Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/3c4b53-eca3-4599-9d94-d71fc90c7b16/1/xmyLfeDE8UgS2wBqebgF9Hk9-NU.roa
File: xmyLfeDE8UgS2wBqebgF9Hk9-NU.roa (raw, json)
Hash identifier: k/jzJ0ZEoNVvMGxmUtBsxb3avajREiSB3vu0Id7wiVY=
Subject key identifier: C6:6C:8B:7D:E0:C4:F1:48:12:DB:00:6A:79:B8:05:F4:79:3D:F8:D5
Certificate issuer: /CN=1fb5c1bbaed44c8b6ae3f2b566d01cc258dfc2ce
Certificate serial: 0277AA0B
Authority key identifier: 1F:B5:C1:BB:AE:D4:4C:8B:6A:E3:F2:B5:66:D0:1C:C2:58:DF:C2:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H7XBu67UTItq4_K1ZtAcwljfws4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/3c4b53-eca3-4599-9d94-d71fc90c7b16/1/xmyLfeDE8UgS2wBqebgF9Hk9-NU.roa
Signing time: Sat 01 Jan 2022 10:04:30 +0000
ROA not before: Sat 01 Jan 2022 10:04:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211638
IP address blocks: 2001:678:f0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41396747 (0x277aa0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fb5c1bbaed44c8b6ae3f2b566d01cc258dfc2ce
Validity
Not Before: Jan 1 10:04:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c66c8b7de0c4f14812db006a79b805f4793df8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:44:5a:dd:52:b1:a0:cf:ed:7f:f5:67:b1:
44:10:5f:5d:8d:cc:27:5e:1d:ff:61:d8:11:d1:80:
0b:4d:28:2f:78:e2:1c:a1:b9:32:10:68:e9:b2:a5:
60:5d:c8:97:b0:ee:cd:09:57:48:ed:06:cf:82:83:
c2:50:1b:d8:74:f3:f0:9d:0e:54:69:76:ae:5a:04:
29:55:6c:31:0c:e2:bd:7f:7c:6a:ef:a9:8b:b4:5a:
d2:07:e8:86:01:eb:63:93:b7:3a:23:91:19:2c:8e:
74:b8:0d:92:11:ff:59:6f:f9:b2:38:61:73:df:23:
0f:c1:1c:d4:42:c4:d9:26:28:45:0f:69:51:af:75:
54:4a:14:46:c0:da:c6:36:ee:7d:fe:ea:08:03:37:
68:93:74:8d:67:d8:04:3d:47:df:22:ec:32:6f:71:
9b:b6:e8:6e:76:d9:9d:83:c7:2c:42:eb:79:b9:7a:
00:99:ca:8a:9d:7f:80:73:b0:60:b5:cf:e8:0b:2d:
fb:fa:03:09:40:b6:5a:23:ea:2f:2d:fd:18:13:13:
77:8b:9d:05:94:19:80:2e:63:70:c8:c5:33:0f:2a:
1a:7d:92:13:ce:d5:81:b2:cf:79:2f:e5:cf:87:9e:
52:65:ee:30:5b:e2:74:dc:7c:f7:ef:51:c3:11:6b:
20:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6C:8B:7D:E0:C4:F1:48:12:DB:00:6A:79:B8:05:F4:79:3D:F8:D5
X509v3 Authority Key Identifier:
keyid:1F:B5:C1:BB:AE:D4:4C:8B:6A:E3:F2:B5:66:D0:1C:C2:58:DF:C2:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7XBu67UTItq4_K1ZtAcwljfws4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3c4b53-eca3-4599-9d94-d71fc90c7b16/1/xmyLfeDE8UgS2wBqebgF9Hk9-NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3c4b53-eca3-4599-9d94-d71fc90c7b16/1/H7XBu67UTItq4_K1ZtAcwljfws4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f0c::/48
