Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/qS3l3lbl39YYle9fcrZsKVv0Qr0.roa
File: qS3l3lbl39YYle9fcrZsKVv0Qr0.roa (raw, json)
Hash identifier: I9X/AVRWz3RIyo0/n4UENO4OCcJbFpDpeg15Hwkw6OY=
Subject key identifier: A9:2D:E5:DE:56:E5:DF:D6:18:95:EF:5F:72:B6:6C:29:5B:F4:42:BD
Certificate issuer: /CN=a3f0099ad86dd8434e52f8c6fddeeb2c3ed6c6ca
Certificate serial: 01837A39C0D4EE6251B791462A48FEDA1DF0
Authority key identifier: A3:F0:09:9A:D8:6D:D8:43:4E:52:F8:C6:FD:DE:EB:2C:3E:D6:C6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_AJmtht2ENOUvjG_d7rLD7Wxso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/qS3l3lbl39YYle9fcrZsKVv0Qr0.roa
Signing time: Mon 26 Sep 2022 14:35:48 +0000
ROA not before: Mon 26 Sep 2022 14:35:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202728
IP address blocks: 2001:67c:a7c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:39:c0:d4:ee:62:51:b7:91:46:2a:48:fe:da:1d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3f0099ad86dd8434e52f8c6fddeeb2c3ed6c6ca
Validity
Not Before: Sep 26 14:35:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a92de5de56e5dfd61895ef5f72b66c295bf442bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3a:61:aa:3e:64:88:59:bb:a7:83:93:d8:9c:
ab:bb:9d:20:62:77:9e:b7:a3:9c:dc:6f:ff:84:7a:
22:8b:6c:0b:41:05:17:fe:d8:77:16:94:59:43:74:
e5:a0:b5:7b:f3:b1:ca:3c:10:ec:4b:ab:e6:38:ce:
ed:24:0e:df:3c:62:b7:92:6c:b7:eb:1b:45:f2:28:
3a:a2:42:8e:48:a3:5a:71:7d:72:d5:17:47:42:ef:
62:22:79:5e:6a:5c:20:d3:12:17:0e:c7:1b:b9:f6:
82:44:69:28:48:25:1f:80:c0:0f:b9:60:55:6d:f4:
bf:a5:e4:bc:f5:3b:b8:8e:83:25:b4:79:00:36:11:
ad:8d:56:26:1f:eb:f7:75:8e:71:0c:00:d6:2d:4d:
dc:09:bc:7d:6b:1f:b6:a3:54:d7:bf:1e:64:7f:e7:
e1:cc:c3:ec:7b:3a:ff:cd:d5:ad:0c:48:08:be:f5:
b5:de:01:a1:d7:e8:ed:3a:78:ee:c4:aa:14:a3:10:
db:60:12:7d:c1:1d:be:d7:74:a5:78:1f:46:4d:97:
65:3c:54:e2:5a:26:19:69:56:a4:be:a0:c6:97:d2:
ee:33:a8:e9:f0:fe:ad:5a:c6:a4:09:5e:ce:2c:2a:
3b:a7:17:75:4e:87:ce:ac:f1:0c:9b:c1:f5:47:29:
96:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2D:E5:DE:56:E5:DF:D6:18:95:EF:5F:72:B6:6C:29:5B:F4:42:BD
X509v3 Authority Key Identifier:
keyid:A3:F0:09:9A:D8:6D:D8:43:4E:52:F8:C6:FD:DE:EB:2C:3E:D6:C6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_AJmtht2ENOUvjG_d7rLD7Wxso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/qS3l3lbl39YYle9fcrZsKVv0Qr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/o_AJmtht2ENOUvjG_d7rLD7Wxso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a7c::/48
Signature Algorithm: sha256WithRSAEncryption
