Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/fae1c1-aa18-46aa-83a7-8d1c9d1192b0/1/9l9ZmK1fdhCGI4-SBpzbSgw0KnA.roa
File: 9l9ZmK1fdhCGI4-SBpzbSgw0KnA.roa (raw, json)
Hash identifier: Fc9ZDmD5FRFft5X4b463JsVtQThMR1PbrPnF3Ogm5+o=
Subject key identifier: F6:5F:59:98:AD:5F:76:10:86:23:8F:92:06:9C:DB:4A:0C:34:2A:70
Certificate issuer: /CN=0df6e633067c066ae9bef1d3771cc300e4b4d1a7
Certificate serial: 1812ED5D
Authority key identifier: 0D:F6:E6:33:06:7C:06:6A:E9:BE:F1:D3:77:1C:C3:00:E4:B4:D1:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DfbmMwZ8BmrpvvHTdxzDAOS00ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/fae1c1-aa18-46aa-83a7-8d1c9d1192b0/1/9l9ZmK1fdhCGI4-SBpzbSgw0KnA.roa
Signing time: Sat 01 Jan 2022 11:03:32 +0000
ROA not before: Sat 01 Jan 2022 11:03:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30887
IP address blocks: 2001:67c:4d4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403893597 (0x1812ed5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0df6e633067c066ae9bef1d3771cc300e4b4d1a7
Validity
Not Before: Jan 1 11:03:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f65f5998ad5f761086238f92069cdb4a0c342a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1e:69:c7:02:07:6e:5f:07:fe:99:e9:78:ae:
1d:2d:67:e4:8e:e8:be:e7:d3:71:c4:60:41:74:10:
7b:3c:67:5b:7e:0e:f1:a2:3f:6d:de:9c:79:5e:c4:
17:f8:49:33:ae:6a:37:01:40:f0:b4:2d:89:39:8b:
38:c8:67:ed:dc:18:a9:84:07:7d:e2:d2:ff:62:fd:
e4:d0:b6:d3:0d:b5:c2:c6:8e:3a:18:7d:d6:8c:ed:
a7:74:ec:2e:cb:ce:54:82:1d:70:13:9b:cf:2d:4f:
83:c8:eb:57:b0:a3:5c:59:2a:3c:3e:a8:e6:ef:4a:
58:9c:15:ee:c7:b8:bb:47:cb:55:34:47:4e:95:61:
57:e7:32:5e:a6:e8:00:88:84:64:1f:ec:0c:89:d7:
60:2e:05:4d:53:de:13:a6:0f:33:de:7e:46:3e:f9:
c0:dd:35:17:9d:24:eb:ed:9e:e8:d8:62:db:14:2f:
62:57:04:61:90:38:e9:7f:d3:da:80:3f:dd:47:51:
3a:b4:ed:dd:49:1e:d0:71:ff:91:02:8d:47:bb:6e:
f1:3a:9d:81:7e:0c:d3:aa:87:5e:3a:a5:59:ab:2a:
58:70:28:90:13:22:05:11:ea:4d:b6:e2:69:08:51:
b4:eb:a8:84:41:f0:9e:7f:16:c5:2f:ee:59:98:f6:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:59:98:AD:5F:76:10:86:23:8F:92:06:9C:DB:4A:0C:34:2A:70
X509v3 Authority Key Identifier:
keyid:0D:F6:E6:33:06:7C:06:6A:E9:BE:F1:D3:77:1C:C3:00:E4:B4:D1:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DfbmMwZ8BmrpvvHTdxzDAOS00ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fae1c1-aa18-46aa-83a7-8d1c9d1192b0/1/9l9ZmK1fdhCGI4-SBpzbSgw0KnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fae1c1-aa18-46aa-83a7-8d1c9d1192b0/1/DfbmMwZ8BmrpvvHTdxzDAOS00ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:4d4::/48
