Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/1ae2b0-d93a-463c-a6b9-827b643af3d7/1/lCD9wCezxnt3S4SKHnQmysIX82k.roa
File: lCD9wCezxnt3S4SKHnQmysIX82k.roa (raw, json)
Hash identifier: I/djYTFCKYkXsJuNPATRTCLCNNnbSmFI+GiKDUHmk6k=
Subject key identifier: 94:20:FD:C0:27:B3:C6:7B:77:4B:84:8A:1E:74:26:CA:C2:17:F3:69
Certificate issuer: /CN=ccfa88c22b1e7c52de71a37643dea3c3fcdd4954
Certificate serial: 17015577
Authority key identifier: CC:FA:88:C2:2B:1E:7C:52:DE:71:A3:76:43:DE:A3:C3:FC:DD:49:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPqIwisefFLecaN2Q96jw_zdSVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/1ae2b0-d93a-463c-a6b9-827b643af3d7/1/lCD9wCezxnt3S4SKHnQmysIX82k.roa
Signing time: Sat 01 Jan 2022 10:58:05 +0000
ROA not before: Sat 01 Jan 2022 10:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15542
IP address blocks: 2001:67c:2c24::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385963383 (0x17015577)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccfa88c22b1e7c52de71a37643dea3c3fcdd4954
Validity
Not Before: Jan 1 10:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9420fdc027b3c67b774b848a1e7426cac217f369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:e5:6f:0b:4f:04:6a:b1:bc:fe:69:28:d3:
6c:34:1b:83:ee:14:7e:e9:6d:1a:d3:9b:df:b1:b0:
4c:2e:6b:99:d8:f1:22:f2:96:7c:fa:49:8a:99:08:
26:3f:ef:be:1b:4a:96:f4:91:4a:72:76:07:12:df:
8b:d2:6c:e7:c2:ee:80:c3:d0:86:7a:1c:e0:4d:3c:
99:22:b9:f0:79:7d:47:c1:d1:54:67:3b:ba:8f:74:
a2:9f:02:a6:29:3e:3f:f7:55:65:01:66:00:07:5d:
c8:0f:17:a6:a3:af:2e:1c:fb:37:68:40:b1:ac:f7:
bf:f9:a2:62:77:96:8d:37:16:dc:34:f1:85:a9:c6:
9a:f0:f0:5c:a4:52:b9:0f:d1:f4:9e:da:5d:df:8e:
e9:ee:2d:43:c2:ff:ae:cf:5a:d0:f5:ba:1e:58:5d:
9c:1f:22:6f:8c:1a:bf:8d:ff:1f:09:29:f6:8a:2c:
e0:2c:62:93:3e:91:20:19:b2:3c:46:70:ab:d0:6b:
af:91:89:c4:62:81:82:6f:bc:25:38:b5:27:23:a9:
0b:a3:fb:aa:35:4c:1e:e9:99:c1:27:1d:68:69:b2:
70:25:a7:91:86:d9:e1:5f:ba:66:47:07:c3:c0:f4:
13:e8:3b:28:79:2a:97:70:90:b3:26:7b:9e:f6:8f:
ac:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:20:FD:C0:27:B3:C6:7B:77:4B:84:8A:1E:74:26:CA:C2:17:F3:69
X509v3 Authority Key Identifier:
keyid:CC:FA:88:C2:2B:1E:7C:52:DE:71:A3:76:43:DE:A3:C3:FC:DD:49:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPqIwisefFLecaN2Q96jw_zdSVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/1ae2b0-d93a-463c-a6b9-827b643af3d7/1/lCD9wCezxnt3S4SKHnQmysIX82k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/1ae2b0-d93a-463c-a6b9-827b643af3d7/1/zPqIwisefFLecaN2Q96jw_zdSVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2c24::/48
