Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/sdWtXisuBqhbGJX1vSMpm5AINe0.roa
File: sdWtXisuBqhbGJX1vSMpm5AINe0.roa (raw, json)
Hash identifier: xdoRkT4Sqxr0fyOcyuJILJPDhpBDls9uh9rl/V4m868=
Subject key identifier: B1:D5:AD:5E:2B:2E:06:A8:5B:18:95:F5:BD:23:29:9B:90:08:35:ED
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 057AADFE
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/sdWtXisuBqhbGJX1vSMpm5AINe0.roa
Signing time: Sat 01 Jan 2022 05:01:15 +0000
ROA not before: Sat 01 Jan 2022 05:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24239
IP address blocks: 2a05:1085::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91926014 (0x57aadfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 05:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1d5ad5e2b2e06a85b1895f5bd23299b900835ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0d:dc:60:5a:60:4d:10:40:66:6a:1b:d9:be:
00:7b:b9:c7:21:19:7c:f4:eb:80:64:43:cf:d8:2e:
bd:7b:ba:3d:95:e2:08:f3:1f:e7:50:05:ba:48:79:
62:b4:be:59:55:93:d8:50:b3:b7:20:a5:5a:e0:05:
93:30:43:4b:5d:6e:3a:68:d8:0f:1a:9a:3b:f1:85:
16:19:11:a5:d3:40:0c:ad:55:dd:0a:5b:14:f0:61:
1c:38:ad:4a:86:86:67:96:13:d9:3f:b1:78:c3:ed:
98:eb:eb:8f:25:14:ca:cb:0b:5a:b6:4d:a2:cc:b4:
dd:d9:4c:0e:c5:c3:94:fa:99:dd:d7:a5:f8:4f:4e:
85:02:88:14:50:54:6a:36:f5:4e:62:01:a1:a0:61:
42:90:5c:37:56:96:0d:4f:7c:97:1f:ea:f6:fd:90:
e0:95:bd:a6:23:bd:da:39:d0:9f:2f:52:55:5c:95:
2f:02:5c:54:95:42:62:d8:64:b2:6d:63:04:b7:12:
b1:d8:fa:06:42:e5:2a:d4:df:ec:d1:7d:05:78:84:
ba:a4:c8:85:0f:2d:ab:83:a6:a9:4f:5d:b6:81:2c:
3e:1f:63:28:4b:a4:fa:9e:47:1f:4d:4d:ab:92:9e:
23:29:ee:53:2a:c6:02:6f:5b:80:91:33:d0:57:b5:
bb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D5:AD:5E:2B:2E:06:A8:5B:18:95:F5:BD:23:29:9B:90:08:35:ED
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/sdWtXisuBqhbGJX1vSMpm5AINe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1085::/32
Signature Algorithm: sha256WithRSAEncryption
b4:76:8b:4a:22:3d:09:c9:b5:85:54:92:2b:d0:6b:27:ec:fa:
f4:46:e2:f5:00:d2:e9:16:9b:ee:94:0c:3a:96:d9:7f:35:21:
71:85:5e:e4:c9:da:c7:71:82:6b:93:59:d5:a7:2b:84:43:59:
75:a6:50:ca:4b:0a:81:7a:99:9c:81:d8:4b:f1:ad:87:c1:37:
51:0f:a2:6e:dc:30:50:96:3b:40:8f:e0:c3:da:fa:a9:d7:69:
0a:dc:d2:db:2f:fb:06:78:14:c2:25:bd:c4:73:62:e6:15:24:
0d:08:a1:59:60:81:d8:f4:9c:ca:22:3a:c8:08:23:ec:20:c4:
91:6b:fa:6d:39:76:1b:3a:34:6d:81:08:a3:cc:92:dd:7b:41:
35:10:ee:35:2a:28:a5:70:41:65:ab:a5:ed:f1:a9:a7:db:4d:
59:80:2b:86:e0:25:91:42:ac:48:65:7c:31:15:01:c0:ec:2a:
c7:83:2e:db:78:b0:b9:5e:17:a8:2f:98:32:de:9a:d6:be:43:
1c:28:6b:a7:01:fb:31:36:2a:95:d3:0e:f3:13:17:80:12:6b:
38:1e:37:87:c5:10:04:8f:fe:14:c7:c2:1c:fc:06:84:75:90:
04:7a:6e:74:19:34:93:ca:2d:86:3b:33:77:64:5f:a2:f4:99:
f1:b8:24:64
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBXqt/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2M2OWQwNDU4MzUwMGM1ZWY4MTEzNjgzMTIzNzU5M2UwYmI4NmNlMB4XDTIyMDEw
MTA1MDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFkNWFkNWUyYjJl
MDZhODViMTg5NWY1YmQyMzI5OWI5MDA4MzVlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0N3GBaYE0QQGZqG9m+AHu5xyEZfPTrgGRDz9guvXu6PZXi
CPMf51AFukh5YrS+WVWT2FCztyClWuAFkzBDS11uOmjYDxqaO/GFFhkRpdNADK1V
3QpbFPBhHDitSoaGZ5YT2T+xeMPtmOvrjyUUyssLWrZNosy03dlMDsXDlPqZ3del
+E9OhQKIFFBUajb1TmIBoaBhQpBcN1aWDU98lx/q9v2Q4JW9piO92jnQny9SVVyV
LwJcVJVCYthksm1jBLcSsdj6BkLlKtTf7NF9BXiEuqTIhQ8tq4OmqU9dtoEsPh9j
KEuk+p5HH01Nq5KeIynuUyrGAm9bgJEz0Fe1u08CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSx1a1eKy4GqFsYlfW9IymbkAg17TAfBgNVHSMEGDAWgBRzxp0EWDUAxe+B
E2gxI3WT4LuGzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M4YWRCRmcxQU1YdmdSTm9NU04xay1DN2hzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8x
L3NkV3RYaXN1QnFoYkdKWDF2U01wbTVBSU5lMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8xL2M4YWRCRmcxQU1Y
dmdSTm9NU04xay1DN2hzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoFEIUwDQYJKoZIhvcNAQELBQAD
ggEBALR2i0oiPQnJtYVUkivQayfs+vRG4vUA0ukWm+6UDDqW2X81IXGFXuTJ2sdx
gmuTWdWnK4RDWXWmUMpLCoF6mZyB2EvxrYfBN1EPom7cMFCWO0CP4MPa+qnXaQrc
0tsv+wZ4FMIlvcRzYuYVJA0IoVlggdj0nMoiOsgII+wgxJFr+m05dhs6NG2BCKPM
kt17QTUQ7jUqKKVwQWWrpe3xqafbTVmAK4bgJZFCrEhlfDEVAcDsKseDLtt4sLle
F6gvmDLemta+Qxwoa6cB+zE2KpXTDvMTF4ASazgeN4fFEASP/hTHwhz8BoR1kAR6
bnQZNJPKLYY7M3dkX6L0mfG4JGQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-ams.rpki-client.org