Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ix2ZboBuTCeFKcsNxxSh5zoN4rI.roa
File: ix2ZboBuTCeFKcsNxxSh5zoN4rI.roa (raw, json)
Hash identifier: 4Lq3DVNFwDtGl07sNgQqUoLCJkYXLd/rpCkezAt/IIs=
Subject key identifier: 8B:1D:99:6E:80:6E:4C:27:85:29:CB:0D:C7:14:A1:E7:3A:0D:E2:B2
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0184ECB7D1E97CA8909DB1BAE61CDA1C85FD
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ix2ZboBuTCeFKcsNxxSh5zoN4rI.roa
Signing time: Wed 07 Dec 2022 13:13:00 +0000
ROA not before: Wed 07 Dec 2022 13:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398104
IP address blocks: 2a01:488:bb1b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:b7:d1:e9:7c:a8:90:9d:b1:ba:e6:1c:da:1c:85:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Dec 7 13:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b1d996e806e4c278529cb0dc714a1e73a0de2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:8e:44:a7:1a:39:30:9b:96:dd:32:7b:8a:
2b:2e:31:c0:73:6e:c3:d2:72:7c:82:cd:22:d7:ea:
f3:9b:bc:77:48:ee:0f:ea:8a:92:66:ec:08:cd:a6:
76:c3:d6:b5:52:88:b6:af:3d:11:9d:89:bb:4e:de:
59:5d:ca:f3:fd:43:1c:bc:c1:71:5d:ca:ba:4a:fe:
71:c4:48:48:57:43:90:08:55:33:4e:00:4b:ff:a2:
5e:eb:80:66:7a:bf:8e:84:b3:eb:96:07:29:ed:24:
38:dd:72:01:63:38:30:dc:70:88:bf:f8:7d:6c:0f:
f2:29:4b:df:fd:e8:df:38:57:49:80:c4:0b:21:bb:
a8:52:24:c2:e6:f8:a1:83:7b:99:88:a5:ed:af:dd:
45:99:40:36:de:69:ba:fb:75:de:3f:a4:04:e5:56:
77:27:71:2b:29:9c:6c:0a:35:19:83:0a:a7:6c:34:
7a:8b:c5:8f:be:bb:1b:70:1a:f5:7e:fc:8d:7f:7d:
43:82:a3:fa:be:97:e4:bd:65:90:a4:ce:e4:72:1a:
e8:1e:33:b3:21:a2:eb:fa:6f:da:bd:ea:75:f9:10:
1a:20:1e:18:e9:53:00:47:ab:07:8e:b0:5b:9d:c1:
76:70:ea:ff:10:34:b4:3b:0b:83:ca:0e:aa:18:5f:
9b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1D:99:6E:80:6E:4C:27:85:29:CB:0D:C7:14:A1:E7:3A:0D:E2:B2
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ix2ZboBuTCeFKcsNxxSh5zoN4rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1b::/48
Signature Algorithm: sha256WithRSAEncryption
b8:11:78:6b:8a:6e:a7:49:1f:44:4f:05:bc:0f:2f:64:ab:d7:
e2:c9:a5:1c:a4:6d:e4:65:d2:65:39:b7:dd:ce:4c:40:a7:47:
b7:0e:d5:87:a8:98:0b:a6:2c:b9:60:f0:25:95:29:4f:37:a8:
07:c7:56:b2:b0:2d:b4:e3:3e:3a:13:28:7e:2d:53:f7:f1:8f:
cc:a2:01:fe:4a:54:83:0d:59:42:8a:3b:4c:0c:0c:34:c9:12:
a1:98:80:d3:bb:23:44:d6:7a:6c:66:ee:25:85:88:97:50:e7:
26:6b:a0:09:7f:da:36:a5:29:67:af:31:43:d1:40:c1:b8:f6:
b5:49:b4:d7:b0:a5:dd:63:85:f8:67:98:36:36:d0:70:fe:23:
a3:8d:31:32:7a:0f:b1:c7:96:f9:6a:56:b4:d5:4c:93:a1:78:
3f:c0:8a:e3:58:5a:23:04:67:78:f8:91:3d:38:7a:91:7f:64:
c5:f5:43:29:29:fb:07:ed:2a:18:9e:d0:50:4d:11:82:40:15:
eb:1b:23:5f:7f:13:1d:c8:3e:8e:d8:c2:e9:e2:d9:03:70:6a:
27:df:3a:12:be:87:98:63:7c:be:9a:03:94:67:91:63:95:42:
20:c9:07:2a:ba:e7:a0:64:dd:2a:07:9c:33:4c:6a:dc:02:17:
90:8b:b0:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTst9HpfKiQnbG65hzaHIX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjIxMjA3MTMxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFkOTk2ZTgwNmU0YzI3ODUyOWNiMGRjNzE0YTFlNzNhMGRlMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pGORKcaOTCblt0ye4orLjHAc27D
0nJ8gs0i1+rzm7x3SO4P6oqSZuwIzaZ2w9a1Uoi2rz0RnYm7Tt5ZXcrz/UMcvMFx
Xcq6Sv5xxEhIV0OQCFUzTgBL/6Je64Bmer+OhLPrlgcp7SQ43XIBYzgw3HCIv/h9
bA/yKUvf/ejfOFdJgMQLIbuoUiTC5vihg3uZiKXtr91FmUA23mm6+3XeP6QE5VZ3
J3ErKZxsCjUZgwqnbDR6i8WPvrsbcBr1fvyNf31DgqP6vpfkvWWQpM7kchroHjOz
IaLr+m/avep1+RAaIB4Y6VMAR6sHjrBbncF2cOr/EDS0OwuDyg6qGF+bwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIsdmW6AbkwnhSnLDccUoec6DeKyMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvaXgyWmJvQnVUQ2VGS2NzTnh4U2g1em9ONHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsb
MA0GCSqGSIb3DQEBCwUAA4IBAQC4EXhrim6nSR9ETwW8Dy9kq9fiyaUcpG3kZdJl
ObfdzkxAp0e3DtWHqJgLpiy5YPAllSlPN6gHx1aysC204z46Eyh+LVP38Y/MogH+
SlSDDVlCijtMDAw0yRKhmIDTuyNE1npsZu4lhYiXUOcma6AJf9o2pSlnrzFD0UDB
uPa1SbTXsKXdY4X4Z5g2NtBw/iOjjTEyeg+xx5b5ala01UyToXg/wIrjWFojBGd4
+JE9OHqRf2TF9UMpKfsH7SoYntBQTRGCQBXrGyNffxMdyD6O2MLp4tkDcGon3zoS
voeYY3y+mgOUZ5FjlUIgyQcquuegZN0qB5wzTGrcAheQi7AG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org