Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jcYpeNI-kWOyx5_cTUI83i-_Rm8.roa
File: jcYpeNI-kWOyx5_cTUI83i-_Rm8.roa (raw, json)
Hash identifier: jcL8pNrpLcFzFcWw4gA3m8WnJQk8QXfwXoZ/m7sdfJU=
Subject key identifier: 8D:C6:29:78:D2:3E:91:63:B2:C7:9F:DC:4D:42:3C:DE:2F:BF:46:6F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01852919327052AC146BBCC991FD97B54499
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jcYpeNI-kWOyx5_cTUI83i-_Rm8.roa
Signing time: Mon 19 Dec 2022 06:36:35 +0000
ROA not before: Mon 19 Dec 2022 06:36:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a0e:a580::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:19:32:70:52:ac:14:6b:bc:c9:91:fd:97:b5:44:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 19 06:36:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dc62978d23e9163b2c79fdc4d423cde2fbf466f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6f:9f:a9:40:6a:40:b3:bd:c9:f9:27:1b:cf:
94:b9:ef:de:f1:d5:eb:37:2d:cd:c5:d6:49:ad:45:
09:0c:20:bb:cc:d1:38:08:d3:bd:d5:91:e3:2c:16:
a9:cb:c7:3b:90:80:ec:b9:50:5a:71:eb:88:14:6c:
a8:b5:f5:d0:2c:56:dd:00:0f:5a:42:d6:4c:fc:e3:
43:01:e7:29:74:bc:24:e5:fe:03:08:a4:01:f0:8b:
d3:a5:66:86:57:38:bc:bc:0b:cd:66:78:6b:17:6a:
61:6e:46:60:9e:24:c5:be:48:24:8f:65:0c:7b:13:
6e:c6:47:39:b2:51:dd:3b:37:c3:94:be:99:7f:94:
e7:33:46:d9:28:43:3f:01:12:e5:1d:01:90:a4:cd:
f1:8f:c4:b1:54:e8:08:05:e2:c1:27:e6:d3:e2:db:
98:8b:86:99:f7:fd:7c:6a:18:80:e5:bc:d9:c4:5e:
d9:29:03:fe:ae:d2:39:3b:06:19:7a:e1:3e:bd:ac:
c8:5d:43:18:30:87:95:f3:e2:ef:cc:4a:3b:68:54:
73:aa:f5:2b:58:99:ca:31:d9:0d:9f:f5:cd:98:f0:
ac:36:15:ad:c1:30:61:57:c3:34:f4:05:a8:f4:98:
1e:5e:f4:1a:ca:d3:31:e2:5f:b5:f7:3f:9d:0e:26:
7a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C6:29:78:D2:3E:91:63:B2:C7:9F:DC:4D:42:3C:DE:2F:BF:46:6F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jcYpeNI-kWOyx5_cTUI83i-_Rm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:c3:10:c9:b6:aa:1e:03:4e:c1:45:b8:37:51:2b:05:0c:d9:
ba:e2:f2:21:38:80:37:c7:2c:6e:cf:fa:99:22:78:5a:a7:94:
27:b9:b5:62:2a:a0:d3:27:90:42:c5:37:98:ec:67:86:67:34:
6f:97:8a:ce:08:50:a3:74:c7:14:fb:ca:9c:36:e6:0c:3b:93:
7d:9a:1c:d8:f4:6f:f3:2e:28:91:39:33:d5:0a:cb:1a:aa:0c:
de:28:02:58:89:1a:49:64:73:6e:72:6c:3d:e6:40:50:8e:9c:
64:59:39:28:e2:8c:76:db:32:80:79:18:32:9c:04:b9:fd:74:
c4:15:93:a8:3b:94:c9:f6:9d:a5:28:1c:37:6d:6b:a5:0f:56:
05:4a:9b:b5:f9:ea:57:22:41:53:c1:29:3d:0d:b2:f3:7a:c3:
ef:d0:a3:ff:e6:7b:f6:45:89:a6:d8:3c:23:f1:70:f9:77:80:
95:1a:ca:b7:cd:19:e2:5a:c4:0a:12:4b:de:42:2b:b4:84:85:
66:df:e7:ac:74:57:be:dc:1a:ac:6e:dc:c7:17:14:f0:1d:bf:
46:8a:3f:56:30:b4:df:b2:19:d6:b0:29:62:a4:32:18:44:1a:
50:b3:a0:e6:df:46:1f:51:fe:d5:c0:92:eb:23:ef:46:3c:11:
7e:ae:1b:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUpGTJwUqwUa7zJkf2XtUSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMjE5MDYzNjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGM2Mjk3OGQyM2U5MTYzYjJjNzlmZGM0ZDQyM2NkZTJmYmY0NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm+fqUBqQLO9yfknG8+Uue/e8dXr
Ny3NxdZJrUUJDCC7zNE4CNO91ZHjLBapy8c7kIDsuVBaceuIFGyotfXQLFbdAA9a
QtZM/ONDAecpdLwk5f4DCKQB8IvTpWaGVzi8vAvNZnhrF2phbkZgniTFvkgkj2UM
exNuxkc5slHdOzfDlL6Zf5TnM0bZKEM/ARLlHQGQpM3xj8SxVOgIBeLBJ+bT4tuY
i4aZ9/18ahiA5bzZxF7ZKQP+rtI5OwYZeuE+vazIXUMYMIeV8+LvzEo7aFRzqvUr
WJnKMdkNn/XNmPCsNhWtwTBhV8M09AWo9JgeXvQaytMx4l+19z+dDiZ6kQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI3GKXjSPpFjssef3E1CPN4vv0ZvMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvamNZcGVOSS1rV095eDVfY1RVSTgzaS1fUm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg6jwAMF
AyoOpYADBQMqDrrAMA0GCSqGSIb3DQEBCwUAA4IBAQCjwxDJtqoeA07BRbg3USsF
DNm64vIhOIA3xyxuz/qZInhap5QnubViKqDTJ5BCxTeY7GeGZzRvl4rOCFCjdMcU
+8qcNuYMO5N9mhzY9G/zLiiROTPVCssaqgzeKAJYiRpJZHNucmw95kBQjpxkWTko
4ox22zKAeRgynAS5/XTEFZOoO5TJ9p2lKBw3bWulD1YFSpu1+epXIkFTwSk9DbLz
esPv0KP/5nv2RYmm2Dwj8XD5d4CVGsq3zRniWsQKEkveQiu0hIVm3+esdFe+3Bqs
btzHFxTwHb9Gij9WMLTfshnWsClipDIYRBpQs6Dm30YfUf7VwJLrI+9GPBF+rhsp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-fra.rpki-client.org