Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/L3E3o4JYPHpoahSdxOOZ3IL20iA.roa
File: L3E3o4JYPHpoahSdxOOZ3IL20iA.roa (raw, json)
Hash identifier: sM8LNSIj+laVvX6OVaQl8aCssZpFxXupjR4KxgqVKuw=
Subject key identifier: 2F:71:37:A3:82:58:3C:7A:68:6A:14:9D:C4:E3:99:DC:82:F6:D2:20
Certificate issuer: /CN=33ae399984d7374b2a8e0af72d2bfcf105c86154
Certificate serial: 052E6D32
Authority key identifier: 33:AE:39:99:84:D7:37:4B:2A:8E:0A:F7:2D:2B:FC:F1:05:C8:61:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M645mYTXN0sqjgr3LSv88QXIYVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/L3E3o4JYPHpoahSdxOOZ3IL20iA.roa
Signing time: Sat 01 Jan 2022 02:00:40 +0000
ROA not before: Sat 01 Jan 2022 02:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213237
IP address blocks: 2001:678:45c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86928690 (0x52e6d32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ae399984d7374b2a8e0af72d2bfcf105c86154
Validity
Not Before: Jan 1 02:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f7137a382583c7a686a149dc4e399dc82f6d220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:da:a6:85:41:7b:1c:6a:4e:18:14:69:61:35:
5d:3e:41:f1:1a:0a:c5:05:64:20:e3:56:29:92:4b:
a4:88:0d:27:aa:8c:eb:87:b7:bd:5b:00:05:4e:47:
d0:8a:d1:01:c6:ac:e1:ec:ef:bc:2b:0a:77:94:f0:
d7:8b:2d:68:ea:73:8c:d7:ad:5a:1f:de:c4:20:0c:
73:58:26:ed:c0:45:de:32:7f:12:b6:c0:d6:7d:9a:
bc:c9:d3:5e:d3:bd:28:50:ac:e2:dc:26:75:90:f6:
c3:ad:b6:58:10:01:3e:11:06:8c:50:c6:57:d3:17:
eb:d4:d1:bf:20:a7:dc:ee:9b:f3:f7:e6:cd:07:1b:
06:ad:fa:31:21:09:10:b0:c0:89:1f:fc:8c:f7:3e:
d5:e9:35:21:6d:11:d5:83:09:33:8b:cb:06:64:93:
35:0b:73:89:a0:77:d1:96:d8:6f:04:f2:ce:a4:d6:
b1:0c:d8:63:d7:95:47:6f:74:6b:e4:7c:88:0e:36:
89:d6:de:69:83:a2:06:aa:3b:b7:4c:eb:c3:73:63:
64:a9:3b:21:a9:9a:66:3b:44:98:76:9c:cb:6e:19:
35:47:e0:a2:d4:d8:9f:c5:79:de:7a:cf:10:33:52:
9a:85:d1:0c:84:8c:e5:3c:5a:fc:a6:41:af:cd:4c:
33:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:71:37:A3:82:58:3C:7A:68:6A:14:9D:C4:E3:99:DC:82:F6:D2:20
X509v3 Authority Key Identifier:
keyid:33:AE:39:99:84:D7:37:4B:2A:8E:0A:F7:2D:2B:FC:F1:05:C8:61:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M645mYTXN0sqjgr3LSv88QXIYVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/L3E3o4JYPHpoahSdxOOZ3IL20iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/M645mYTXN0sqjgr3LSv88QXIYVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:45c::/48
Signature Algorithm: sha256WithRSAEncryption