Signature Algorithm: sha256WithRSAEncryption
72:01:53:f3:5a:c7:8a:f5:f9:ef:55:0f:e4:32:e7:af:e6:d1:
18:ae:7a:34:ee:99:2d:b6:cb:ad:b1:d9:84:65:2e:af:76:e1:
69:b4:c0:5c:05:bc:d5:80:2a:3e:a4:7c:9f:e1:a9:cd:70:82:
f8:ab:3a:7d:e6:fc:7c:95:b1:90:5f:53:27:25:8b:d6:df:43:
ec:90:80:e0:ef:4b:de:e7:2b:1f:af:0c:2f:36:42:46:6d:6d:
92:9c:be:de:97:fc:30:df:f2:33:81:6b:57:c2:1b:16:6e:53:
b4:40:b8:e0:ff:e9:bc:b5:eb:1c:e1:c6:31:ad:de:eb:12:fb:
76:99:a5:4e:48:48:05:05:9c:f8:0f:7f:43:f2:98:49:f9:4d:
d9:41:86:c9:50:d3:9a:9f:2d:21:67:e0:a7:6e:f3:be:80:a9:
0b:e1:69:03:df:75:9a:0d:2b:e5:83:01:14:76:f3:e1:a9:c6:
21:99:e0:d1:52:83:d7:d4:08:71:47:e9:e6:dc:be:7d:c7:fd:
74:55:e0:42:d1:a1:71:3b:f2:38:f5:45:3d:03:00:65:53:c7:
a7:87:7e:5d:87:78:6e:3a:8e:aa:87:82:0f:7c:d4:c0:7c:9d:
66:cd:3c:aa:8e:2c:bc:fe:6b:fe:cf:4d:7f:57:6b:a4:90:cc:
ee:f1:4a:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGBLtXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGY2ZTYzMzA2N2MwNjZhZTliZWYxZDM3NzFjYzMwMGU0YjRkMWE3MB4XDTIyMDEw
MTExMDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY1ZjU5OThhZDVm
NzYxMDg2MjM4ZjkyMDY5Y2RiNGEwYzM0MmE3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEeaccCB25fB/6Z6XiuHS1n5I7ovufTccRgQXQQezxnW34O
8aI/bd6ceV7EF/hJM65qNwFA8LQtiTmLOMhn7dwYqYQHfeLS/2L95NC20w21wsaO
Ohh91oztp3TsLsvOVIIdcBObzy1Pg8jrV7CjXFkqPD6o5u9KWJwV7se4u0fLVTRH
TpVhV+cyXqboAIiEZB/sDInXYC4FTVPeE6YPM95+Rj75wN01F50k6+2e6Nhi2xQv
YlcEYZA46X/T2oA/3UdROrTt3Uke0HH/kQKNR7tu8TqdgX4M06qHXjqlWasqWHAo
kBMiBRHqTbbiaQhRtOuohEHwnn8WxS/uWZj2yWkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT2X1mYrV92EIYjj5IGnNtKDDQqcDAfBgNVHSMEGDAWgBQN9uYzBnwGaum+
8dN3HMMA5LTRpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RmYm1Nd1o4Qm1ycHZ2SFRkeHpEQU9TMDBhYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZmFlMWMxLWFhMTgtNDZhYS04M2E3LThkMWM5ZDExOTJiMC8x
LzlsOVptSzFmZGhDR0k0LVNCcHpiU2d3MEtuQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZmFlMWMxLWFhMTgtNDZhYS04M2E3LThkMWM5ZDExOTJiMC8xL0RmYm1Nd1o4Qm1y
cHZ2SFRkeHpEQU9TMDBhYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwE1DANBgkqhkiG9w0BAQsF
AAOCAQEAcgFT81rHivX571UP5DLnr+bRGK56NO6ZLbbLrbHZhGUur3bhabTAXAW8
1YAqPqR8n+GpzXCC+Ks6feb8fJWxkF9TJyWL1t9D7JCA4O9L3ucrH68MLzZCRm1t
kpy+3pf8MN/yM4FrV8IbFm5TtEC44P/pvLXrHOHGMa3e6xL7dpmlTkhIBQWc+A9/
Q/KYSflN2UGGyVDTmp8tIWfgp27zvoCpC+FpA991mg0r5YMBFHbz4anGIZng0VKD
19QIcUfp5ty+fcf9dFXgQtGhcTvyOPVFPQMAZVPHp4d+XYd4bjqOqoeCD3zUwHyd
Zs08qo4svP5r/s9Nf1drpJDM7vFKPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org