Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cTkoxNzWxmt1oNiUDcNaOhJXDoI.roa
File: cTkoxNzWxmt1oNiUDcNaOhJXDoI.roa (raw, json)
Hash identifier: ykthR1CDuTYVc83M5elALZoKHVWc3xdUuTvVGTl5Zro=
Subject key identifier: 71:39:28:C4:DC:D6:C6:6B:75:A0:D8:94:0D:C3:5A:3A:12:57:0E:82
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01842CA91D06BB67C10F203F8A9DE7575B3E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cTkoxNzWxmt1oNiUDcNaOhJXDoI.roa
Signing time: Mon 31 Oct 2022 06:09:51 +0000
ROA not before: Mon 31 Oct 2022 06:09:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4785
IP address blocks: 2a07:e340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2c:a9:1d:06:bb:67:c1:0f:20:3f:8a:9d:e7:57:5b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 31 06:09:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=713928c4dcd6c66b75a0d8940dc35a3a12570e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:60:b2:51:39:38:fb:98:f0:21:8d:d8:47:7d:
21:42:8f:60:bf:b9:02:4b:2a:cf:f5:63:81:4f:cf:
a5:74:31:78:46:ed:97:11:b2:8e:36:d2:a9:6e:5a:
89:ec:c1:76:c8:b5:5a:38:04:46:14:d4:f1:fc:6a:
f6:b5:a3:48:b7:2b:44:6b:f0:e9:00:f6:62:4a:46:
9c:ed:9d:6d:19:01:6f:cf:74:f9:3e:49:4f:62:6e:
71:05:21:fa:d6:17:67:fd:52:03:50:cd:2e:c2:cb:
13:d3:e2:a7:89:5b:68:33:5d:4c:f9:64:e2:66:16:
08:f8:54:ba:da:cd:39:e9:f1:15:23:97:b6:0c:f7:
69:f7:8b:2c:60:33:06:4e:cb:0f:c3:14:e7:cf:5d:
11:2e:7e:d6:e6:0f:8a:fb:d3:ac:a1:11:2e:aa:f1:
62:4a:17:9a:07:5c:21:ef:8a:2a:04:16:a7:0a:53:
14:cd:a7:e5:86:b0:b8:39:38:39:88:e3:34:fc:e3:
dd:a7:ef:a1:b6:87:61:1d:9f:b6:cf:e0:cc:49:e2:
14:06:0b:05:91:43:88:cc:cf:69:41:1f:d5:47:55:
19:d6:14:3c:1f:9b:06:be:58:fc:c2:f3:65:64:c1:
5b:f5:37:32:1a:ad:0f:4a:77:f9:fe:d8:83:c7:34:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:39:28:C4:DC:D6:C6:6B:75:A0:D8:94:0D:C3:5A:3A:12:57:0E:82
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cTkoxNzWxmt1oNiUDcNaOhJXDoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e340::/32
Signature Algorithm: sha256WithRSAEncryption
7e:1a:3f:58:34:a2:76:4e:a8:00:1b:ab:43:44:47:7d:6a:d9:
a3:d9:0b:16:ab:a9:dd:de:e1:d4:9b:e1:5c:c8:ec:4c:1c:13:
70:32:88:99:63:50:c7:31:5c:66:b4:02:1a:4b:99:07:24:e0:
df:49:8e:b4:80:fb:3c:39:28:eb:eb:f0:5b:2f:1a:99:22:a4:
5e:60:f5:46:96:47:3a:a0:36:23:a3:15:57:63:06:5e:c7:b8:
8e:70:69:51:42:66:76:21:ac:f3:42:70:32:b6:3b:94:3c:99:
18:67:fd:6b:e9:bf:0d:eb:de:8b:7b:e8:3e:15:74:43:99:6b:
4a:23:47:62:41:7d:98:31:cc:4f:28:15:d7:31:47:c9:dc:da:
64:d4:ef:b3:ff:80:75:c3:f1:31:86:1a:17:ff:e2:01:6d:96:
cb:86:02:66:46:49:2e:29:88:00:c7:3c:67:f8:d7:70:cb:df:
96:68:e8:bd:b2:26:db:33:b8:c7:c3:06:9c:39:de:f9:03:39:
23:8f:3a:37:95:9a:2b:6d:26:8f:d9:f0:7a:18:fa:af:69:1d:
21:0a:b2:46:b7:5d:1b:94:bd:c1:90:14:17:fe:a0:39:b7:aa:
c9:cc:8d:0d:1a:f9:3e:8b:bc:e8:d5:7a:30:7c:13:27:9b:ad:
cf:ed:4b:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQsqR0Gu2fBDyA/ip3nV1s+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDMxMDYwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM5MjhjNGRjZDZjNjZiNzVhMGQ4OTQwZGMzNWEzYTEyNTcwZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2CyUTk4+5jwIY3YR30hQo9gv7kC
SyrP9WOBT8+ldDF4Ru2XEbKONtKpblqJ7MF2yLVaOARGFNTx/Gr2taNItytEa/Dp
APZiSkac7Z1tGQFvz3T5PklPYm5xBSH61hdn/VIDUM0uwssT0+KniVtoM11M+WTi
ZhYI+FS62s056fEVI5e2DPdp94ssYDMGTssPwxTnz10RLn7W5g+K+9OsoREuqvFi
SheaB1wh74oqBBanClMUzaflhrC4OTg5iOM0/OPdp++htodhHZ+2z+DMSeIUBgsF
kUOIzM9pQR/VR1UZ1hQ8H5sGvlj8wvNlZMFb9TcyGq0PSnf5/tiDxzTnywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHE5KMTc1sZrdaDYlA3DWjoSVw6CMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvY1Rrb3hOeld4bXQxb05pVURjTmFPaEpYRG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfho/WDSidk6oABurQ0RHfWrZo9kLFqup3d7h1Jvh
XMjsTBwTcDKImWNQxzFcZrQCGkuZByTg30mOtID7PDko6+vwWy8amSKkXmD1RpZH
OqA2I6MVV2MGXse4jnBpUUJmdiGs80JwMrY7lDyZGGf9a+m/Devei3voPhV0Q5lr
SiNHYkF9mDHMTygV1zFHydzaZNTvs/+AdcPxMYYaF//iAW2Wy4YCZkZJLimIAMc8
Z/jXcMvflmjovbIm2zO4x8MGnDne+QM5I486N5WaK20mj9nwehj6r2kdIQqyRrdd
G5S9wZAUF/6gObeqycyNDRr5Pou86NV6MHwTJ5utz+1Lfg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:24 2023 by rpki-client on console-ams.rpki-client.org