Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/PKcsAi5CQVRgsI5DpHXfjNFFn98.roa
File: PKcsAi5CQVRgsI5DpHXfjNFFn98.roa (raw, json)
Hash identifier: hNqBqJitEWzTGGT30CLcAwEhgmFlxVMMFbr7+o1wNpE=
Subject key identifier: 3C:A7:2C:02:2E:42:41:54:60:B0:8E:43:A4:75:DF:8C:D1:45:9F:DF
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018490BF70A3BF7FB6E60C1DDB5C3F8FBD6B
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/PKcsAi5CQVRgsI5DpHXfjNFFn98.roa
Signing time: Sat 19 Nov 2022 16:36:16 +0000
ROA not before: Sat 19 Nov 2022 16:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52042
IP address blocks: 2a13:3f81::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f82::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:90:bf:70:a3:bf:7f:b6:e6:0c:1d:db:5c:3f:8f:bd:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Nov 19 16:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ca72c022e42415460b08e43a475df8cd1459fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:26:15:3c:17:63:c9:43:5b:73:c5:9f:f0:51:
02:4f:ab:af:fb:b6:17:50:95:0e:55:a5:cc:62:e6:
b2:66:47:c8:b9:39:79:7c:7f:e3:13:19:3e:72:3a:
d3:ec:a6:0a:e0:20:3f:fd:65:52:b0:68:99:fb:13:
45:6c:b2:62:b4:5d:60:6a:80:cb:9e:1f:ed:4d:11:
68:98:ef:4f:b8:0a:3c:5a:a6:db:01:21:96:b8:cb:
a8:21:92:c3:5b:cb:5f:66:b4:c1:67:1e:6d:bc:f9:
02:12:0e:ed:b0:7a:87:b7:c9:0f:ec:42:a8:f6:8a:
9c:cb:52:44:27:83:e8:86:a5:27:9f:25:9b:9a:15:
ac:4f:f2:4d:16:2e:25:de:68:63:c1:62:e7:89:2c:
18:a3:94:04:99:e3:d4:0c:6a:58:4a:c6:a4:d4:b8:
d0:f9:86:98:15:68:85:ca:91:8a:bb:f2:a8:71:29:
cf:d4:73:c8:26:a9:fd:23:e1:ec:2e:d8:43:e9:dc:
ab:3b:a3:39:7f:6d:80:1b:6a:63:d5:9f:89:ad:1a:
3d:b7:21:9c:ba:c8:21:23:ba:22:c9:f9:bb:46:4f:
69:12:f7:3b:51:e2:18:6c:e3:e7:af:ee:1a:1b:1f:
23:c8:ff:49:0e:cc:a8:cd:32:26:25:e4:ce:3b:71:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A7:2C:02:2E:42:41:54:60:B0:8E:43:A4:75:DF:8C:D1:45:9F:DF
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/PKcsAi5CQVRgsI5DpHXfjNFFn98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3f81::-2a13:3f84:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:50:0b:d0:ce:6d:26:dd:40:c6:d6:04:2a:44:ec:1f:b8:8d:
d2:7e:96:29:4d:30:98:29:a4:72:83:ee:0e:1d:f1:be:82:28:
21:68:fe:e1:d9:45:0e:6d:25:da:b3:c9:34:3d:a2:4a:ae:ad:
ba:75:c0:c2:8e:92:b4:0d:aa:a3:82:15:df:85:7f:3d:47:e5:
44:fc:96:7c:ca:c7:6d:72:48:d4:47:67:b7:68:44:27:d8:ec:
ef:e8:ac:16:e5:9d:2c:85:c1:4d:10:8d:13:1b:15:e0:67:89:
9b:34:d0:e8:38:81:df:05:38:a2:b6:6e:6c:78:df:0b:36:66:
1c:fa:9e:29:74:3c:82:9b:76:e8:91:f3:af:95:cc:6d:cd:3a:
c9:ea:54:e3:a0:9d:df:dd:a9:35:36:3e:82:6d:8a:73:13:ac:
ac:69:c1:4b:c8:77:ff:14:40:9f:12:2c:e0:62:8c:f6:13:62:
bd:66:6f:4b:05:0e:94:08:4b:bf:6a:3b:21:2b:6d:73:f9:84:
37:b7:de:25:4e:3d:81:3d:26:ab:9f:2f:bd:12:0e:8e:28:43:
7d:e1:af:31:64:e8:63:dd:b7:0c:a2:8e:38:ce:45:8c:5e:c2:
17:23:ea:e9:e6:b0:8d:ca:73:4f:db:8b:26:eb:c9:2b:91:3d:
87:e7:b8:26
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYSQv3Cjv3+25gwd21w/j71rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjIxMTE5MTYzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E3MmMwMjJlNDI0MTU0NjBiMDhlNDNhNDc1ZGY4Y2QxNDU5ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiYVPBdjyUNbc8Wf8FECT6uv+7YX
UJUOVaXMYuayZkfIuTl5fH/jExk+cjrT7KYK4CA//WVSsGiZ+xNFbLJitF1gaoDL
nh/tTRFomO9PuAo8WqbbASGWuMuoIZLDW8tfZrTBZx5tvPkCEg7tsHqHt8kP7EKo
9oqcy1JEJ4PohqUnnyWbmhWsT/JNFi4l3mhjwWLniSwYo5QEmePUDGpYSsak1LjQ
+YaYFWiFypGKu/KocSnP1HPIJqn9I+HsLthD6dyrO6M5f22AG2pj1Z+JrRo9tyGc
usghI7oiyfm7Rk9pEvc7UeIYbOPnr+4aGx8jyP9JDsyozTImJeTOO3EXJwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDynLAIuQkFUYLCOQ6R134zRRZ/fMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvUEtjc0FpNUNRVlJnc0k1RHBIWGZqTkZGbjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEz+B
AwUAKhM/hDANBgkqhkiG9w0BAQsFAAOCAQEAmFAL0M5tJt1AxtYEKkTsH7iN0n6W
KU0wmCmkcoPuDh3xvoIoIWj+4dlFDm0l2rPJND2iSq6tunXAwo6StA2qo4IV34V/
PUflRPyWfMrHbXJI1Ednt2hEJ9js7+isFuWdLIXBTRCNExsV4GeJmzTQ6DiB3wU4
orZubHjfCzZmHPqeKXQ8gpt26JHzr5XMbc06yepU46Cd392pNTY+gm2KcxOsrGnB
S8h3/xRAnxIs4GKM9hNivWZvSwUOlAhLv2o7ISttc/mEN7feJU49gT0mq58vvRIO
jihDfeGvMWToY923DKKOOM5FjF7CFyPq6eawjcpzT9uLJuvJK5E9h+e4Jg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:12 2023 by rpki-client on console-ams.rpki-client.org