Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cO8LWdBobc5i_Nb96gpt9Rw0SMA.roa
File: cO8LWdBobc5i_Nb96gpt9Rw0SMA.roa (raw, json)
Hash identifier: hmKITXXJv+LbAStl276kBsc8ue3JuOeBZXB7lq2+dTI=
Subject key identifier: 70:EF:0B:59:D0:68:6D:CE:62:FC:D6:FD:EA:0A:6D:F5:1C:34:48:C0
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AB2578A
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cO8LWdBobc5i_Nb96gpt9Rw0SMA.roa
Signing time: Sat 01 Jan 2022 12:02:44 +0000
ROA not before: Sat 01 Jan 2022 12:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210662
IP address blocks: 2a02:2ca7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447895434 (0x1ab2578a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 12:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70ef0b59d0686dce62fcd6fdea0a6df51c3448c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:1a:66:28:3f:a8:2a:4d:11:b1:43:3a:8d:
c5:c0:09:96:92:85:91:8e:b8:e1:4d:d4:95:a8:34:
d5:d7:74:ee:e8:e6:41:02:bf:ed:f9:cc:d7:69:9b:
1f:0a:6f:e9:34:e2:62:5d:e2:54:69:63:0a:7a:fc:
b4:e8:ac:57:2c:79:b8:fb:6c:bf:8f:34:5d:27:09:
f5:02:d8:4f:7f:61:44:fb:09:0f:67:38:f7:08:8f:
6c:a2:c8:a3:41:55:c8:d9:0d:d5:01:26:a8:e9:d1:
52:a6:e2:07:f7:01:b2:8d:39:9a:90:5c:19:81:2e:
f7:18:56:18:d7:5e:08:8f:4c:e6:15:f0:88:a9:cc:
ad:f0:8a:89:65:d0:12:63:6e:01:3a:4c:86:2e:83:
8d:b8:07:a2:3a:da:93:9c:f3:ef:e7:bb:22:c3:ba:
10:fe:48:ad:7c:8a:6f:96:e7:84:4c:32:6b:b4:0f:
f0:29:bb:a2:ad:cf:c3:82:e4:43:36:16:29:55:d2:
d2:14:36:9d:1a:ad:0a:e7:2a:94:b9:36:f9:e0:0f:
43:02:56:28:86:11:ec:f9:82:3c:d7:7c:20:cf:be:
0a:d1:f8:2c:cf:6c:5d:9b:05:b0:35:e3:22:46:b0:
26:e8:c3:17:5b:21:47:96:b3:bf:8d:3e:23:b8:56:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EF:0B:59:D0:68:6D:CE:62:FC:D6:FD:EA:0A:6D:F5:1C:34:48:C0
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cO8LWdBobc5i_Nb96gpt9Rw0SMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2ca7::/32
Signature Algorithm: sha256WithRSAEncryption
0e:11:e1:9f:30:7e:fc:fd:55:25:62:2b:f4:1d:1a:e9:49:1a:
72:37:71:3d:5c:92:ea:90:2e:44:4b:82:56:17:b1:e0:4c:8a:
88:ef:2f:27:82:b5:77:01:95:f9:9e:c3:23:66:13:c9:05:63:
d7:3a:62:7f:68:d4:fb:07:7c:aa:a8:e6:84:46:8d:3d:b5:c8:
a7:65:37:d0:0a:e9:64:63:4d:33:0c:2d:b6:7c:7f:68:ba:b6:
4e:08:bf:d6:51:5f:55:6d:cc:61:7f:4f:14:86:ed:07:e7:03:
68:05:db:0b:28:7c:4b:ef:ce:47:15:56:c3:6f:f5:4d:e2:b5:
7e:d4:d6:a5:e0:2b:bb:14:28:a3:11:e9:6f:20:e4:50:73:53:
89:78:9a:5e:5d:e0:21:ab:68:8d:86:ac:c3:98:30:c6:26:34:
9e:07:f5:c6:5f:e1:b9:ef:13:0b:5d:0f:26:4d:21:a4:af:c5:
81:27:b2:44:59:6c:30:40:81:e6:e3:26:9d:7d:98:16:c0:13:
b4:de:63:3b:7b:d7:3a:6e:bf:54:06:5a:b9:65:49:95:8d:d5:
e4:80:b4:33:a4:97:37:8d:88:a5:24:0c:0e:74:9c:01:fc:54:
0a:5a:a1:b8:c3:09:1c:ec:e5:06:22:d0:fe:68:1c:f3:e5:35:
43:88:df:91
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEGrJXijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEw
MTEyMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBlZjBiNTlkMDY4
NmRjZTYyZmNkNmZkZWEwYTZkZjUxYzM0NDhjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj5GmYoP6gqTRGxQzqNxcAJlpKFkY644U3Ulag01dd07ujm
QQK/7fnM12mbHwpv6TTiYl3iVGljCnr8tOisVyx5uPtsv480XScJ9QLYT39hRPsJ
D2c49wiPbKLIo0FVyNkN1QEmqOnRUqbiB/cBso05mpBcGYEu9xhWGNdeCI9M5hXw
iKnMrfCKiWXQEmNuATpMhi6DjbgHojrak5zz7+e7IsO6EP5IrXyKb5bnhEwya7QP
8Cm7oq3Pw4LkQzYWKVXS0hQ2nRqtCucqlLk2+eAPQwJWKIYR7PmCPNd8IM++CtH4
LM9sXZsFsDXjIkawJujDF1shR5azv40+I7hWrSECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRw7wtZ0GhtzmL81v3qCm31HDRIwDAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
L2NPOExXZEJvYmM1aV9OYjk2Z3B0OVJ3MFNNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoCLKcwDQYJKoZIhvcNAQELBQAD
ggEBAA4R4Z8wfvz9VSViK/QdGulJGnI3cT1ckuqQLkRLglYXseBMiojvLyeCtXcB
lfmewyNmE8kFY9c6Yn9o1PsHfKqo5oRGjT21yKdlN9AK6WRjTTMMLbZ8f2i6tk4I
v9ZRX1VtzGF/TxSG7QfnA2gF2wsofEvvzkcVVsNv9U3itX7U1qXgK7sUKKMR6W8g
5FBzU4l4ml5d4CGraI2GrMOYMMYmNJ4H9cZf4bnvEwtdDyZNIaSvxYEnskRZbDBA
gebjJp19mBbAE7TeYzt71zpuv1QGWrllSZWN1eSAtDOklzeNiKUkDA50nAH8VApa
objDCRzs5QYi0P5oHPPlNUOI35E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:13 2023 by rpki-client on console-ams.rpki-client.org