22:60:b5:3a:c5:35:83:68:7a:d1:d8:25:d3:5e:b5:f6:27:fb:
9a:c3:54:30:7e:d3:2b:fb:e3:36:21:2e:68:eb:21:2d:66:69:
ea:3c:63:a9:88:16:6d:1d:0c:5c:ad:00:33:5d:38:c8:99:bb:
80:8a:53:5b:df:10:b4:f1:34:57:be:1a:c1:a9:54:be:8d:36:
77:4d:f5:84:bb:73:ea:9a:31:96:17:4d:57:ab:f9:3d:1e:95:
ff:92:5a:56:f2:f0:4c:df:6d:3c:d2:8e:c5:2f:12:9a:de:0f:
9d:77:1f:c5:ec:27:3c:e1:d4:d4:d2:bc:d4:32:19:50:68:09:
f0:c2:f4:30:a8:5a:63:a4:ec:38:01:dc:41:18:c8:a1:86:5c:
5d:22:24:1c:1f:87:86:f3:94:3f:56:86:81:16:fb:40:b7:64:
52:bc:d5:82:ff:9c:2e:42:65:61:4b:f4:fc:cc:80:6c:90:08:
ae:29:68:42:0d:0f:90:a9:14:ca:50:8d:5f:b9:9d:77:4d:0a:
34:02:8a:e5:c1:3a:1e:10:52:1b:b7:d9:af:df:6d:1f:66:e5:
c7:93:ee:d6:03:15:9e:db:be:92:fb:6b:38:05:47:af:7e:1c:
e9:84:46:cc:fb:61:15:4a:ea:b8:bd:e0:b1:1e:29:7f:ea:29:
98:f5:7d:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYN6OcDU7mJRt5FGKkj+2h3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjAwOTlhZDg2ZGQ4NDM0ZTUyZjhjNmZkZGVlYjJjM2Vk
NmM2Y2EwHhcNMjIwOTI2MTQzNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJkZTVkZTU2ZTVkZmQ2MTg5NWVmNWY3MmI2NmMyOTViZjQ0MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzphqj5kiFm7p4OT2Jyru50gYnee
t6Oc3G//hHoii2wLQQUX/th3FpRZQ3TloLV787HKPBDsS6vmOM7tJA7fPGK3kmy3
6xtF8ig6okKOSKNacX1y1RdHQu9iInlealwg0xIXDscbufaCRGkoSCUfgMAPuWBV
bfS/peS89Tu4joMltHkANhGtjVYmH+v3dY5xDADWLU3cCbx9ax+2o1TXvx5kf+fh
zMPsezr/zdWtDEgIvvW13gGh1+jtOnjuxKoUoxDbYBJ9wR2+13SleB9GTZdlPFTi
WiYZaVakvqDGl9LuM6jp8P6tWsakCV7OLCo7pxd1TofOrPEMm8H1RymWwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKkt5d5W5d/WGJXvX3K2bClb9EK9MB8GA1UdIwQY
MBaAFKPwCZrYbdhDTlL4xv3e6yw+1sbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19BSm10aHQyRU5PVXZqR19kN3JMRDdXeHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jY2UwMTItMmNiOS00YmU2LWExYjYt
ZDUxNjdlNjc1NmI2LzEvcVMzbDNsYmwzOVlZbGU5ZmNyWnNLVnYwUXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jY2UwMTItMmNiOS00YmU2LWExYjYtZDUxNjdlNjc1NmI2
LzEvb19BSm10aHQyRU5PVXZqR19kN3JMRDdXeHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAp8
MA0GCSqGSIb3DQEBCwUAA4IBAQAiYLU6xTWDaHrR2CXTXrX2J/uaw1QwftMr++M2
IS5o6yEtZmnqPGOpiBZtHQxcrQAzXTjImbuAilNb3xC08TRXvhrBqVS+jTZ3TfWE
u3PqmjGWF01Xq/k9HpX/klpW8vBM32080o7FLxKa3g+ddx/F7Cc84dTU0rzUMhlQ
aAnwwvQwqFpjpOw4AdxBGMihhlxdIiQcH4eG85Q/VoaBFvtAt2RSvNWC/5wuQmVh
S/T8zIBskAiuKWhCDQ+QqRTKUI1fuZ13TQo0AorlwToeEFIbt9mv320fZuXHk+7W
AxWe276S+2s4BUevfhzphEbM+2EVSuq4veCxHil/6imY9X1j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:51 2024 by rpki-client on console-ams.rpki-client.org