Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Cj-7EN4N8ShzSfQtRotL-xkreqg.roa
File: Cj-7EN4N8ShzSfQtRotL-xkreqg.roa (raw, json)
Hash identifier: QhN+usBfORFgQ0R62GCeu8yrSo3O1TVDtRUaY5r9JTU=
Subject key identifier: 0A:3F:BB:10:DE:0D:F1:28:73:49:F4:2D:46:8B:4B:FB:19:2B:7A:A8
Certificate issuer: /CN=43c77b47363681378face466141d54cc88399cf5
Certificate serial: 08867E00
Authority key identifier: 43:C7:7B:47:36:36:81:37:8F:AC:E4:66:14:1D:54:CC:88:39:9C:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8d7RzY2gTePrORmFB1UzIg5nPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Cj-7EN4N8ShzSfQtRotL-xkreqg.roa
Signing time: Sat 01 Jan 2022 02:59:58 +0000
ROA not before: Sat 01 Jan 2022 02:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200924
IP address blocks: 2001:678:a7c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143031808 (0x8867e00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c77b47363681378face466141d54cc88399cf5
Validity
Not Before: Jan 1 02:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a3fbb10de0df1287349f42d468b4bfb192b7aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:04:f4:80:93:ae:aa:38:50:e3:95:51:c5:e5:
38:e4:ad:00:72:1f:eb:36:ef:69:bb:47:fe:72:b5:
89:5d:1c:47:b5:39:84:3c:40:08:63:e1:99:a6:1a:
e7:4f:63:a2:0d:a6:1b:0d:0e:c8:0c:81:56:4a:2a:
ab:ef:df:27:8e:af:4a:e2:c6:33:8f:d9:94:e0:41:
71:96:24:d1:06:15:24:20:d8:e6:66:e6:c4:ea:93:
a7:82:36:04:00:a8:1b:83:b1:82:75:8e:51:fa:cb:
e2:c1:20:39:19:20:3f:47:8a:4c:e3:c4:8f:e2:bc:
af:83:b1:47:a9:8e:36:e2:1b:fb:54:e5:da:ba:25:
da:3d:37:5d:cd:a3:40:aa:88:7d:83:18:73:29:c2:
6a:d2:89:3a:17:47:0a:4f:a4:6f:f0:74:b4:a0:5e:
57:05:6a:81:58:b7:9d:b1:ed:90:5a:68:8d:ee:47:
38:20:45:59:5a:8c:19:65:b2:f2:ab:9d:81:02:69:
75:4b:79:3f:a9:f1:04:c9:08:9e:6c:f7:d7:87:d4:
26:7c:67:49:b6:02:f4:95:93:30:ce:5e:29:fe:c0:
0c:20:ce:fe:b3:be:56:9b:a0:b5:b5:9e:26:d9:59:
ef:1f:4e:80:2b:d5:d6:dd:5c:7e:3a:2e:51:76:18:
aa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3F:BB:10:DE:0D:F1:28:73:49:F4:2D:46:8B:4B:FB:19:2B:7A:A8
X509v3 Authority Key Identifier:
keyid:43:C7:7B:47:36:36:81:37:8F:AC:E4:66:14:1D:54:CC:88:39:9C:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8d7RzY2gTePrORmFB1UzIg5nPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Cj-7EN4N8ShzSfQtRotL-xkreqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a7c::/48
Signature Algorithm: sha256WithRSAEncryption
93:75:78:b9:9d:9d:90:ba:60:6b:cd:a0:3f:64:94:48:0b:d8:
