Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3vnTjLmw1aiE1HarPwjEYxD87Xk.roa
File: 3vnTjLmw1aiE1HarPwjEYxD87Xk.roa (raw, json)
Hash identifier: C3GPjZcjdQ3ygttUvFmuaZZR/zXGB/Wyf/oVXeqow6A=
Subject key identifier: DE:F9:D3:8C:B9:B0:D5:A8:84:D4:76:AB:3F:08:C4:63:10:FC:ED:79
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0BED2219
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3vnTjLmw1aiE1HarPwjEYxD87Xk.roa
Signing time: Sat 01 Jan 2022 12:55:06 +0000
ROA not before: Sat 01 Jan 2022 12:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210633
IP address blocks: 2a0c:9a40:8170::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200090137 (0xbed2219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 12:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=def9d38cb9b0d5a884d476ab3f08c46310fced79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8c:c7:07:65:a8:2c:cd:91:01:f0:d9:32:fd:
3c:75:fb:d1:4b:1e:05:86:88:76:70:22:72:5b:2e:
bc:c4:e5:6a:c1:f7:2d:e1:71:56:b7:f4:37:da:8f:
6c:d0:d5:78:26:10:7d:76:23:2d:19:6c:2d:94:7c:
01:c2:13:e3:49:46:d5:2d:c4:c5:4f:6f:65:38:44:
69:3e:f0:b3:9c:a1:c5:99:03:f6:be:43:ac:3d:23:
12:eb:0c:49:35:fc:f4:a0:7f:90:6d:e0:13:7e:c8:
a8:96:2b:fe:98:a0:c2:fc:63:44:49:45:7a:fe:d2:
26:f0:10:73:47:92:26:24:e0:b3:21:3b:5e:01:0e:
d8:48:ba:70:5a:18:92:da:bc:63:28:83:28:05:a3:
ed:98:2f:99:9e:a3:17:27:4b:af:c9:75:67:d3:22:
9c:9b:a6:cb:f2:c4:25:c4:e2:0f:3e:dc:c9:4e:48:
4a:30:3f:02:4c:45:67:5c:48:eb:d7:7d:1f:99:5f:
eb:e5:47:db:51:4c:2d:b1:0e:b8:5c:8e:c1:73:3b:
9d:9d:1f:c2:82:62:ad:e8:a3:e7:f1:22:41:59:95:
ff:98:20:c3:e2:00:8f:80:98:cd:c6:be:01:24:70:
18:2f:7f:aa:e3:ff:81:12:51:0c:91:38:ab:12:1f:
74:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F9:D3:8C:B9:B0:D5:A8:84:D4:76:AB:3F:08:C4:63:10:FC:ED:79
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/3vnTjLmw1aiE1HarPwjEYxD87Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8170::/48
Signature Algorithm: sha256WithRSAEncryption
6f:b9:91:13:ca:d9:9d:53:cd:6e:c7:17:3e:9b:a4:77:a4:e5:
88:15:be:dc:35:41:fd:b6:33:07:dd:72:cf:5a:b0:f7:e8:2c:
ec:e5:62:bc:33:94:cd:11:6a:09:f8:bf:64:30:e9:cc:ae:6e:
7e:42:b6:bc:00:29:82:93:c8:ce:34:a6:fe:23:1e:0c:ce:5b:
bd:72:67:21:b8:5a:fd:9c:bf:c6:e0:e4:93:07:0a:c0:09:f8:
52:07:e6:64:15:66:91:34:f5:f9:d6:66:00:ec:6b:1c:a2:2b:
5f:07:fb:6c:38:38:70:26:cc:da:1d:ac:26:c4:ae:c8:a4:57:
07:90:ff:d4:1b:71:03:12:f7:00:10:78:26:b6:0b:65:9f:3d:
32:d5:3a:ff:7d:09:2a:36:0f:1f:3f:38:5d:52:7e:0d:b2:5c:
d7:d8:0a:65:a6:81:c1:46:3a:f9:96:cc:d4:3c:b3:03:d1:76:
fb:c3:31:fd:1b:a7:3c:57:19:e7:36:82:e0:4b:9b:ef:3b:d0:
da:db:03:b9:61:09:b3:4c:ff:45:86:dc:5b:ae:9c:a2:14:a9:
76:18:03:cc:cc:f3:b6:87:33:03:90:9d:6d:a4:63:76:49:b8:
a4:63:80:7e:1a:d5:fc:34:7e:5f:49:2b:84:58:78:51:3c:7a:
1a:93:79:76
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC+0iGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEw
MTEyNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVmOWQzOGNiOWIw
ZDVhODg0ZDQ3NmFiM2YwOGM0NjMxMGZjZWQ3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqMxwdlqCzNkQHw2TL9PHX70UseBYaIdnAiclsuvMTlasH3
LeFxVrf0N9qPbNDVeCYQfXYjLRlsLZR8AcIT40lG1S3ExU9vZThEaT7ws5yhxZkD
9r5DrD0jEusMSTX89KB/kG3gE37IqJYr/pigwvxjRElFev7SJvAQc0eSJiTgsyE7
XgEO2Ei6cFoYktq8YyiDKAWj7ZgvmZ6jFydLr8l1Z9MinJumy/LEJcTiDz7cyU5I
SjA/AkxFZ1xI69d9H5lf6+VH21FMLbEOuFyOwXM7nZ0fwoJireij5/EiQVmV/5gg
w+IAj4CYzca+ASRwGC9/quP/gRJRDJE4qxIfdNsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTe+dOMubDVqITUdqs/CMRjEPzteTAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
LzN2blRqTG13MWFpRTFIYXJQd2pFWXhEODdYay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoMmkCBcDANBgkqhkiG9w0BAQsF
AAOCAQEAb7mRE8rZnVPNbscXPpukd6TliBW+3DVB/bYzB91yz1qw9+gs7OVivDOU
zRFqCfi/ZDDpzK5ufkK2vAApgpPIzjSm/iMeDM5bvXJnIbha/Zy/xuDkkwcKwAn4
UgfmZBVmkTT1+dZmAOxrHKIrXwf7bDg4cCbM2h2sJsSuyKRXB5D/1BtxAxL3ABB4
JrYLZZ89MtU6/30JKjYPHz84XVJ+DbJc19gKZaaBwUY6+ZbM1DyzA9F2+8Mx/Run
PFcZ5zaC4Eub7zvQ2tsDuWEJs0z/RYbcW66cohSpdhgDzMzztoczA5CdbaRjdkm4
pGOAfhrV/DR+X0krhFh4UTx6GpN5dg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-ams.rpki-client.org