Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/r8okmAFJKn3ZrSfkCbeKYDQ74hg.roa
File: r8okmAFJKn3ZrSfkCbeKYDQ74hg.roa (raw, json)
Hash identifier: E/XOKVE5fchZz0OhnS3wE0SyOIrJDUohgT3bILtQgw0=
Subject key identifier: AF:CA:24:98:01:49:2A:7D:D9:AD:27:E4:09:B7:8A:60:34:3B:E2:18
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 0182B0D612677B2A77E3CC7B4937F1B4F9F8
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/r8okmAFJKn3ZrSfkCbeKYDQ74hg.roa
Signing time: Thu 18 Aug 2022 12:03:15 +0000
ROA not before: Thu 18 Aug 2022 12:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a13:3305::/32 maxlen: 32
2a13:3304::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:d6:12:67:7b:2a:77:e3:cc:7b:49:37:f1:b4:f9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Aug 18 12:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afca249801492a7dd9ad27e409b78a60343be218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:37:55:1f:e9:65:b8:c7:df:57:91:ef:cb:6a:
c7:a0:3e:e8:5d:ba:98:fd:2b:53:dc:5b:3f:7d:64:
f4:8a:87:7d:8c:ba:35:aa:8e:97:b4:95:03:f0:c0:
b1:89:51:a4:60:20:37:ee:46:36:ad:0c:af:0d:60:
5e:dc:cc:b4:5d:67:e0:e6:5d:e6:c2:46:0f:95:63:
ad:00:3a:b7:a2:24:d2:ea:cd:68:c8:f2:c3:7b:7e:
d0:5a:dc:79:5e:66:26:83:55:1a:59:32:d3:3f:b0:
21:9f:a6:d8:99:cb:58:cf:b4:58:f0:0d:6d:3c:1d:
2d:55:16:42:c8:d6:3e:6c:ea:af:40:1d:3d:cc:22:
8b:72:02:24:ee:52:22:49:6c:d1:bc:db:4c:d8:cd:
3b:57:3d:80:58:5a:cd:cd:c1:d4:68:69:34:1e:7a:
89:1e:07:c8:fa:c8:be:7b:e7:ab:71:7f:54:1c:4b:
92:d6:42:c6:56:cd:88:8d:e1:b1:0b:18:e0:d1:e1:
27:8c:19:82:6b:7e:81:61:8c:2a:1d:c9:0b:ad:58:
ba:cb:8e:d5:8e:0c:a1:ee:6f:b1:ef:80:f6:db:ac:
63:62:e7:62:a0:a2:07:0f:c3:e5:25:9f:d1:73:05:
c4:19:d2:59:22:de:b7:2f:9b:01:8b:6d:e6:f1:34:
67:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CA:24:98:01:49:2A:7D:D9:AD:27:E4:09:B7:8A:60:34:3B:E2:18
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/r8okmAFJKn3ZrSfkCbeKYDQ74hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3304::/31
Signature Algorithm: sha256WithRSAEncryption
6b:59:94:34:cd:7f:4e:d9:cf:b0:85:dd:a7:f4:41:b7:d7:a9:
02:ce:8c:1c:fe:f7:27:68:61:df:64:dd:31:bc:c5:12:90:f8:
a5:d4:4c:b5:b8:1f:45:93:89:0e:f2:be:b1:2b:2b:37:ad:d5:
f5:60:3a:64:e3:3b:8a:2b:d6:50:cd:84:ff:f0:d6:c4:67:5b:
42:41:e9:24:92:ba:94:37:78:ea:21:b5:4b:e2:55:d8:2b:a5:
71:30:6b:e7:6e:07:98:6a:22:26:18:7d:c9:49:c6:94:f2:a2:
6a:d6:9f:76:08:41:c1:6d:ea:f1:ac:71:22:9f:96:8e:2c:88:
cc:f6:cf:85:44:13:c1:93:0d:b3:b1:5d:b7:f1:c4:d4:f0:9c:
04:e4:d9:36:35:e8:d1:08:bc:ce:17:be:ac:09:db:14:7c:1f:
c9:44:ec:1c:f0:9f:66:25:25:98:71:cc:75:49:62:bb:20:13:
0c:89:e5:86:86:a4:88:a4:18:a4:a5:3f:90:ee:d3:03:a0:72:
1d:31:48:55:71:5b:e0:90:7c:1f:56:0d:a9:24:32:da:f2:e5:
2f:7d:e9:cb:86:8a:bf:5f:08:13:af:2b:5b:77:c8:ca:4f:b9:
76:8c:05:ea:22:08:e1:fe:a6:af:bb:1e:43:2a:9f:ab:25:64:
be:20:98:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKw1hJneyp348x7STfxtPn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjIwODE4MTIwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNhMjQ5ODAxNDkyYTdkZDlhZDI3ZTQwOWI3OGE2MDM0M2JlMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDdVH+lluMffV5Hvy2rHoD7oXbqY
/StT3Fs/fWT0iod9jLo1qo6XtJUD8MCxiVGkYCA37kY2rQyvDWBe3My0XWfg5l3m
wkYPlWOtADq3oiTS6s1oyPLDe37QWtx5XmYmg1UaWTLTP7Ahn6bYmctYz7RY8A1t
PB0tVRZCyNY+bOqvQB09zCKLcgIk7lIiSWzRvNtM2M07Vz2AWFrNzcHUaGk0HnqJ
HgfI+si+e+ercX9UHEuS1kLGVs2IjeGxCxjg0eEnjBmCa36BYYwqHckLrVi6y47V
jgyh7m+x74D226xjYudioKIHD8PlJZ/RcwXEGdJZIt63L5sBi23m8TRnGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK/KJJgBSSp92a0n5Am3imA0O+IYMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvcjhva21BRkpLbjNaclNma0NiZUtZRFE3NGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhMzBDAN
BgkqhkiG9w0BAQsFAAOCAQEAa1mUNM1/TtnPsIXdp/RBt9epAs6MHP73J2hh32Td
MbzFEpD4pdRMtbgfRZOJDvK+sSsrN63V9WA6ZOM7iivWUM2E//DWxGdbQkHpJJK6
lDd46iG1S+JV2CulcTBr524HmGoiJhh9yUnGlPKiatafdghBwW3q8axxIp+WjiyI
zPbPhUQTwZMNs7Fdt/HE1PCcBOTZNjXo0Qi8zhe+rAnbFHwfyUTsHPCfZiUlmHHM
dUliuyATDInlhoakiKQYpKU/kO7TA6ByHTFIVXFb4JB8H1YNqSQy2vLlL33py4aK
v18IE68rW3fIyk+5dowF6iII4f6mr7seQyqfqyVkviCY7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org