Signature Algorithm: sha256WithRSAEncryption
17:14:f6:4c:d1:be:a4:23:f1:95:6b:f8:70:e6:35:c7:69:bb:
23:e2:70:25:c1:20:6b:e4:ae:b4:ac:ce:e2:86:fb:3e:27:ef:
d2:c7:94:cd:e9:56:c9:87:9f:e9:58:6e:9e:66:df:15:60:4d:
38:16:d4:e8:c6:9e:19:fb:ce:1b:ec:bc:5c:2b:2c:14:8b:e3:
10:0e:d5:af:c3:13:48:70:9c:41:6e:45:6f:0c:64:06:30:8d:
dd:ba:79:89:0f:c0:96:c7:34:55:98:6d:c5:51:72:eb:26:24:
34:a0:e4:76:52:15:8a:6a:90:6f:1d:91:7a:16:9f:8d:ba:c6:
b9:20:10:0a:76:58:f8:99:6a:a8:82:94:d3:84:cb:99:86:71:
41:3b:de:01:dc:ce:95:28:28:bf:2d:15:e8:fc:16:c0:2d:54:
d9:83:5a:aa:bc:44:a4:7d:65:80:33:3e:9f:63:33:51:c3:99:
16:9c:f7:a1:06:23:10:c4:a2:51:65:8f:5b:46:c8:ca:38:a0:
77:50:b5:5b:85:5b:56:2f:17:2a:9f:d8:85:a0:1a:23:b8:1e:
74:35:10:12:6c:b2:04:85:a8:58:37:ab:06:59:d8:5a:40:8c:
fc:45:aa:6b:50:b3:de:05:8f:18:19:b0:78:83:1c:c1:2b:b4:
d4:77:75:b5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAneqCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmI1YzFiYmFlZDQ0YzhiNmFlM2YyYjU2NmQwMWNjMjU4ZGZjMmNlMB4XDTIyMDEw
MTEwMDQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY2YzhiN2RlMGM0
ZjE0ODEyZGIwMDZhNzliODA1ZjQ3OTNkZjhkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJX2RFrdUrGgz+1/9WexRBBfXY3MJ14d/2HYEdGAC00oL3ji
HKG5MhBo6bKlYF3Il7DuzQlXSO0Gz4KDwlAb2HTz8J0OVGl2rloEKVVsMQzivX98
au+pi7Ra0gfohgHrY5O3OiORGSyOdLgNkhH/WW/5sjhhc98jD8Ec1ELE2SYoRQ9p
Ua91VEoURsDaxjbuff7qCAM3aJN0jWfYBD1H3yLsMm9xm7bobnbZnYPHLELrebl6
AJnKip1/gHOwYLXP6Ast+/oDCUC2WiPqLy39GBMTd4udBZQZgC5jcMjFMw8qGn2S
E87VgbLPeS/lz4eeUmXuMFvidNx89+9RwxFrIKMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTGbIt94MTxSBLbAGp5uAX0eT341TAfBgNVHSMEGDAWgBQftcG7rtRMi2rj
8rVm0BzCWN/CzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g3WEJ1NjdVVEl0cTRfSzFadEFjd2xqZndzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvM2M0YjUzLWVjYTMtNDU5OS05ZDk0LWQ3MWZjOTBjN2IxNi8x
L3hteUxmZURFOFVnUzJ3QnFlYmdGOUhrOS1OVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
M2M0YjUzLWVjYTMtNDU5OS05ZDk0LWQ3MWZjOTBjN2IxNi8xL0g3WEJ1NjdVVEl0
cTRfSzFadEFjd2xqZndzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngPDDANBgkqhkiG9w0BAQsF
AAOCAQEAFxT2TNG+pCPxlWv4cOY1x2m7I+JwJcEga+SutKzO4ob7Pifv0seUzelW
yYef6VhunmbfFWBNOBbU6MaeGfvOG+y8XCssFIvjEA7Vr8MTSHCcQW5FbwxkBjCN
3bp5iQ/Alsc0VZhtxVFy6yYkNKDkdlIVimqQbx2RehafjbrGuSAQCnZY+JlqqIKU
04TLmYZxQTveAdzOlSgovy0V6PwWwC1U2YNaqrxEpH1lgDM+n2MzUcOZFpz3oQYj
EMSiUWWPW0bIyjigd1C1W4VbVi8XKp/YhaAaI7gedDUQEmyyBIWoWDerBlnYWkCM
/EWqa1Cz3gWPGBmweIMcwSu01Hd1tQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:34 2023 by rpki-client on console-ams.rpki-client.org