Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/25812d-8cd7-4707-8bdb-cfa5042dc95c/1/MjMJAaQXuKXEc1kEabBys7HmezE.roa
File: MjMJAaQXuKXEc1kEabBys7HmezE.roa (raw, json)
Hash identifier: Ul3eDZe6F85VaT5JP4DjC+MttaqZFpt7VAfG7nel0gw=
Subject key identifier: 32:33:09:01:A4:17:B8:A5:C4:73:59:04:69:B0:72:B3:B1:E6:7B:31
Certificate issuer: /CN=76866be69f3770720a6dcc4792e680fc7f7321a1
Certificate serial: 0B4141A6
Authority key identifier: 76:86:6B:E6:9F:37:70:72:0A:6D:CC:47:92:E6:80:FC:7F:73:21:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/doZr5p83cHIKbcxHkuaA_H9zIaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/25812d-8cd7-4707-8bdb-cfa5042dc95c/1/MjMJAaQXuKXEc1kEabBys7HmezE.roa
Signing time: Sat 01 Jan 2022 09:03:25 +0000
ROA not before: Sat 01 Jan 2022 09:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200300
IP address blocks: 2001:678:7e8::/48 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188826022 (0xb4141a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76866be69f3770720a6dcc4792e680fc7f7321a1
Validity
Not Before: Jan 1 09:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32330901a417b8a5c473590469b072b3b1e67b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:82:36:e7:83:17:29:fc:df:a6:55:29:4c:
19:24:92:b7:d1:d0:03:d1:ed:02:8b:1a:73:f3:44:
5c:b9:6f:fd:d3:75:ab:fc:18:97:72:23:2e:e7:1a:
ad:45:9d:43:e7:af:e7:d7:67:43:54:aa:74:dc:7f:
44:34:60:65:1d:b9:e2:bd:b4:1a:1c:8f:be:66:91:
8c:ce:1d:d0:77:cc:e5:c0:fc:ee:90:c6:91:16:3c:
60:fd:7b:ec:3b:79:88:df:80:17:8e:89:bf:81:0f:
ad:66:ec:36:fb:92:4c:31:28:a5:46:53:19:11:a1:
b3:c2:01:0d:27:7f:81:5b:07:e0:1c:ad:91:f4:aa:
dd:97:81:f3:f9:89:16:22:e5:20:66:fe:d7:67:eb:
94:b6:d0:ca:f0:76:0c:f9:f8:3e:db:5e:d1:2e:10:
04:d7:38:c8:47:f1:76:d6:c2:ba:b4:98:c6:7c:d8:
68:76:04:8b:d1:3b:8b:75:9a:b9:fd:a4:c1:b2:b5:
70:57:57:cc:a7:a1:27:ca:80:db:48:59:df:73:42:
75:c6:74:61:12:88:1e:43:ad:4f:86:a5:58:df:a5:
05:c0:f5:4e:1a:f5:35:cb:0a:5f:43:30:b8:3b:53:
de:60:81:7a:fb:3c:e2:2b:a8:8e:98:5d:eb:70:82:
67:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:33:09:01:A4:17:B8:A5:C4:73:59:04:69:B0:72:B3:B1:E6:7B:31
X509v3 Authority Key Identifier:
keyid:76:86:6B:E6:9F:37:70:72:0A:6D:CC:47:92:E6:80:FC:7F:73:21:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/doZr5p83cHIKbcxHkuaA_H9zIaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/25812d-8cd7-4707-8bdb-cfa5042dc95c/1/MjMJAaQXuKXEc1kEabBys7HmezE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/25812d-8cd7-4707-8bdb-cfa5042dc95c/1/doZr5p83cHIKbcxHkuaA_H9zIaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:7e8::/48
