Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Co0ii8KG1v4MpfyZBOYzRU60vSw.roa
File: Co0ii8KG1v4MpfyZBOYzRU60vSw.roa (raw, json)
Hash identifier: M78bDARRT0zJSUF65Q62KhT8KV5viGTvkv26sDx0jI4=
Subject key identifier: 0A:8D:22:8B:C2:86:D6:FE:0C:A5:FC:99:04:E6:33:45:4E:B4:BD:2C
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0184C2A801F28CBAB9C44598DFB79921FE03
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Co0ii8KG1v4MpfyZBOYzRU60vSw.roa
Signing time: Tue 29 Nov 2022 09:11:41 +0000
ROA not before: Tue 29 Nov 2022 09:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212789
IP address blocks: 2a0e:a6c7::/32 maxlen: 32
2a0e:a6c7:1000::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:a8:01:f2:8c:ba:b9:c4:45:98:df:b7:99:21:fe:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 29 09:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a8d228bc286d6fe0ca5fc9904e633454eb4bd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:1b:85:5f:f8:23:a6:cb:5c:c9:a7:ab:48:
30:22:96:cf:65:dc:45:14:30:dd:fd:72:56:0f:e5:
df:f1:aa:dd:76:8d:07:73:8a:5e:45:66:27:62:8c:
cc:b5:bf:b2:c6:f3:5e:f8:de:ad:99:d5:ea:e8:52:
e8:53:35:e9:3b:3c:5e:bd:84:90:94:65:1e:55:92:
10:19:a5:0c:44:bf:04:64:3d:0e:22:21:fa:1b:06:
a8:59:e1:e6:c2:b9:8a:f6:3e:68:ff:05:fc:3b:34:
1c:b8:5f:e7:94:bd:88:12:4c:d0:ef:9e:58:40:86:
a0:f9:47:f9:4b:1e:b4:2d:64:2b:74:5a:8e:57:f3:
23:69:12:02:86:91:5f:e4:b1:b9:be:ba:86:ef:4b:
d5:07:e0:29:e3:8a:fa:3a:b7:7c:1e:48:8e:2c:0c:
cf:4d:7d:89:0b:d1:88:7e:b5:06:4a:b1:76:2b:2c:
4d:fb:76:18:fd:87:86:e8:5f:c2:96:50:d0:2f:80:
48:50:37:71:47:a1:5d:0e:ac:c6:19:c0:b1:1f:85:
a9:72:61:09:6c:23:f7:8b:01:37:9b:f9:07:fc:12:
45:91:e2:5c:c4:d2:76:38:47:b5:b4:d6:25:e3:c3:
3c:b3:96:4c:85:6a:52:ca:6c:e9:53:dd:0e:1c:88:
e0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8D:22:8B:C2:86:D6:FE:0C:A5:FC:99:04:E6:33:45:4E:B4:BD:2C
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Co0ii8KG1v4MpfyZBOYzRU60vSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a6c7::/32
Signature Algorithm: sha256WithRSAEncryption
3b:a2:00:82:80:e2:9f:36:70:c9:2c:f6:ec:a4:75:f4:ed:96:
ad:ad:49:3b:46:61:3e:f7:f1:7a:77:1e:9b:39:e0:05:5e:0c:
1a:1c:d5:f5:b1:18:a8:83:bd:76:05:87:28:bf:92:e2:28:35:
b9:68:17:d4:48:3c:5b:0c:57:93:c2:4a:70:55:e8:b7:eb:07:
07:f9:9e:23:c4:6e:42:70:46:35:df:cd:fb:5a:e5:5e:fa:58:
ae:2b:ac:d4:f1:c3:0d:3e:16:a0:66:76:5a:9c:44:b8:eb:cd:
31:b6:af:21:92:9c:19:59:bf:d3:f7:bb:66:f3:0e:48:ae:95:
ed:2f:e7:e5:cc:8d:7b:14:c9:7b:a4:4d:00:2c:62:df:83:b6:
8b:88:34:7b:96:56:b7:d8:f2:85:28:1c:73:08:95:9f:c9:fc:
b7:63:90:e9:cf:77:81:ff:09:1a:0e:57:98:89:45:78:15:69:
91:d3:ad:76:30:bc:8a:52:f6:b4:45:9c:7e:b8:8f:dc:e1:9a:
1b:09:37:24:5e:66:34:17:b3:f5:7d:e1:4b:36:41:9c:46:a9:
bc:d7:09:39:4b:5f:92:b8:bb:38:53:89:bf:f2:0e:b2:44:38:
0e:47:6c:37:4f:63:f9:c6:d2:76:e5:05:0a:26:96:93:4e:95:
b9:5f:30:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTCqAHyjLq5xEWY37eZIf4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIxMTI5MDkxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYThkMjI4YmMyODZkNmZlMGNhNWZjOTkwNGU2MzM0NTRlYjRiZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHobhV/4I6bLXMmnq0gwIpbPZdxF
FDDd/XJWD+Xf8arddo0Hc4peRWYnYozMtb+yxvNe+N6tmdXq6FLoUzXpOzxevYSQ
lGUeVZIQGaUMRL8EZD0OIiH6GwaoWeHmwrmK9j5o/wX8OzQcuF/nlL2IEkzQ755Y
QIag+Uf5Sx60LWQrdFqOV/MjaRIChpFf5LG5vrqG70vVB+Ap44r6Ord8HkiOLAzP
TX2JC9GIfrUGSrF2KyxN+3YY/YeG6F/CllDQL4BIUDdxR6FdDqzGGcCxH4WpcmEJ
bCP3iwE3m/kH/BJFkeJcxNJ2OEe1tNYl48M8s5ZMhWpSymzpU90OHIjgLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAqNIovChtb+DKX8mQTmM0VOtL0sMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvQ28waWk4S0cxdjRNcGZ5WkJPWXpSVTYwdlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg6mxzAN
BgkqhkiG9w0BAQsFAAOCAQEAO6IAgoDinzZwySz27KR19O2Wra1JO0ZhPvfxence
mzngBV4MGhzV9bEYqIO9dgWHKL+S4ig1uWgX1Eg8WwxXk8JKcFXot+sHB/meI8Ru
QnBGNd/N+1rlXvpYrius1PHDDT4WoGZ2WpxEuOvNMbavIZKcGVm/0/e7ZvMOSK6V
7S/n5cyNexTJe6RNACxi34O2i4g0e5ZWt9jyhSgccwiVn8n8t2OQ6c93gf8JGg5X
mIlFeBVpkdOtdjC8ilL2tEWcfriP3OGaGwk3JF5mNBez9X3hSzZBnEapvNcJOUtf
kri7OFOJv/IOskQ4DkdsN09j+cbSduUFCiaWk06VuV8w3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org