Signature Algorithm: sha256WithRSAEncryption
49:9b:76:dd:99:b2:aa:9b:0d:f9:40:3d:ee:b8:ed:9f:a9:02:
cf:37:cc:ae:2f:19:f2:b5:2a:43:15:1a:1d:ab:b0:93:86:a2:
8f:55:ac:16:2e:0e:79:f4:8c:20:b6:07:ad:1f:49:37:55:49:
cc:36:ca:c7:0f:dd:9d:97:f0:4b:1f:49:f2:1e:ac:f3:df:84:
2a:4e:94:f4:13:69:2c:56:69:60:54:71:32:3d:a4:4c:ea:e6:
55:ac:9d:d2:7b:7d:52:48:5f:fe:b9:1c:16:33:95:9b:ed:85:
94:6d:62:e7:35:eb:5b:3a:49:a0:49:08:e1:9c:2b:0d:49:98:
3f:55:2f:1f:b9:20:9c:53:eb:4b:5e:35:78:3b:55:00:19:3d:
27:6f:f8:90:3e:8b:7e:89:a4:37:21:89:77:ca:d1:4a:21:e2:
3f:9e:80:52:0c:22:f5:59:54:cc:93:5a:28:a5:27:6d:58:b9:
ad:00:aa:c4:85:ae:fa:9f:a2:60:b2:8a:8e:e4:7f:6a:32:d7:
85:cf:ea:00:e4:9a:a9:78:29:93:1d:0c:32:c9:28:e1:70:16:
8e:c0:96:ff:65:d3:30:12:fe:4f:77:87:ed:5f:f1:eb:e5:e5:
f9:b8:88:ec:6c:7b:99:d2:84:0e:a2:c6:4e:b8:e9:9b:43:6c:
5f:99:5d:26
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFwFVdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2ZhODhjMjJiMWU3YzUyZGU3MWEzNzY0M2RlYTNjM2ZjZGQ0OTU0MB4XDTIyMDEw
MTEwNTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQyMGZkYzAyN2Iz
YzY3Yjc3NGI4NDhhMWU3NDI2Y2FjMjE3ZjM2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYV5W8LTwRqsbz+aSjTbDQbg+4UfultGtOb37GwTC5rmdjx
IvKWfPpJipkIJj/vvhtKlvSRSnJ2BxLfi9Js58LugMPQhnoc4E08mSK58Hl9R8HR
VGc7uo90op8Cpik+P/dVZQFmAAddyA8XpqOvLhz7N2hAsaz3v/miYneWjTcW3DTx
hanGmvDwXKRSuQ/R9J7aXd+O6e4tQ8L/rs9a0PW6HlhdnB8ib4wav43/Hwkp9oos
4Cxikz6RIBmyPEZwq9Brr5GJxGKBgm+8JTi1JyOpC6P7qjVMHumZwScdaGmycCWn
kYbZ4V+6ZkcHw8D0E+g7KHkql3CQsyZ7nvaPrNUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSUIP3AJ7PGe3dLhIoedCbKwhfzaTAfBgNVHSMEGDAWgBTM+ojCKx58Ut5x
o3ZD3qPD/N1JVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pQcUl3aXNlZkZMZWNhTjJROTZqd196ZFNWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvMWFlMmIwLWQ5M2EtNDYzYy1hNmI5LTgyN2I2NDNhZjNkNy8x
L2xDRDl3Q2V6eG50M1M0U0tIblFteXNJWDgyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
MWFlMmIwLWQ5M2EtNDYzYy1hNmI5LTgyN2I2NDNhZjNkNy8xL3pQcUl3aXNlZkZM
ZWNhTjJROTZqd196ZFNWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwsJDANBgkqhkiG9w0BAQsF
AAOCAQEASZt23ZmyqpsN+UA97rjtn6kCzzfMri8Z8rUqQxUaHauwk4aij1WsFi4O
efSMILYHrR9JN1VJzDbKxw/dnZfwSx9J8h6s89+EKk6U9BNpLFZpYFRxMj2kTOrm
Vayd0nt9Ukhf/rkcFjOVm+2FlG1i5zXrWzpJoEkI4ZwrDUmYP1UvH7kgnFPrS141
eDtVABk9J2/4kD6LfomkNyGJd8rRSiHiP56AUgwi9VlUzJNaKKUnbVi5rQCqxIWu
+p+iYLKKjuR/ajLXhc/qAOSaqXgpkx0MMsko4XAWjsCW/2XTMBL+T3eH7V/x6+Xl
+biI7Gx7mdKEDqLGTrjpm0NsX5ldJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:23 2024 by rpki-client on console-ams.rpki-client.org