Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/ja91AqW5ZklKB9S5fn4zfUd82k0.roa
File: ja91AqW5ZklKB9S5fn4zfUd82k0.roa (raw, json)
Hash identifier: t22Idu433C0laHx2NeLdirOp4+j/TxOa3qsbGZnez+k=
Subject key identifier: 8D:AF:75:02:A5:B9:66:49:4A:07:D4:B9:7E:7E:33:7D:47:7C:DA:4D
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 05950002
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/ja91AqW5ZklKB9S5fn4zfUd82k0.roa
Signing time: Sat 01 Jan 2022 07:03:55 +0000
ROA not before: Sat 01 Jan 2022 07:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6910
IP address blocks: 2a03:9c00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93650946 (0x5950002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8daf7502a5b966494a07d4b97e7e337d477cda4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:24:1c:da:7e:d5:c0:f7:8b:fa:ac:5a:df:
11:f1:f1:12:7c:bd:f7:0a:03:a2:1b:3a:0d:ea:0d:
d0:39:b0:1b:ef:a4:21:c1:53:9b:bf:ad:58:a4:f0:
eb:60:cc:bf:ab:a2:91:9c:bf:1f:0d:cf:f0:8e:eb:
58:2a:c8:97:de:85:70:d0:7c:40:8d:54:62:4c:7d:
c3:fe:fe:6e:a6:d2:c1:a6:56:3e:5f:e7:c5:08:64:
83:f5:cd:71:6a:b6:4d:08:3d:14:10:46:68:aa:04:
73:31:1d:70:1d:ac:aa:e8:71:e5:ee:a8:40:b8:e7:
cf:ec:28:87:0d:45:36:6d:b2:e3:e1:02:2b:a3:0c:
d3:b3:3d:17:eb:f3:bf:ac:5b:f5:1b:c8:0f:51:98:
5d:36:fc:61:a4:80:05:bf:f2:d7:59:99:78:0f:0d:
35:1e:a3:d1:46:55:6b:aa:03:ff:d4:ac:0f:4e:40:
ea:7c:7c:d6:bc:2f:d5:58:03:62:11:c6:47:97:3b:
39:f7:2a:08:e0:c9:e9:fe:86:ad:47:0c:bb:fa:c5:
78:0d:c2:bf:7f:6d:2a:1b:3c:86:55:f0:c2:b6:71:
2c:3d:f2:bb:6d:16:57:1e:fe:d0:98:a7:51:1d:4e:
c9:75:d9:fa:c4:71:2c:a5:23:34:f5:11:92:f0:d7:
bc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AF:75:02:A5:B9:66:49:4A:07:D4:B9:7E:7E:33:7D:47:7C:DA:4D
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/ja91AqW5ZklKB9S5fn4zfUd82k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
56:d5:37:56:a3:24:0e:a2:33:05:1b:f1:32:fa:d0:c9:4f:dc:
cf:a2:87:2a:43:db:6a:bc:57:06:ff:0f:c7:fa:88:a1:95:f7:
4c:9e:79:3b:d4:6e:dd:37:fc:ed:1b:5b:5e:fe:4b:67:57:71:
cf:51:e5:d8:25:e1:6f:fb:23:04:34:1c:48:75:2f:4f:10:d2:
4e:11:1d:94:69:9c:d8:15:4e:4b:3c:6f:ff:78:96:01:09:81:
03:29:50:9b:46:c4:4c:ce:33:5b:0f:d5:2e:9e:20:3c:1a:b2:
6e:7e:b1:74:4d:78:f5:a8:c5:28:c9:8c:1a:6a:d7:16:4e:ea:
27:a5:51:51:1c:3e:b3:72:31:65:59:34:a1:dc:86:de:ad:a3:
36:80:31:36:d0:8b:55:09:31:ba:47:58:e1:02:a3:1f:19:f9:
92:ca:46:b2:54:1d:34:a8:b8:d9:98:71:eb:55:6f:6a:ec:2e:
13:af:37:81:92:f1:a8:01:95:e4:f6:cb:c5:a0:28:25:d9:7e:
28:c6:a4:26:ab:2d:09:27:84:7f:75:4e:70:f8:7e:12:3b:d3:
91:ae:95:3a:aa:74:10:82:9a:db:6c:06:be:f8:0e:77:4b:6f:
c5:ea:d8:48:51:6d:2e:2c:ec:95:25:5e:e9:4f:73:94:20:19:
cf:cc:e7:89
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBZUAAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRhZjc1MDJhNWI5
NjY0OTRhMDdkNGI5N2U3ZTMzN2Q0NzdjZGE0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmpJBzaftXA94v6rFrfEfHxEny99woDohs6DeoN0DmwG++k
IcFTm7+tWKTw62DMv6uikZy/Hw3P8I7rWCrIl96FcNB8QI1UYkx9w/7+bqbSwaZW
Pl/nxQhkg/XNcWq2TQg9FBBGaKoEczEdcB2squhx5e6oQLjnz+wohw1FNm2y4+EC
K6MM07M9F+vzv6xb9RvID1GYXTb8YaSABb/y11mZeA8NNR6j0UZVa6oD/9SsD05A
6nx81rwv1VgDYhHGR5c7OfcqCODJ6f6GrUcMu/rFeA3Cv39tKhs8hlXwwrZxLD3y
u20WVx7+0JinUR1OyXXZ+sRxLKUjNPURkvDXvNsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSNr3UCpblmSUoH1Ll+fjN9R3zaTTAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
L2phOTFBcVc1WmtsS0I5UzVmbjR6ZlVkODJrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDnAAAATANBgkqhkiG9w0BAQsF
AAOCAQEAVtU3VqMkDqIzBRvxMvrQyU/cz6KHKkPbarxXBv8Px/qIoZX3TJ55O9Ru
3Tf87RtbXv5LZ1dxz1Hl2CXhb/sjBDQcSHUvTxDSThEdlGmc2BVOSzxv/3iWAQmB
AylQm0bETM4zWw/VLp4gPBqybn6xdE149ajFKMmMGmrXFk7qJ6VRURw+s3IxZVk0
odyG3q2jNoAxNtCLVQkxukdY4QKjHxn5kspGslQdNKi42Zhx61VvauwuE683gZLx
qAGV5PbLxaAoJdl+KMakJqstCSeEf3VOcPh+EjvTka6VOqp0EIKa22wGvvgOd0tv
xerYSFFtLizslSVe6U9zlCAZz8zniQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:43 2024 by rpki-client on console-ams.rpki-client.org