Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/X7nSgdDFG7wHWkB-Na93CQBKhsg.roa
File: X7nSgdDFG7wHWkB-Na93CQBKhsg.roa (raw, json)
Hash identifier: QLu7JggRgPoDYXAyOoXbYmXieg+ZAQcGdWFDbfyMt8E=
Subject key identifier: 5F:B9:D2:81:D0:C5:1B:BC:07:5A:40:7E:35:AF:77:09:00:4A:86:C8
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 150B1553
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/X7nSgdDFG7wHWkB-Na93CQBKhsg.roa
Signing time: Sat 01 Jan 2022 15:54:51 +0000
ROA not before: Sat 01 Jan 2022 15:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 2a02:1140:200::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 353047891 (0x150b1553)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Jan 1 15:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fb9d281d0c51bbc075a407e35af7709004a86c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a0:00:b6:d9:d3:91:76:6c:85:c7:ec:97:42:
ec:e7:dd:33:81:ea:0c:1d:dc:cb:1e:5c:89:ff:38:
74:cc:25:20:71:91:e1:a0:ce:c3:de:e2:c1:ef:15:
2b:67:4b:2d:f2:b5:d7:d4:93:a1:e6:ab:aa:4b:15:
92:a7:b9:4c:ec:65:75:7e:2e:42:1f:4b:b3:6a:4b:
6c:e7:7c:39:b4:5b:31:25:82:47:dc:a1:23:e2:82:
29:f3:94:bf:b0:4d:9f:5b:48:bd:3d:20:4b:4f:4b:
d3:54:61:a9:54:e1:24:97:50:46:07:32:70:91:96:
91:2b:d7:6e:59:b9:ae:4c:53:24:72:2a:d4:66:f2:
34:2a:29:f9:c9:87:2d:fa:4a:0a:6f:e1:57:f4:84:
50:72:c5:11:99:3a:51:e3:05:8b:3e:5b:64:bb:d4:
ea:f4:23:d9:d1:59:4f:0e:d6:16:f3:0c:b0:f0:a4:
cd:75:0b:54:9e:ae:8a:a7:bc:12:33:6a:0c:10:9d:
56:f0:9d:74:24:fa:3d:a2:fa:bb:0d:e4:fa:11:37:
fe:f0:1a:ce:5c:06:72:36:f3:c2:5f:6b:76:d1:81:
14:6d:99:f2:50:77:8a:b4:aa:f6:e5:e1:ec:9d:f1:
4c:5d:21:21:77:1f:80:ad:3c:37:65:fe:9f:8c:6b:
72:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B9:D2:81:D0:C5:1B:BC:07:5A:40:7E:35:AF:77:09:00:4A:86:C8
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/X7nSgdDFG7wHWkB-Na93CQBKhsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:1140:200::/40
Signature Algorithm: sha256WithRSAEncryption
95:f5:82:7a:18:ac:26:90:d7:e6:02:a8:a9:28:02:aa:41:17:
bd:60:3c:8f:da:e4:39:b5:fd:22:eb:3f:9b:c0:e4:34:8d:40:
0e:26:30:2d:23:3f:08:30:35:df:23:73:63:cd:66:e8:f2:e6:
1c:70:72:4b:31:b8:97:4c:44:04:c9:18:c8:8c:9c:b8:c1:7e:
a5:b2:4c:16:7d:45:c1:c8:95:1a:65:29:30:b9:e8:b7:fc:fd:
58:c2:66:0a:58:87:47:ae:9b:bb:ec:66:bd:c5:3f:04:df:34:
b6:e3:0c:a9:f7:4a:42:8c:85:ab:ee:d6:cc:20:7e:e0:29:60:
3b:25:93:75:2c:58:8d:b2:ac:6c:03:37:cf:3b:e8:01:89:1e:
d1:de:1b:6d:58:03:ab:75:1e:72:87:14:91:16:c8:eb:40:f3:
b6:d7:d0:c0:12:0d:9a:62:ba:e6:9f:9a:19:22:a9:10:95:f9:
73:68:aa:14:32:d9:27:e0:cf:98:91:ef:c1:a8:8d:e3:73:71:
54:04:db:56:9e:f5:d5:e9:ab:2b:07:a9:43:70:1d:cf:5e:c9:
6f:a7:f0:ab:76:fc:e9:07:65:b8:8a:de:8c:f4:f6:33:07:fc:
e0:59:b5:6f:dc:c8:3d:cf:4e:7d:66:9a:3c:be:f2:fe:12:74:
d8:3b:70:3a
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEFQsVUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzE4MmFhYjVhZDllZmEzODBhNmM2ZjA2YzAxNmUxNThiZTk3N2JjMB4XDTIyMDEw
MTE1NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZiOWQyODFkMGM1
MWJiYzA3NWE0MDdlMzVhZjc3MDkwMDRhODZjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOegALbZ05F2bIXH7JdC7OfdM4HqDB3cyx5cif84dMwlIHGR
4aDOw97iwe8VK2dLLfK119SToearqksVkqe5TOxldX4uQh9Ls2pLbOd8ObRbMSWC
R9yhI+KCKfOUv7BNn1tIvT0gS09L01RhqVThJJdQRgcycJGWkSvXblm5rkxTJHIq
1GbyNCop+cmHLfpKCm/hV/SEUHLFEZk6UeMFiz5bZLvU6vQj2dFZTw7WFvMMsPCk
zXULVJ6uiqe8EjNqDBCdVvCddCT6PaL6uw3k+hE3/vAazlwGcjbzwl9rdtGBFG2Z
8lB3irSq9uXh7J3xTF0hIXcfgK08N2X+n4xrcv8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRfudKB0MUbvAdaQH41r3cJAEqGyDAfBgNVHSMEGDAWgBRXGCqrWtnvo4Cm
xvBsAW4Vi+l3vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z4Z3FxMXJaNzZPQXBzYndiQUZ1Rll2cGQ3dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOGM1MWNiLWEzYmQtNDc2ZC04ODBmLWE5NmM2MjY2YWJkYi8x
L1g3blNnZERGRzd3SFdrQi1OYTkzQ1FCS2hzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OGM1MWNiLWEzYmQtNDc2ZC04ODBmLWE5NmM2MjY2YWJkYi8xL1Z4Z3FxMXJaNzZP
QXBzYndiQUZ1Rll2cGQ3dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoCEUACMA0GCSqGSIb3DQEBCwUA
A4IBAQCV9YJ6GKwmkNfmAqipKAKqQRe9YDyP2uQ5tf0i6z+bwOQ0jUAOJjAtIz8I
MDXfI3NjzWbo8uYccHJLMbiXTEQEyRjIjJy4wX6lskwWfUXByJUaZSkwuei3/P1Y
wmYKWIdHrpu77Ga9xT8E3zS24wyp90pCjIWr7tbMIH7gKWA7JZN1LFiNsqxsAzfP
O+gBiR7R3httWAOrdR5yhxSRFsjrQPO219DAEg2aYrrmn5oZIqkQlflzaKoUMtkn
4M+Yke/BqI3jc3FUBNtWnvXV6asrB6lDcB3PXslvp/CrdvzpB2W4it6M9PYzB/zg
WbVv3Mg9z059Zpo8vvL+EnTYO3A6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:30 2024 by rpki-client on console-ams.rpki-client.org