Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/hL_h0-AWXKXSjb28ENHgAyCiW0o.roa
File: hL_h0-AWXKXSjb28ENHgAyCiW0o.roa (raw, json)
Hash identifier: sbwDp9C7h4ugW/lNZtjKZBry7AfbDHoJrBGRMDX8OYQ=
Subject key identifier: 84:BF:E1:D3:E0:16:5C:A5:D2:8D:BD:BC:10:D1:E0:03:20:A2:5B:4A
Certificate issuer: /CN=b4768ca3f71b13172794121ada78b359a36b855a
Certificate serial: 0563A404
Authority key identifier: B4:76:8C:A3:F7:1B:13:17:27:94:12:1A:DA:78:B3:59:A3:6B:85:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tHaMo_cbExcnlBIa2nizWaNrhVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/hL_h0-AWXKXSjb28ENHgAyCiW0o.roa
Signing time: Sat 01 Jan 2022 14:01:40 +0000
ROA not before: Sat 01 Jan 2022 14:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209619
IP address blocks: 2001:678:8f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90416132 (0x563a404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4768ca3f71b13172794121ada78b359a36b855a
Validity
Not Before: Jan 1 14:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84bfe1d3e0165ca5d28dbdbc10d1e00320a25b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b3:0b:59:94:6f:e6:a2:aa:22:0c:30:f2:89:
37:b6:35:03:d7:1c:fa:c5:3f:76:54:61:2e:81:62:
55:a3:b5:0a:26:ce:74:28:5b:0f:e8:85:3f:44:05:
cb:44:49:f0:a6:32:38:ae:b8:09:1e:3e:2b:42:79:
b8:d8:df:f2:72:71:23:5a:ec:e3:3f:b2:3b:12:56:
a1:fa:7d:4d:05:b2:f1:1f:5f:31:88:45:ec:df:43:
3b:dc:62:5a:52:41:05:a8:88:54:f6:02:95:29:34:
9f:35:af:77:3f:0c:bd:0d:67:4c:bd:f1:4d:31:6d:
3c:4c:e0:f5:42:f6:e5:33:a6:5c:5c:f6:be:2a:f0:
1e:2c:4e:73:09:20:e8:55:24:65:69:43:01:aa:b5:
b8:1f:65:f0:89:ca:ef:90:52:9d:ea:ca:38:38:42:
9d:64:9d:79:2c:16:6e:ae:0f:b1:fe:84:a6:51:43:
63:7d:a2:87:83:b5:78:48:1c:64:76:54:63:ec:6d:
95:c1:6d:4a:1c:24:8d:99:51:09:3a:e4:13:f1:42:
17:a2:78:94:61:4f:26:b5:8d:df:77:7c:5f:f5:df:
ae:2c:91:4b:2a:ea:f5:f6:97:be:dc:95:bb:1e:e8:
a8:4e:16:de:e5:1b:24:75:55:94:43:78:0b:8a:b6:
a7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BF:E1:D3:E0:16:5C:A5:D2:8D:BD:BC:10:D1:E0:03:20:A2:5B:4A
X509v3 Authority Key Identifier:
keyid:B4:76:8C:A3:F7:1B:13:17:27:94:12:1A:DA:78:B3:59:A3:6B:85:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tHaMo_cbExcnlBIa2nizWaNrhVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/hL_h0-AWXKXSjb28ENHgAyCiW0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51e59e-2cff-4765-b6a8-a113aca38183/1/tHaMo_cbExcnlBIa2nizWaNrhVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:8f0::/48
Signature Algorithm: sha256WithRSAEncryption
