Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s5JtyssjfG3bxXeSmH0q0MqAcCA.roa
File: s5JtyssjfG3bxXeSmH0q0MqAcCA.roa (raw, json)
Hash identifier: kqbH8B8inlsnIxdL8MUoJxtLXaQ4j3Ty4sY17PvxWAk=
Subject key identifier: B3:92:6D:CA:CB:23:7C:6D:DB:C5:77:92:98:7D:2A:D0:CA:80:70:20
Certificate issuer: /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial: 032C0F3E
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s5JtyssjfG3bxXeSmH0q0MqAcCA.roa
Signing time: Sat 01 Jan 2022 13:07:47 +0000
ROA not before: Sat 01 Jan 2022 13:07:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50716
IP address blocks: 2a00:d8c0:100::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53219134 (0x32c0f3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Validity
Not Before: Jan 1 13:07:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3926dcacb237c6ddbc57792987d2ad0ca807020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:d4:b5:88:00:5e:6b:3d:1c:13:31:3b:05:
18:30:e9:af:14:1c:b4:85:6d:f8:5f:27:fb:a5:7f:
5f:8b:3f:8f:43:50:34:e1:cf:22:cb:f5:43:ff:d9:
91:ee:63:98:af:0f:92:61:83:66:eb:e5:c9:e2:10:
83:47:bf:b8:17:d4:d4:f8:db:30:bb:c9:4b:be:51:
c3:2b:2d:e3:1b:55:68:86:1d:fd:bc:5d:f3:7d:25:
99:af:eb:ef:3f:06:9e:6d:9a:98:0b:ca:ea:01:28:
14:0c:c0:ca:ec:97:b4:33:c0:3f:2f:60:fd:e1:b3:
26:f0:d6:29:38:e9:b7:95:ba:2b:84:06:8a:34:06:
38:44:e7:2c:2f:06:c4:6d:f5:8f:28:9f:7c:86:03:
8f:f6:c8:ef:99:c9:67:bf:a7:ae:79:ca:57:2c:ff:
de:b0:7a:ef:29:93:17:fb:86:a0:e2:40:81:92:5e:
a9:ff:ab:13:17:0b:82:df:e4:65:4b:ce:a9:74:9e:
1d:6a:7a:9a:ef:79:db:96:25:2c:d2:6f:45:a2:df:
65:86:2f:23:c0:dd:7d:bd:3c:0a:be:99:ca:aa:51:
b7:83:95:a7:53:2f:55:bd:b8:e1:1a:c5:0d:61:79:
5c:66:87:2f:d1:c4:d4:69:f2:e3:c7:04:a5:9b:c1:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:92:6D:CA:CB:23:7C:6D:DB:C5:77:92:98:7D:2A:D0:CA:80:70:20
X509v3 Authority Key Identifier:
keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s5JtyssjfG3bxXeSmH0q0MqAcCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:d8c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
ac:77:19:2b:55:4b:78:4f:54:2a:5a:f7:a9:3e:79:5d:7e:30:
ee:77:af:53:cf:50:80:f9:a4:30:aa:87:7f:2d:de:bc:61:ba:
e6:70:8e:e0:0e:83:14:ef:c9:87:86:c5:84:ec:ad:dc:c2:b2:
18:a9:5e:c7:b3:3c:db:50:54:67:64:71:ba:49:15:3a:1a:a9:
f3:cb:37:63:45:0a:34:91:b9:be:7a:21:df:44:1d:30:41:9c:
4e:91:08:af:e3:29:ff:98:e8:99:2a:a9:14:30:4e:c4:19:84:
81:17:9f:4b:9b:9f:b0:ed:c0:c7:bf:53:f5:49:a0:ce:ef:a5:
61:5d:f0:e9:86:d7:74:55:60:00:be:8a:c0:c8:8f:cd:2d:ea:
1d:9a:61:ce:da:0b:ea:10:48:50:0c:5f:34:2a:97:fd:61:24:
3c:7b:08:b8:34:d3:76:2c:b2:97:33:a4:e4:b9:d5:b3:3c:aa:
72:0d:b6:e4:1f:52:78:b4:e1:3b:bc:75:07:9c:5c:3a:22:ad:
85:2c:0e:41:45:65:1f:00:80:d5:b6:b7:ee:b4:7b:36:b5:64:
4f:86:1d:bc:18:a1:ae:35:73:79:83:a3:cf:5e:ad:90:00:42:
2b:b5:7d:c3:de:df:a8:48:91:30:c2:6b:38:5b:f0:40:fb:4f:
1b:c9:e1:2b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAywPPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTQwYjY5NGJiYTA5NTM0NGU0YmRiOTlmNTFlMWYxMDIzYmU1N2NlMB4XDTIyMDEw
MTEzMDc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM5MjZkY2FjYjIz
N2M2ZGRiYzU3NzkyOTg3ZDJhZDBjYTgwNzAyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO21LWIAF5rPRwTMTsFGDDprxQctIVt+F8n+6V/X4s/j0NQ
NOHPIsv1Q//Zke5jmK8PkmGDZuvlyeIQg0e/uBfU1PjbMLvJS75Rwyst4xtVaIYd
/bxd830lma/r7z8Gnm2amAvK6gEoFAzAyuyXtDPAPy9g/eGzJvDWKTjpt5W6K4QG
ijQGOETnLC8GxG31jyiffIYDj/bI75nJZ7+nrnnKVyz/3rB67ymTF/uGoOJAgZJe
qf+rExcLgt/kZUvOqXSeHWp6mu9525YlLNJvRaLfZYYvI8Ddfb08Cr6ZyqpRt4OV
p1MvVb244RrFDWF5XGaHL9HE1Gny48cEpZvBB8cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSzkm3KyyN8bdvFd5KYfSrQyoBwIDAfBgNVHSMEGDAWgBQpQLaUu6CVNE5L
25n1Hh8QI75XzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tVQzJsTHVnbFRST1M5dVo5UjRmRUNPLVY4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8x
L3M1SnR5c3NqZkczYnhYZVNtSDBxME1xQWNDQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8xL0tVQzJsTHVnbFRS
T1M5dVo5UjRmRUNPLVY4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA2MABADANBgkqhkiG9w0BAQsF
AAOCAQEArHcZK1VLeE9UKlr3qT55XX4w7nevU89QgPmkMKqHfy3evGG65nCO4A6D
FO/Jh4bFhOyt3MKyGKlex7M821BUZ2RxukkVOhqp88s3Y0UKNJG5vnoh30QdMEGc
TpEIr+Mp/5jomSqpFDBOxBmEgRefS5ufsO3Ax79T9Umgzu+lYV3w6YbXdFVgAL6K
wMiPzS3qHZphztoL6hBIUAxfNCqX/WEkPHsIuDTTdiyylzOk5LnVszyqcg225B9S
eLThO7x1B5xcOiKthSwOQUVlHwCA1ba37rR7NrVkT4YdvBihrjVzeYOjz16tkABC
K7V9w97fqEiRMMJrOFvwQPtPG8nhKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org