Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2688b6-da70-4abd-8f59-1a831b599c18/1/9okP8A13f-OtE0f5T_3U8EoJz4Q.roa
File: 9okP8A13f-OtE0f5T_3U8EoJz4Q.roa (raw, json)
Hash identifier: 62ut6CE3rM/U3pl2ixhzXYcOXXROJX5xkzMP0xclYUo=
Subject key identifier: F6:89:0F:F0:0D:77:7F:E3:AD:13:47:F9:4F:FD:D4:F0:4A:09:CF:84
Certificate issuer: /CN=9e1533c4702c2ccb5a9e0e87ab27ad56b15f2c76
Certificate serial: 017AA9
Authority key identifier: 9E:15:33:C4:70:2C:2C:CB:5A:9E:0E:87:AB:27:AD:56:B1:5F:2C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhUzxHAsLMtang6HqyetVrFfLHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2688b6-da70-4abd-8f59-1a831b599c18/1/9okP8A13f-OtE0f5T_3U8EoJz4Q.roa
Signing time: Wed 04 May 2022 09:34:04 +0000
ROA not before: Wed 04 May 2022 09:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64445
IP address blocks: 2a12:e6c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96937 (0x17aa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1533c4702c2ccb5a9e0e87ab27ad56b15f2c76
Validity
Not Before: May 4 09:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6890ff00d777fe3ad1347f94ffdd4f04a09cf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:0c:ce:b4:00:5f:6b:c6:fa:9a:1a:2d:17:
4a:e6:9d:e5:c9:0c:e6:98:a3:f3:8a:70:2c:f4:72:
03:38:8a:33:4b:86:d7:6a:7c:e2:20:f1:24:3e:bc:
10:25:54:5d:25:cc:2c:f8:b6:4b:85:1f:a4:d8:f0:
40:2c:9d:8c:96:22:72:0c:54:56:6a:09:04:e6:5c:
02:59:5d:e6:fc:1c:53:5e:b5:12:32:77:12:5d:1c:
c6:fd:cd:93:27:36:fc:a8:91:e6:ea:85:5c:10:b1:
23:5e:73:19:44:65:e4:dc:61:77:4a:d6:a3:e0:54:
ea:5b:b9:58:45:42:2d:91:2f:f1:f2:e6:9c:9e:40:
8b:57:73:57:87:01:e5:32:7a:54:49:1c:07:ad:6e:
86:34:1a:3f:ed:1b:66:cc:11:5a:40:e5:3a:31:84:
2e:ab:f3:7c:ba:09:d8:b4:b8:f7:df:85:6a:87:d1:
e6:99:aa:1b:e4:20:2b:ae:0b:38:e1:df:b5:96:43:
45:02:25:29:3e:b6:c1:da:6d:39:1f:88:50:1b:34:
d6:b4:53:4c:9a:9a:af:8e:09:06:9f:af:72:41:fe:
65:ca:0e:d3:58:2e:11:b9:4e:3f:01:59:d2:9b:22:
d2:0e:81:27:36:99:81:bb:d0:df:13:53:50:3a:94:
a2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:89:0F:F0:0D:77:7F:E3:AD:13:47:F9:4F:FD:D4:F0:4A:09:CF:84
X509v3 Authority Key Identifier:
keyid:9E:15:33:C4:70:2C:2C:CB:5A:9E:0E:87:AB:27:AD:56:B1:5F:2C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhUzxHAsLMtang6HqyetVrFfLHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2688b6-da70-4abd-8f59-1a831b599c18/1/9okP8A13f-OtE0f5T_3U8EoJz4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2688b6-da70-4abd-8f59-1a831b599c18/1/nhUzxHAsLMtang6HqyetVrFfLHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e6c0::/32
