Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/9ERvPNYeESEw2CX7fElAO_6qF3A.roa
File: 9ERvPNYeESEw2CX7fElAO_6qF3A.roa (raw, json)
Hash identifier: WW9KH5n+fdW4L7geBoXNqU5Hv9unhh2C9+dkL8FEMTw=
Subject key identifier: F4:44:6F:3C:D6:1E:11:21:30:D8:25:FB:7C:49:40:3B:FE:AA:17:70
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 1BF1D466
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/9ERvPNYeESEw2CX7fElAO_6qF3A.roa
Signing time: Sat 01 Jan 2022 09:57:29 +0000
ROA not before: Sat 01 Jan 2022 09:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30860
IP address blocks: 2a00:17a0:1005::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468833382 (0x1bf1d466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Jan 1 09:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4446f3cd61e112130d825fb7c49403bfeaa1770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:90:4f:fd:30:57:92:f3:df:c2:e0:df:a5:ec:
d0:06:45:ea:91:c7:a3:29:32:e1:8c:01:78:b0:fd:
bc:ef:41:61:00:b7:8c:85:22:9f:e1:7a:67:cc:2d:
db:a3:eb:6c:fe:ee:fd:bf:78:41:4f:49:15:a4:66:
2e:01:ee:e1:5e:59:3f:52:c8:3c:ea:56:16:e5:84:
0a:7e:cf:63:21:79:c6:3a:09:a2:f2:bd:e3:d1:bc:
ef:80:8f:df:96:37:23:e3:b7:8c:1d:81:db:0d:da:
c4:d7:92:3c:1b:1a:f7:3d:5a:d1:2f:43:1b:d0:f5:
2d:69:42:fa:d7:1b:b4:84:4c:67:4d:f2:24:10:20:
da:9a:8a:80:b3:77:5a:a6:1d:70:e3:71:05:5b:eb:
09:d9:cc:58:c3:a8:41:5c:a3:31:6e:1d:0b:cc:f5:
fb:b1:a8:91:02:a8:c0:83:44:98:e0:ea:f5:1e:a6:
84:85:7c:f6:a8:fe:10:dc:c4:ca:9a:e1:a8:08:f7:
1b:8b:69:2d:28:18:e5:5a:ec:7b:70:af:e6:c7:4d:
c2:7d:d4:67:22:5c:11:e1:e4:6e:f6:03:4c:9b:5a:
82:9e:e7:6d:74:82:a2:a9:41:d3:ed:2a:c8:b5:a1:
01:84:ca:fd:86:e2:58:d8:17:4a:8e:c8:12:c4:fb:
25:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:44:6F:3C:D6:1E:11:21:30:D8:25:FB:7C:49:40:3B:FE:AA:17:70
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/9ERvPNYeESEw2CX7fElAO_6qF3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:17a0:1005::/48
Signature Algorithm: sha256WithRSAEncryption
47:1d:dd:3f:54:6c:81:c5:62:05:b7:a8:06:c1:0e:b0:93:da:
01:a9:29:54:20:bb:52:46:51:e1:be:d8:4d:ca:45:11:ba:4f:
ea:f4:45:f3:b9:f4:35:e4:01:52:71:c7:3c:64:25:99:3b:05:
a7:86:85:c5:ac:49:f8:9d:9f:68:95:80:e7:33:58:6f:bb:93:
0b:69:c2:f2:cf:90:e9:4c:79:b6:0e:b4:63:ca:f6:bb:a6:6f:
c4:b4:db:28:92:c9:b8:bc:44:d4:25:6f:51:ac:f5:59:c8:0f:
f3:14:0f:f4:9e:46:5d:63:16:bc:70:50:33:8c:55:40:91:cd:
6b:a2:3f:87:c1:b3:b0:ed:6a:bf:08:c6:bc:c0:92:81:b9:62:
c4:54:67:fe:3e:c3:1e:26:01:dc:0d:7e:71:26:94:e5:36:5a:
65:59:1a:a4:eb:58:84:9f:ab:7b:0d:95:96:55:9f:a5:2d:9f:
45:4c:7f:74:35:89:27:4e:ea:de:a8:85:1c:f2:51:b5:55:96:
6d:84:69:b5:14:4b:2b:06:d6:51:ab:2d:a9:21:95:34:16:19:
26:45:b9:68:d9:9c:24:68:15:ba:4e:80:a6:a6:c2:19:c0:a6:
34:47:62:bb:c6:32:d1:8c:0d:14:f9:69:03:bb:94:28:87:3a:
35:70:a2:69
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEG/HUZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njk0NzY4MWRhMGRiN2ZlNzkzMTVlYzZkYmRhMjhiZjhkNjYwZmMwMB4XDTIyMDEw
MTA5NTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ0NDZmM2NkNjFl
MTEyMTMwZDgyNWZiN2M0OTQwM2JmZWFhMTc3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuQT/0wV5Lz38Lg36Xs0AZF6pHHoyky4YwBeLD9vO9BYQC3
jIUin+F6Z8wt26PrbP7u/b94QU9JFaRmLgHu4V5ZP1LIPOpWFuWECn7PYyF5xjoJ
ovK949G874CP35Y3I+O3jB2B2w3axNeSPBsa9z1a0S9DG9D1LWlC+tcbtIRMZ03y
JBAg2pqKgLN3WqYdcONxBVvrCdnMWMOoQVyjMW4dC8z1+7GokQKowINEmODq9R6m
hIV89qj+ENzEyprhqAj3G4tpLSgY5Vrse3Cv5sdNwn3UZyJcEeHkbvYDTJtagp7n
bXSCoqlB0+0qyLWhAYTK/YbiWNgXSo7IEsT7JbMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT0RG881h4RITDYJft8SUA7/qoXcDAfBgNVHSMEGDAWgBSmlHaB2g23/nkx
Xsbb2ii/jWYPwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BwUjJnZG9OdF81NU1WN0cyOW9vdjQxbUQ4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZjY0OWEyLTUxOGQtNDQ1Ni05OGE3LTIzYzNkZjgyYzIzMC8x
LzlFUnZQTlllRVNFdzJDWDdmRWxBT182cUYzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZjY0OWEyLTUxOGQtNDQ1Ni05OGE3LTIzYzNkZjgyYzIzMC8xL3BwUjJnZG9OdF81
NU1WN0cyOW9vdjQxbUQ4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAF6AQBTANBgkqhkiG9w0BAQsF
AAOCAQEARx3dP1RsgcViBbeoBsEOsJPaAakpVCC7UkZR4b7YTcpFEbpP6vRF87n0
NeQBUnHHPGQlmTsFp4aFxaxJ+J2faJWA5zNYb7uTC2nC8s+Q6Ux5tg60Y8r2u6Zv
xLTbKJLJuLxE1CVvUaz1WcgP8xQP9J5GXWMWvHBQM4xVQJHNa6I/h8GzsO1qvwjG
vMCSgblixFRn/j7DHiYB3A1+cSaU5TZaZVkapOtYhJ+rew2VllWfpS2fRUx/dDWJ
J07q3qiFHPJRtVWWbYRptRRLKwbWUastqSGVNBYZJkW5aNmcJGgVuk6ApqbCGcCm
NEdiu8Yy0YwNFPlpA7uUKIc6NXCiaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org