ba:45:1c:4c:3f:76:b7:f6:a3:7c:29:b7:fc:d9:58:7e:9c:7d:
77:29:82:24:8a:cb:26:f2:0b:40:c8:ef:8d:12:6e:e1:cf:e1:
e8:ff:99:6b:ee:75:d9:74:dc:a9:81:1f:3c:c1:9b:6e:47:e6:
ff:6c:ba:d8:01:e9:0e:f7:b5:11:69:03:4d:94:a1:04:41:0d:
26:6c:bd:09:b7:d8:c7:36:89:a4:3c:20:30:8a:f1:a8:1f:88:
82:15:ad:60:94:70:21:ee:1c:70:19:57:5d:10:a8:8c:68:bb:
33:31:22:81:5f:49:69:7c:59:a7:10:99:69:3e:08:2e:51:9a:
63:0e:60:d0:78:d6:5d:92:4e:5f:86:1a:3a:b9:9a:e5:f6:8f:
5d:af:ad:70:c0:e3:97:2c:4a:3f:7d:68:c0:97:64:c2:e7:b2:
06:98:61:3b:83:0e:08:44:ed:0d:26:64:ad:9d:41:2d:86:e7:
7c:77:9f:3a:10:d0:65:e6:d2:83:3f:2a:73:0a:8c:57:64:2b:
c3:96:3b:c3:e0:8c:07:eb:44:8f:a9:a0:d4:6a:c5:94:23:10:
09:86:2d:b9:8e:83:12:2d:6c:f4:8e:82:8d:51:11:16:e0:03:
85:c9:e2:c7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECIZ+ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2M3N2I0NzM2MzY4MTM3OGZhY2U0NjYxNDFkNTRjYzg4Mzk5Y2Y1MB4XDTIyMDEw
MTAyNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEzZmJiMTBkZTBk
ZjEyODczNDlmNDJkNDY4YjRiZmIxOTJiN2FhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJME9ICTrqo4UOOVUcXlOOStAHIf6zbvabtH/nK1iV0cR7U5
hDxACGPhmaYa509jog2mGw0OyAyBVkoqq+/fJ46vSuLGM4/ZlOBBcZYk0QYVJCDY
5mbmxOqTp4I2BACoG4OxgnWOUfrL4sEgORkgP0eKTOPEj+K8r4OxR6mONuIb+1Tl
2rol2j03Xc2jQKqIfYMYcynCatKJOhdHCk+kb/B0tKBeVwVqgVi3nbHtkFpoje5H
OCBFWVqMGWWy8qudgQJpdUt5P6nxBMkInmz314fUJnxnSbYC9JWTMM5eKf7ADCDO
/rO+VpugtbWeJtlZ7x9OgCvV1t1cfjouUXYYqlMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQKP7sQ3g3xKHNJ9C1Gi0v7GSt6qDAfBgNVHSMEGDAWgBRDx3tHNjaBN4+s
5GYUHVTMiDmc9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E4ZDdSelkyZ1RlUHJPUm1GQjFVeklnNW5QVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvMDE4MDliLTQyZGQtNDEzNi05NmIxLTFmZDEwZDhlMDc1Zi8x
L0NqLTdFTjROOFNoelNmUXRSb3RMLXhrcmVxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
MDE4MDliLTQyZGQtNDEzNi05NmIxLTFmZDEwZDhlMDc1Zi8xL1E4ZDdSelkyZ1Rl
UHJPUm1GQjFVeklnNW5QVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKfDANBgkqhkiG9w0BAQsF
AAOCAQEAk3V4uZ2dkLpga82gP2SUSAvYukUcTD92t/ajfCm3/NlYfpx9dymCJIrL
JvILQMjvjRJu4c/h6P+Za+512XTcqYEfPMGbbkfm/2y62AHpDve1EWkDTZShBEEN
Jmy9CbfYxzaJpDwgMIrxqB+IghWtYJRwIe4ccBlXXRCojGi7MzEigV9JaXxZpxCZ
aT4ILlGaYw5g0HjWXZJOX4YaOrma5faPXa+tcMDjlyxKP31owJdkwueyBphhO4MO
CETtDSZkrZ1BLYbnfHefOhDQZebSgz8qcwqMV2Qrw5Y7w+CMB+tEj6mg1GrFlCMQ
CYYtuY6DEi1s9I6CjVERFuADhcnixw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:28 2024 by rpki-client on console-fra.rpki-client.org