Signature Algorithm: sha256WithRSAEncryption
34:fe:bf:17:53:2f:1b:a5:2e:5a:99:31:c9:ac:23:92:01:c9:
2d:fb:33:f0:d2:b0:cd:9a:75:9b:33:6f:f8:c8:36:41:de:f8:
95:b8:c2:98:9b:89:39:65:1b:46:4e:ee:96:40:5a:4b:f3:8b:
78:7b:40:5f:cf:fb:7a:e1:e8:46:d9:5e:df:98:78:35:50:e4:
e9:37:d6:09:3b:2f:31:3f:35:ab:12:89:5a:4a:f8:c2:20:e7:
4f:b0:34:24:fb:cd:1b:91:2e:b4:22:13:31:14:8f:29:f2:71:
53:20:d4:c5:b5:16:b4:c5:2b:09:da:99:b5:1d:6b:8e:74:36:
ca:ea:de:8b:4e:fe:ef:de:b1:6d:34:88:e3:68:61:02:dd:07:
82:1a:cd:d8:a4:8f:73:6b:5f:9b:2a:db:a4:05:a9:58:01:95:
12:29:66:5a:ea:e6:84:18:a9:28:98:a2:71:e4:ea:c7:4c:cb:
39:22:6f:0d:bc:f5:e0:46:50:22:52:5b:b8:7f:dd:b5:c6:11:
c2:fc:e7:6c:12:2e:0a:05:43:b2:1e:9a:77:9b:51:20:40:e3:
c6:da:6b:48:a4:46:24:54:5e:b9:01:e1:7f:06:7b:37:e2:f2:
be:ff:f6:39:b5:2c:05:0d:d8:37:33:4e:ef:32:96:67:29:fa:
85:5e:b4:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAXqpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
MTUzM2M0NzAyYzJjY2I1YTllMGU4N2FiMjdhZDU2YjE1ZjJjNzYwHhcNMjIwNTA0
MDkzNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNjg5MGZmMDBkNzc3
ZmUzYWQxMzQ3Zjk0ZmZkZDRmMDRhMDljZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvK8MzrQAX2vG+poaLRdK5p3lyQzmmKPzinAs9HIDOIozS4bX
anziIPEkPrwQJVRdJcws+LZLhR+k2PBALJ2MliJyDFRWagkE5lwCWV3m/BxTXrUS
MncSXRzG/c2TJzb8qJHm6oVcELEjXnMZRGXk3GF3Staj4FTqW7lYRUItkS/x8uac
nkCLV3NXhwHlMnpUSRwHrW6GNBo/7RtmzBFaQOU6MYQuq/N8ugnYtLj334Vqh9Hm
maob5CArrgs44d+1lkNFAiUpPrbB2m05H4hQGzTWtFNMmpqvjgkGn69yQf5lyg7T
WC4RuU4/AVnSmyLSDoEnNpmBu9DfE1NQOpSiYQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFPaJD/ANd3/jrRNH+U/91PBKCc+EMB8GA1UdIwQYMBaAFJ4VM8RwLCzLWp4O
h6snrVaxXyx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bmhVenhIQXNMTXRhbmc2SHF5ZXRWckZmTEhZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOS8yNjg4YjYtZGE3MC00YWJkLThmNTktMWE4MzFiNTk5YzE4LzEv
OW9rUDhBMTNmLU90RTBmNVRfM1U4RW9KejRRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8y
Njg4YjYtZGE3MC00YWJkLThmNTktMWE4MzFiNTk5YzE4LzEvbmhVenhIQXNMTXRh
bmc2SHF5ZXRWckZmTEhZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhLmwDANBgkqhkiG9w0BAQsFAAOC
AQEANP6/F1MvG6UuWpkxyawjkgHJLfsz8NKwzZp1mzNv+Mg2Qd74lbjCmJuJOWUb
Rk7ulkBaS/OLeHtAX8/7euHoRtle35h4NVDk6TfWCTsvMT81qxKJWkr4wiDnT7A0
JPvNG5EutCITMRSPKfJxUyDUxbUWtMUrCdqZtR1rjnQ2yurei07+796xbTSI42hh
At0HghrN2KSPc2tfmyrbpAWpWAGVEilmWurmhBipKJiiceTqx0zLOSJvDbz14EZQ
IlJbuH/dtcYRwvznbBIuCgVDsh6ad5tRIEDjxtprSKRGJFReuQHhfwZ7N+Lyvv/2
ObUsBQ3YNzNO7zKWZyn6hV60Gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:49 2024 by rpki-client on console-ams.rpki-client.org