4a:d6:99:1a:15:69:56:ca:09:c9:b8:68:96:0d:ca:ce:57:4e:
1c:8a:1c:21:94:63:8f:71:60:74:0d:ab:30:e1:7d:80:fa:e8:
fb:65:9d:88:0c:9b:e0:c1:da:dd:d9:1f:bf:64:c5:48:d0:9e:
f0:5f:f2:19:de:af:d0:59:e9:7d:45:b0:64:aa:63:1e:33:f8:
75:3e:1d:4b:bf:93:4b:eb:c8:f6:b1:0e:23:03:c3:49:8b:5b:
5c:32:7e:eb:ac:76:f1:39:9e:ca:a8:7f:06:83:84:f4:53:86:
56:ae:a3:a6:cc:82:45:4f:40:f4:12:db:e6:a6:82:4d:be:67:
19:bf:99:d8:24:ef:56:da:94:6d:f4:c0:07:9f:77:84:4d:33:
dc:2e:3f:41:0b:50:95:f8:e7:53:5f:37:8e:a8:10:66:f2:ef:
a8:bf:06:d3:8a:29:8f:c0:69:a4:95:5c:81:6c:a9:0e:ec:48:
d5:bd:ba:1e:9e:81:f1:08:ec:33:0b:9f:60:18:62:8e:ec:d4:
ed:5a:6f:9f:a8:7c:83:51:5f:85:97:f8:7f:d9:de:f7:7d:9c:
23:f6:51:1c:c2:ee:42:98:4a:15:ee:8f:8c:8e:c6:dd:c3:81:
d6:14:6c:18:c1:80:56:bf:6d:0a:91:ca:08:c5:f5:b4:33:c3:
1f:b5:10:0b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBS5tMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2FlMzk5OTg0ZDczNzRiMmE4ZTBhZjcyZDJiZmNmMTA1Yzg2MTU0MB4XDTIyMDEw
MTAyMDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmY3MTM3YTM4MjU4
M2M3YTY4NmExNDlkYzRlMzk5ZGM4MmY2ZDIyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjapoVBexxqThgUaWE1XT5B8RoKxQVkIONWKZJLpIgNJ6qM
64e3vVsABU5H0IrRAcas4ezvvCsKd5Tw14staOpzjNetWh/exCAMc1gm7cBF3jJ/
ErbA1n2avMnTXtO9KFCs4twmdZD2w622WBABPhEGjFDGV9MX69TRvyCn3O6b8/fm
zQcbBq36MSEJELDAiR/8jPc+1ek1IW0R1YMJM4vLBmSTNQtziaB30ZbYbwTyzqTW
sQzYY9eVR290a+R8iA42idbeaYOiBqo7t0zrw3NjZKk7IamaZjtEmHacy24ZNUfg
otTYn8V53nrPEDNSmoXRDISM5Txa/KZBr81MM0UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQvcTejglg8emhqFJ3E45ncgvbSIDAfBgNVHSMEGDAWgBQzrjmZhNc3SyqO
CvctK/zxBchhVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L002NDVtWVRYTjBzcWpncjNMU3Y4OFFYSVlWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvNjI4NDZlLTAxODktNDY4ZC1hOGQzLTFhOGRhZmYxMWUwYy8x
L0wzRTNvNEpZUEhwb2FoU2R4T09aM0lMMjBpQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
NjI4NDZlLTAxODktNDY4ZC1hOGQzLTFhOGRhZmYxMWUwYy8xL002NDVtWVRYTjBz
cWpncjNMU3Y4OFFYSVlWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngEXDANBgkqhkiG9w0BAQsF
AAOCAQEAStaZGhVpVsoJybholg3KzldOHIocIZRjj3FgdA2rMOF9gPro+2WdiAyb
4MHa3dkfv2TFSNCe8F/yGd6v0FnpfUWwZKpjHjP4dT4dS7+TS+vI9rEOIwPDSYtb
XDJ+66x28Tmeyqh/BoOE9FOGVq6jpsyCRU9A9BLb5qaCTb5nGb+Z2CTvVtqUbfTA
B593hE0z3C4/QQtQlfjnU183jqgQZvLvqL8G04opj8BppJVcgWypDuxI1b26Hp6B
8QjsMwufYBhijuzU7Vpvn6h8g1FfhZf4f9ne932cI/ZRHMLuQphKFe6PjI7G3cOB
1hRsGMGAVr9tCpHKCMX1tDPDH7UQCw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-fra.rpki-client.org