Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/xgPNqFEf4L1i1j1IH7P0Zq5fN7o.roa
File: xgPNqFEf4L1i1j1IH7P0Zq5fN7o.roa (raw, json)
Hash identifier: RBBTxwMiTmTgIiX5jB10fzyH7TsnrTmRcj2eutSWe6k=
Subject key identifier: C6:03:CD:A8:51:1F:E0:BD:62:D6:3D:48:1F:B3:F4:66:AE:5F:37:BA
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43459981
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/xgPNqFEf4L1i1j1IH7P0Zq5fN7o.roa
Signing time: Sat 01 Jan 2022 07:59:54 +0000
ROA not before: Sat 01 Jan 2022 07:59:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39145
IP address blocks: 2a03:f80:9001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128634753 (0x43459981)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c603cda8511fe0bd62d63d481fb3f466ae5f37ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:45:8c:86:2a:ed:b3:03:fc:5b:43:c1:77:f2:
0a:b4:02:12:92:98:4c:71:46:00:41:44:51:57:5e:
9d:1b:d3:fa:e1:20:7c:71:0e:1b:8f:1e:de:a3:45:
72:15:8a:b9:97:e9:22:4d:cc:1d:e1:48:80:d7:57:
b9:1f:b1:1c:e6:e8:e1:00:1b:38:84:bf:17:ed:1a:
0a:d5:cb:ce:1a:10:79:56:d2:41:93:59:86:75:2d:
9e:ef:40:b3:5a:f1:59:92:fe:11:e4:db:af:7d:d8:
f8:ef:7b:69:3d:76:6c:67:02:2e:bd:5a:83:3a:e9:
02:ee:f2:87:69:49:95:94:f5:77:cf:24:42:ea:e8:
74:ba:76:52:bb:c1:f5:60:83:d8:b1:58:8a:5e:1e:
c7:3c:6e:2b:11:ca:4f:b9:4b:7f:c8:79:16:de:26:
ef:ab:00:0a:e3:51:58:36:59:b2:d9:df:a9:d2:37:
ef:1f:28:30:1d:26:cb:2f:73:1f:02:6d:7d:08:00:
d0:04:53:02:e6:e1:42:1d:a4:c8:eb:be:73:56:0f:
9b:9e:b6:42:67:49:0a:a2:b1:94:51:de:49:d0:e6:
0d:cb:c7:3c:88:bd:4e:23:3b:24:3c:4c:11:79:3c:
c6:23:f1:31:9e:68:10:67:03:1f:6c:df:88:dd:2b:
91:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:03:CD:A8:51:1F:E0:BD:62:D6:3D:48:1F:B3:F4:66:AE:5F:37:BA
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/xgPNqFEf4L1i1j1IH7P0Zq5fN7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:9001::/48
Signature Algorithm: sha256WithRSAEncryption
0a:61:9a:88:93:55:74:d5:57:f0:a8:4b:19:d4:a4:ea:48:82:
3e:8e:7e:8a:77:1a:4a:7b:19:5d:db:eb:d8:e6:a8:a4:bb:02:
e1:ca:ec:f2:86:7a:1a:79:01:d8:ef:b6:72:60:09:05:c0:b2:
05:62:fb:9a:27:21:1b:39:72:f7:c3:88:6b:de:4f:37:76:a5:
4d:78:da:cc:7d:15:c7:85:00:bb:7d:14:d0:bf:34:9e:65:66:
1e:bf:3a:cc:01:06:5e:28:d2:36:65:db:29:70:c7:e5:5b:67:
5b:36:b0:59:e6:d3:45:a9:16:ac:a1:a0:a8:2e:18:83:14:23:
76:b1:97:ff:4a:42:39:31:66:04:91:63:73:0e:2f:53:2a:cf:
8a:61:20:20:f6:fa:48:a7:bd:fd:30:bb:cb:bf:40:4a:55:e9:
26:aa:51:dc:e3:ac:cb:80:75:55:bc:c3:ce:ff:0c:ff:c5:1a:
2c:7f:47:6b:75:a1:b1:9a:df:50:54:60:57:b8:a1:59:a2:03:
a4:8d:4f:ad:7d:b0:89:70:20:0c:86:7e:ed:e8:b6:8e:c7:7a:
e9:bd:d7:11:9f:56:69:3b:c5:65:de:9f:85:1a:1d:ff:c4:82:
c9:14:93:96:06:16:92:bf:ae:77:ff:08:b9:ba:da:08:b6:84:
b3:d1:70:8a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ0WZgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYwM2NkYTg1MTFm
ZTBiZDYyZDYzZDQ4MWZiM2Y0NjZhZTVmMzdiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPBFjIYq7bMD/FtDwXfyCrQCEpKYTHFGAEFEUVdenRvT+uEg
fHEOG48e3qNFchWKuZfpIk3MHeFIgNdXuR+xHObo4QAbOIS/F+0aCtXLzhoQeVbS
QZNZhnUtnu9As1rxWZL+EeTbr33Y+O97aT12bGcCLr1agzrpAu7yh2lJlZT1d88k
QurodLp2UrvB9WCD2LFYil4exzxuKxHKT7lLf8h5Ft4m76sACuNRWDZZstnfqdI3
7x8oMB0myy9zHwJtfQgA0ARTAubhQh2kyOu+c1YPm562QmdJCqKxlFHeSdDmDcvH
PIi9TiM7JDxMEXk8xiPxMZ5oEGcDH2zfiN0rkX8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTGA82oUR/gvWLWPUgfs/Rmrl83ujAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L3hnUE5xRkVmNEwxaTFqMUlIN1AwWnE1Zk43by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4CQATANBgkqhkiG9w0BAQsF
AAOCAQEACmGaiJNVdNVX8KhLGdSk6kiCPo5+incaSnsZXdvr2OaopLsC4crs8oZ6
GnkB2O+2cmAJBcCyBWL7michGzly98OIa95PN3alTXjazH0Vx4UAu30U0L80nmVm
Hr86zAEGXijSNmXbKXDH5VtnWzawWebTRakWrKGgqC4YgxQjdrGX/0pCOTFmBJFj
cw4vUyrPimEgIPb6SKe9/TC7y79ASlXpJqpR3OOsy4B1VbzDzv8M/8UaLH9Ha3Wh
sZrfUFRgV7ihWaIDpI1PrX2wiXAgDIZ+7ei2jsd66b3XEZ9WaTvFZd6fhRod/8SC
yRSTlgYWkr+ud/8IubraCLaEs9Fwig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org