEGKFmrFMmvqALUjCa3xm6VfaleoMgw2lkZJyL/oMoF1axt+jL135Wda1UFkLI6
o5I5IyGMv32Hw+50eetw6suUhh8gomHk5KJhaynOSvTMdhs0VSS4oRakQ6S0C/vu
Vcgw8KelH0GjFyKkZxXI81tpFQUt5/662W1Q
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:42 2023 by rpki-client on console-ams.rpki-client.org