Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/XIiRZyY6aGYQFag6nXwDLsv5c7Q.roa
File: XIiRZyY6aGYQFag6nXwDLsv5c7Q.roa (raw, json)
Hash identifier: AEIJViLiAerZNZRpH83gQ1xXmXh2wDnq3d6tTksNeUk=
Subject key identifier: 5C:88:91:67:26:3A:68:66:10:15:A8:3A:9D:7C:03:2E:CB:F9:73:B4
Certificate issuer: /CN=940e2a716e5d89895dfea2ef2903081dede99c68
Certificate serial: 036FC314
Authority key identifier: 94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/XIiRZyY6aGYQFag6nXwDLsv5c7Q.roa
Signing time: Sat 01 Jan 2022 06:52:50 +0000
ROA not before: Sat 01 Jan 2022 06:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31317
IP address blocks: 2001:678:970::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57656084 (0x36fc314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940e2a716e5d89895dfea2ef2903081dede99c68
Validity
Not Before: Jan 1 06:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c889167263a68661015a83a9d7c032ecbf973b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2d:2c:c4:c6:c3:07:5d:e7:57:b7:83:1c:61:
42:64:3f:b9:03:a0:af:f6:73:a7:c4:6c:9f:f4:f9:
f3:12:bb:17:b0:75:73:36:e5:ed:09:2c:d3:12:60:
6d:8d:b3:7d:3c:d1:ac:6f:0a:51:33:95:1f:65:92:
33:14:4e:8e:a0:a8:90:5f:54:50:e2:d6:30:54:19:
6c:c6:e1:34:45:ec:4b:d5:58:c2:2f:20:eb:47:42:
5f:69:8e:f9:6d:dd:53:87:fd:e1:d8:7f:c2:e2:de:
5d:c7:9d:aa:2b:9b:f2:ae:f2:50:e6:2a:e0:3f:72:
c8:2a:e6:10:c6:f6:49:65:41:c5:be:cf:5b:19:70:
ee:8f:94:c8:f8:90:f7:90:65:7e:78:c6:49:d9:40:
53:6c:ac:66:f3:e5:77:d2:ca:1f:08:f3:43:2e:5b:
12:a0:0a:a9:f8:7f:a5:d6:ff:c0:6e:91:10:be:98:
d0:d6:5b:c2:4b:39:e2:19:f1:7a:0f:04:01:a5:7f:
79:bf:bc:20:0a:1c:c8:8c:ee:4c:90:64:cd:76:18:
5f:f3:cf:88:d1:2b:3f:86:8d:9b:17:8e:1d:3b:25:
22:79:2f:12:b0:09:67:b6:37:2b:93:ea:f9:fa:b8:
73:c4:e8:66:61:46:e1:65:cd:e5:c2:15:59:83:f8:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:88:91:67:26:3A:68:66:10:15:A8:3A:9D:7C:03:2E:CB:F9:73:B4
X509v3 Authority Key Identifier:
keyid:94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/XIiRZyY6aGYQFag6nXwDLsv5c7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/lA4qcW5diYld_qLvKQMIHe3pnGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:970::/48
Signature Algorithm: sha256WithRSAEncryption
30:69:6e:6b:3c:e8:80:47:3e:68:4a:53:39:86:f3:75:50:98:
f8:fb:b6:62:28:ee:e7:55:1f:df:f0:a4:1e:e2:ea:5a:5d:fb:
d5:65:c0:08:19:fc:94:d0:0c:60:45:00:e2:46:1d:3f:37:27:
90:ff:6d:47:b2:55:1d:88:83:9d:8c:a0:65:23:c7:35:2b:d9:
e2:d3:91:a2:e9:05:78:d7:00:a6:94:81:12:e1:5b:6c:81:8a:
fd:bf:cf:d7:40:51:57:fe:84:81:43:6d:14:54:49:f6:b6:2c:
9d:86:f7:dd:76:15:2c:ba:81:d5:b6:5f:4f:54:20:57:fa:55:
a5:b7:f1:9e:0f:29:db:0f:9f:5f:aa:4d:86:7e:93:ef:9e:81:
c8:44:d9:32:74:30:46:50:3e:7a:50:80:43:4f:a3:4f:6f:fe:
0c:e6:46:21:bb:d3:ed:54:7e:1f:ef:cd:6d:e1:45:54:51:82:
98:61:14:cd:ca:9b:92:78:b8:47:c5:ab:e4:6a:bc:4a:35:67:
3b:91:13:33:04:cf:b1:50:22:46:aa:c0:e8:55:25:78:df:8e:
49:4a:ff:2a:5c:1f:a5:45:90:2a:9c:f9:e8:10:c2:dc:7a:9c:
3e:65:b1:b1:d5:ef:d1:56:fc:b1:42:54:a8:1a:3b:3a:83:13:
84:a2:26:b9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA2/DFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDBlMmE3MTZlNWQ4OTg5NWRmZWEyZWYyOTAzMDgxZGVkZTk5YzY4MB4XDTIyMDEw
MTA2NTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM4ODkxNjcyNjNh
Njg2NjEwMTVhODNhOWQ3YzAzMmVjYmY5NzNiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEtLMTGwwdd51e3gxxhQmQ/uQOgr/Zzp8Rsn/T58xK7F7B1
czbl7Qks0xJgbY2zfTzRrG8KUTOVH2WSMxROjqCokF9UUOLWMFQZbMbhNEXsS9VY
wi8g60dCX2mO+W3dU4f94dh/wuLeXcedqiub8q7yUOYq4D9yyCrmEMb2SWVBxb7P
Wxlw7o+UyPiQ95BlfnjGSdlAU2ysZvPld9LKHwjzQy5bEqAKqfh/pdb/wG6REL6Y
0NZbwks54hnxeg8EAaV/eb+8IAocyIzuTJBkzXYYX/PPiNErP4aNmxeOHTslInkv
ErAJZ7Y3K5Pq+fq4c8ToZmFG4WXN5cIVWYP4pHUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRciJFnJjpoZhAVqDqdfAMuy/lztDAfBgNVHSMEGDAWgBSUDipxbl2JiV3+
ou8pAwgd7emcaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xBNHFjVzVkaVlsZF9xTHZLUU1JSGUzcG5HZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvODUxZDY2LWI5NTYtNGJjZS04YmQ2LTU0NTE0NDFlYTYzMy8x
L1hJaVJaeVk2YUdZUUZhZzZuWHdETHN2NWM3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ODUxZDY2LWI5NTYtNGJjZS04YmQ2LTU0NTE0NDFlYTYzMy8xL2xBNHFjVzVkaVls
ZF9xTHZLUU1JSGUzcG5HZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngJcDANBgkqhkiG9w0BAQsF
AAOCAQEAMGluazzogEc+aEpTOYbzdVCY+Pu2Yiju51Uf3/CkHuLqWl371WXACBn8
lNAMYEUA4kYdPzcnkP9tR7JVHYiDnYygZSPHNSvZ4tORoukFeNcAppSBEuFbbIGK
/b/P10BRV/6EgUNtFFRJ9rYsnYb33XYVLLqB1bZfT1QgV/pVpbfxng8p2w+fX6pN
hn6T756ByETZMnQwRlA+elCAQ0+jT2/+DOZGIbvT7VR+H+/NbeFFVFGCmGEUzcqb
kni4R8Wr5Gq8SjVnO5ETMwTPsVAiRqrA6FUleN+OSUr/KlwfpUWQKpz56BDC3Hqc
PmWxsdXv0Vb8sUJUqBo7OoMThKImuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:59 2024 by rpki-client on console-ams.rpki-client.org