Signature Algorithm: sha256WithRSAEncryption
cd:a9:cb:03:04:c6:9a:4c:16:f5:2d:16:03:2a:6f:bc:8f:b3:
73:be:c5:b1:d8:c2:31:fc:57:e1:1e:0c:8e:71:a9:74:2b:78:
73:3b:ef:5d:15:51:7b:11:b3:a2:95:a1:fd:b4:a2:b8:dc:a0:
0d:98:85:9b:4a:68:b9:f1:91:66:3a:de:c1:8e:cb:d0:70:7f:
54:00:33:02:a3:7a:bf:e2:8d:13:6a:7e:42:1b:fa:d5:6b:7d:
8e:e7:7b:55:41:93:23:a3:1c:10:f7:da:17:46:6d:e1:1d:b9:
78:d0:f3:6f:8c:a9:97:c0:67:65:03:4e:cb:8c:bf:42:de:90:
b8:18:c6:18:a9:c1:81:04:ce:55:e8:02:51:a8:9c:c8:39:e0:
ea:0c:f1:8b:78:f5:9a:d0:60:94:64:1a:4a:23:4d:01:f6:f5:
7d:76:17:27:c1:eb:49:e2:38:57:c2:40:1c:2c:85:65:72:44:
fe:6e:dc:de:d3:a7:98:dc:b4:3e:5e:60:51:42:9a:96:01:e7:
22:f4:fe:bf:85:ba:e6:35:2c:86:d5:32:ef:5f:f8:e8:aa:4d:
af:49:85:15:79:7b:b2:c1:d1:bb:09:cf:84:ac:68:43:38:ff:
9c:3e:96:62:0f:c0:15:1c:3e:69:89:de:c1:c9:d5:ba:47:a5:
aa:9d:ee:0e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC0FBpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Njg2NmJlNjlmMzc3MDcyMGE2ZGNjNDc5MmU2ODBmYzdmNzMyMWExMB4XDTIyMDEw
MTA5MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIzMzA5MDFhNDE3
YjhhNWM0NzM1OTA0NjliMDcyYjNiMWU2N2IzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUzgjbngxcp/N+mVSlMGSSSt9HQA9HtAosac/NEXLlv/dN1
q/wYl3IjLucarUWdQ+ev59dnQ1SqdNx/RDRgZR254r20GhyPvmaRjM4d0HfM5cD8
7pDGkRY8YP177Dt5iN+AF46Jv4EPrWbsNvuSTDEopUZTGRGhs8IBDSd/gVsH4Byt
kfSq3ZeB8/mJFiLlIGb+12frlLbQyvB2DPn4Ptte0S4QBNc4yEfxdtbCurSYxnzY
aHYEi9E7i3Wauf2kwbK1cFdXzKehJ8qA20hZ33NCdcZ0YRKIHkOtT4alWN+lBcD1
Thr1NcsKX0MwuDtT3mCBevs84iuojphd63CCZ2sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQyMwkBpBe4pcRzWQRpsHKzseZ7MTAfBgNVHSMEGDAWgBR2hmvmnzdwcgpt
zEeS5oD8f3MhoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RvWnI1cDgzY0hJS2JjeEhrdWFBX0g5eklhRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMjU4MTJkLThjZDctNDcwNy04YmRiLWNmYTUwNDJkYzk1Yy8x
L01qTUpBYVFYdUtYRWMxa0VhYkJ5czdIbWV6RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MjU4MTJkLThjZDctNDcwNy04YmRiLWNmYTUwNDJkYzk1Yy8xL2RvWnI1cDgzY0hJ
S2JjeEhrdWFBX0g5eklhRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngH6DANBgkqhkiG9w0BAQsF
AAOCAQEAzanLAwTGmkwW9S0WAypvvI+zc77FsdjCMfxX4R4MjnGpdCt4czvvXRVR
exGzopWh/bSiuNygDZiFm0poufGRZjrewY7L0HB/VAAzAqN6v+KNE2p+Qhv61Wt9
jud7VUGTI6McEPfaF0Zt4R25eNDzb4ypl8BnZQNOy4y/Qt6QuBjGGKnBgQTOVegC
UaicyDng6gzxi3j1mtBglGQaSiNNAfb1fXYXJ8HrSeI4V8JAHCyFZXJE/m7c3tOn
mNy0Pl5gUUKalgHnIvT+v4W65jUshtUy71/46KpNr0mFFXl7ssHRuwnPhKxoQzj/
nD6WYg/AFRw+aYnewcnVukelqp3uDg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net