Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1a231nS0M6UzPXjAwMymbZlrEI4.roa
File: 1a231nS0M6UzPXjAwMymbZlrEI4.roa (raw, json)
Hash identifier: 1GnNVNWLVR+P1Qoibrnsa1tGKaP05mK+/EEhGAlfAJQ=
Subject key identifier: D5:AD:B7:D6:74:B4:33:A5:33:3D:78:C0:C0:CC:A6:6D:99:6B:10:8E
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 434295E2
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1a231nS0M6UzPXjAwMymbZlrEI4.roa
Signing time: Sat 01 Jan 2022 07:59:52 +0000
ROA not before: Sat 01 Jan 2022 07:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34305
IP address blocks: 2a03:f85:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128437218 (0x434295e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5adb7d674b433a5333d78c0c0cca66d996b108e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3a:70:09:a9:d5:b0:bf:28:73:bd:1a:3b:36:
cf:36:74:dc:31:f3:fd:71:c8:2a:bc:40:19:97:eb:
0e:4c:01:b7:82:53:1a:19:66:f2:b8:a8:19:17:71:
71:a8:f5:b9:2b:ea:26:56:56:e9:5a:f1:72:d2:37:
26:9c:08:2c:86:10:99:62:eb:17:8b:42:2e:89:7b:
d2:bf:8e:6a:5f:a8:8a:ed:24:fe:97:00:75:75:94:
b4:b1:cb:26:e1:ee:a7:b5:4b:1c:66:bc:8e:6b:7a:
05:b8:7a:58:ad:ae:28:3e:d3:73:0f:f7:58:6e:2c:
ae:3a:38:fe:70:90:0c:16:f5:0c:65:17:44:bc:80:
a4:6f:95:81:33:1c:26:af:f9:0f:cb:e4:de:55:f0:
08:a8:46:41:13:07:ba:88:38:0f:2b:01:f1:80:58:
14:d1:c7:58:f5:ea:cd:09:f0:e0:c5:7c:e4:29:07:
36:de:cc:cd:0c:30:39:c1:54:db:0a:73:50:8d:53:
5c:08:3a:80:8e:54:01:54:80:22:30:6d:a9:a6:3c:
aa:b6:ee:53:2f:03:37:d2:2b:02:1b:4a:73:9d:9b:
f1:d1:19:81:b8:23:fb:b6:1a:13:98:31:f4:d3:03:
9f:57:e4:d1:84:95:b4:16:4d:6d:a4:47:fa:ca:8c:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AD:B7:D6:74:B4:33:A5:33:3D:78:C0:C0:CC:A6:6D:99:6B:10:8E
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1a231nS0M6UzPXjAwMymbZlrEI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:1::/48
Signature Algorithm: sha256WithRSAEncryption
44:5d:ba:31:d0:b3:13:f1:ae:89:30:03:6f:e2:2f:74:d0:26:
56:58:0f:e7:9b:fe:1e:e0:39:ed:1e:56:4e:dc:d8:b8:1f:d0:
b8:b6:49:ea:51:3f:0e:6d:ae:9e:cd:7c:f5:78:57:e8:77:ed:
7e:70:80:5e:c8:52:f9:34:fc:c0:9b:1a:ff:4e:f4:64:8d:f5:
30:6d:c6:ea:75:12:c6:07:87:eb:5c:c1:62:90:44:f0:3d:8b:
fa:1b:b7:bc:74:4d:b0:bd:39:b1:e2:b7:eb:d4:6d:54:74:40:
3f:a2:72:23:21:12:9c:4e:e6:73:60:bb:07:07:e2:87:1a:23:
91:64:24:62:94:63:46:93:ad:4e:85:62:08:61:c3:f3:48:0a:
80:96:69:b6:af:16:b2:f5:38:6a:15:13:73:18:4d:21:d3:1a:
f4:8e:98:98:a0:0f:3a:b8:02:1a:f7:2b:ce:0b:b6:3f:f5:18:
83:e3:ad:bb:13:e9:93:dc:a0:80:f6:ed:59:ea:97:59:97:c8:
2b:ab:3a:b8:8f:bc:81:b7:67:01:7c:cd:6d:ba:86:68:bb:87:
73:52:e8:bd:f1:3d:1f:af:4b:12:dd:21:2a:35:a6:14:b0:e9:
7c:2f:1b:06:1d:06:32:06:96:ee:1a:8f:e3:1e:24:3f:06:bc:
59:b1:76:8a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ0KV4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVhZGI3ZDY3NGI0
MzNhNTMzM2Q3OGMwYzBjY2E2NmQ5OTZiMTA4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJE6cAmp1bC/KHO9Gjs2zzZ03DHz/XHIKrxAGZfrDkwBt4JT
Ghlm8rioGRdxcaj1uSvqJlZW6VrxctI3JpwILIYQmWLrF4tCLol70r+Oal+oiu0k
/pcAdXWUtLHLJuHup7VLHGa8jmt6Bbh6WK2uKD7Tcw/3WG4srjo4/nCQDBb1DGUX
RLyApG+VgTMcJq/5D8vk3lXwCKhGQRMHuog4DysB8YBYFNHHWPXqzQnw4MV85CkH
Nt7MzQwwOcFU2wpzUI1TXAg6gI5UAVSAIjBtqaY8qrbuUy8DN9IrAhtKc52b8dEZ
gbgj+7YaE5gx9NMDn1fk0YSVtBZNbaRH+sqMzu8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTVrbfWdLQzpTM9eMDAzKZtmWsQjjAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
LzFhMjMxblMwTTZVelBYakF3TXltYlpsckVJNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4UAATANBgkqhkiG9w0BAQsF
AAOCAQEARF26MdCzE/GuiTADb+IvdNAmVlgP55v+HuA57R5WTtzYuB/QuLZJ6lE/
Dm2uns189XhX6HftfnCAXshS+TT8wJsa/070ZI31MG3G6nUSxgeH61zBYpBE8D2L
+hu3vHRNsL05seK369RtVHRAP6JyIyESnE7mc2C7BwfihxojkWQkYpRjRpOtToVi
CGHD80gKgJZptq8WsvU4ahUTcxhNIdMa9I6YmKAPOrgCGvcrzgu2P/UYg+OtuxPp
k9yggPbtWeqXWZfIK6s6uI+8gbdnAXzNbbqGaLuHc1LovfE9H69LEt0hKjWmFLDp
fC8bBh0GMgaW7hqP4x4kPwa8WbF2ig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org