77:ea:54:74:0c:a2:19:52:b9:47:e8:8d:5a:25:45:47:c8:ca:
7e:c9:87:0c:12:e0:82:99:4f:c0:8f:2a:6f:7d:83:9b:57:84:
1f:1d:f0:89:24:23:df:74:33:2a:eb:5d:81:af:14:78:df:15:
5b:9b:6a:9f:f0:dd:95:e3:cb:26:fc:06:38:35:de:f8:a2:5d:
e0:b3:c5:09:85:4a:90:ee:4a:22:3f:45:eb:3a:0e:cd:7a:12:
e0:80:28:64:d0:14:0d:a1:97:98:fa:6c:0c:e7:11:cb:cf:d7:
b7:24:bb:71:32:c6:09:b8:84:d8:52:58:11:9c:88:45:df:21:
ad:ea:67:64:8d:db:bb:56:33:59:16:de:ad:22:12:5f:d1:00:
f3:5e:4a:9b:7d:8c:a1:d1:29:56:f5:ae:49:52:4d:51:97:93:
4e:b8:a6:53:5f:1b:bd:5f:67:dc:e9:04:c5:4a:02:10:c5:23:
e8:4f:f9:27:54:6b:11:b6:8e:1b:c4:7a:93:13:d1:fb:4e:33:
1e:6c:fd:44:0d:d2:22:7d:1a:73:0b:15:11:30:bc:d6:37:d3:
00:db:e3:98:82:e9:ce:73:a6:22:4d:9f:d2:4d:9c:81:fd:f0:
70:ba:e9:6b:c3:06:4d:59:ed:14:96:b7:a2:94:86:d1:67:24:
a0:e0:6a:52
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBWOkBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDc2OGNhM2Y3MWIxMzE3Mjc5NDEyMWFkYTc4YjM1OWEzNmI4NTVhMB4XDTIyMDEw
MTE0MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRiZmUxZDNlMDE2
NWNhNWQyOGRiZGJjMTBkMWUwMDMyMGEyNWI0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+zC1mUb+aiqiIMMPKJN7Y1A9cc+sU/dlRhLoFiVaO1CibO
dChbD+iFP0QFy0RJ8KYyOK64CR4+K0J5uNjf8nJxI1rs4z+yOxJWofp9TQWy8R9f
MYhF7N9DO9xiWlJBBaiIVPYClSk0nzWvdz8MvQ1nTL3xTTFtPEzg9UL25TOmXFz2
virwHixOcwkg6FUkZWlDAaq1uB9l8InK75BSnerKODhCnWSdeSwWbq4Psf6EplFD
Y32ih4O1eEgcZHZUY+xtlcFtShwkjZlRCTrkE/FCF6J4lGFPJrWN33d8X/XfriyR
Syrq9faXvtyVux7oqE4W3uUbJHVVlEN4C4q2p28CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSEv+HT4BZcpdKNvbwQ0eADIKJbSjAfBgNVHSMEGDAWgBS0doyj9xsTFyeU
EhraeLNZo2uFWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RIYU1vX2NiRXhjbmxCSWEybml6V2FOcmhWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNTFlNTllLTJjZmYtNDc2NS1iNmE4LWExMTNhY2EzODE4My8x
L2hMX2gwLUFXWEtYU2piMjhFTkhnQXlDaVcwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NTFlNTllLTJjZmYtNDc2NS1iNmE4LWExMTNhY2EzODE4My8xL3RIYU1vX2NiRXhj
bmxCSWEybml6V2FOcmhWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngI8DANBgkqhkiG9w0BAQsF
AAOCAQEAd+pUdAyiGVK5R+iNWiVFR8jKfsmHDBLggplPwI8qb32Dm1eEHx3wiSQj
33QzKutdga8UeN8VW5tqn/DdlePLJvwGODXe+KJd4LPFCYVKkO5KIj9F6zoOzXoS
4IAoZNAUDaGXmPpsDOcRy8/XtyS7cTLGCbiE2FJYEZyIRd8hrepnZI3bu1YzWRbe
rSISX9EA815Km32ModEpVvWuSVJNUZeTTrimU18bvV9n3OkExUoCEMUj6E/5J1Rr
EbaOG8R6kxPR+04zHmz9RA3SIn0acwsVETC81jfTANvjmILpznOmIk2f0k2cgf3w
cLrpa8MGTVntFJa3opSG0WckoOBqUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:10 2023 by rpki-client on console-fra.rpki-client.org