Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/It6wDSFmRy-u9cLhyLa2WY8zZ7k.roa
File: It6wDSFmRy-u9cLhyLa2WY8zZ7k.roa (raw, json)
Hash identifier: 8T8m39IdHXm5dNxStYTRmNUX/rc65ej67doMdO7VpyY=
Subject key identifier: 22:DE:B0:0D:21:66:47:2F:AE:F5:C2:E1:C8:B6:B6:59:8F:33:67:B9
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0CF48A6E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/It6wDSFmRy-u9cLhyLa2WY8zZ7k.roa
Signing time: Wed 20 Apr 2022 11:53:05 +0000
ROA not before: Wed 20 Apr 2022 11:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210445
IP address blocks: 2a0c:9a40:821a::/48 maxlen: 48
2a0c:9a40:8210::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217352814 (0xcf48a6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Apr 20 11:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22deb00d2166472faef5c2e1c8b6b6598f3367b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c4:55:56:4a:28:fc:93:82:82:60:7f:43:cf:
db:24:bc:20:d0:19:08:b0:66:b0:0b:bd:61:ff:a1:
43:8f:e3:2c:db:31:2b:74:7c:13:03:20:c0:29:58:
39:16:46:cb:16:1f:60:67:97:90:95:5d:b1:8e:0f:
e3:41:18:98:61:20:5c:eb:3c:e0:0e:41:bd:e3:30:
7c:05:32:38:16:54:a2:67:1f:4d:d7:6b:f6:13:02:
b3:c1:cc:54:e2:88:85:fc:0b:ad:3b:4a:a2:2b:3d:
73:ac:94:0f:1f:fe:00:e5:55:0d:9d:d1:63:bf:94:
8d:de:64:00:58:ca:f6:ff:36:4d:48:89:c3:a7:b7:
42:5c:8f:1d:27:3a:f3:0c:56:3e:c4:d1:29:78:e7:
05:97:bd:cb:20:f2:ca:92:c0:82:4b:8a:41:75:ec:
8b:64:fc:b6:10:45:67:48:84:63:0d:9d:db:dd:91:
83:a6:7a:4e:ea:ef:9d:56:c6:b9:57:51:46:19:93:
a0:63:16:bf:cc:e5:95:4e:67:b7:cd:9c:d9:e4:ce:
e5:55:7e:59:99:f0:8a:db:10:e1:c7:0a:63:0e:ad:
c7:d9:31:3e:65:01:87:6f:8c:98:16:9d:0f:d2:6f:
d7:c6:ab:65:cb:91:89:20:11:46:a8:68:2c:45:6e:
20:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DE:B0:0D:21:66:47:2F:AE:F5:C2:E1:C8:B6:B6:59:8F:33:67:B9
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/It6wDSFmRy-u9cLhyLa2WY8zZ7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8210::/44
Signature Algorithm: sha256WithRSAEncryption
04:35:61:42:9c:70:d6:1e:58:5a:10:48:ad:22:24:bd:89:9a:
6d:f4:6d:68:00:20:1b:e0:21:5b:75:ff:fd:a4:71:05:7b:48:
04:5c:e1:cf:19:a7:27:24:86:6c:a7:d6:76:74:79:64:d9:bd:
14:4d:12:81:8f:8e:dd:ce:f9:8b:22:52:ed:84:5b:92:d0:ea:
60:54:9f:e8:14:3e:5b:5c:2b:55:47:b7:54:b1:ca:9d:dd:eb:
2a:a9:95:16:eb:55:f5:c0:41:64:e8:25:fa:27:1c:59:7d:8a:
4f:55:84:cd:f7:03:07:50:5a:2c:4b:cd:99:f3:68:6f:37:40:
b0:3a:fe:a9:52:3e:5a:cf:09:93:0e:05:cc:42:e3:24:83:37:
ea:ad:a3:cd:9e:8e:bc:17:fc:66:fc:8f:0b:b9:26:40:09:71:
b4:66:1b:9a:47:ed:7a:31:4e:44:19:47:ef:fa:a5:2e:1a:76:
ea:05:20:4b:a3:2c:d2:77:1a:96:1a:fc:fb:a7:43:ac:1f:c1:
a1:ab:93:fd:6a:ba:2e:0b:f4:67:4a:11:99:8f:b2:85:7b:f1:
37:8f:f0:7b:87:9b:c3:ce:81:ce:d2:3c:a4:8b:1b:f2:55:be:
d6:80:d8:cd:c4:9f:ea:c5:fe:66:ce:b7:75:17:3a:16:da:8f:
0d:da:4d:c8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDPSKbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDQy
MDExNTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJkZWIwMGQyMTY2
NDcyZmFlZjVjMmUxYzhiNmI2NTk4ZjMzNjdiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbEVVZKKPyTgoJgf0PP2yS8INAZCLBmsAu9Yf+hQ4/jLNsx
K3R8EwMgwClYORZGyxYfYGeXkJVdsY4P40EYmGEgXOs84A5BveMwfAUyOBZUomcf
Tddr9hMCs8HMVOKIhfwLrTtKois9c6yUDx/+AOVVDZ3RY7+Ujd5kAFjK9v82TUiJ
w6e3QlyPHSc68wxWPsTRKXjnBZe9yyDyypLAgkuKQXXsi2T8thBFZ0iEYw2d292R
g6Z6TurvnVbGuVdRRhmToGMWv8zllU5nt82c2eTO5VV+WZnwitsQ4ccKYw6tx9kx
PmUBh2+MmBadD9Jv18arZcuRiSARRqhoLEVuICcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQi3rANIWZHL671wuHItrZZjzNnuTAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L0l0NndEU0ZtUnktdTljTGh5TGEyV1k4elo3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMmkCCEDANBgkqhkiG9w0BAQsF
AAOCAQEABDVhQpxw1h5YWhBIrSIkvYmabfRtaAAgG+AhW3X//aRxBXtIBFzhzxmn
JySGbKfWdnR5ZNm9FE0SgY+O3c75iyJS7YRbktDqYFSf6BQ+W1wrVUe3VLHKnd3r
KqmVFutV9cBBZOgl+iccWX2KT1WEzfcDB1BaLEvNmfNobzdAsDr+qVI+Ws8Jkw4F
zELjJIM36q2jzZ6OvBf8ZvyPC7kmQAlxtGYbmkftejFORBlH7/qlLhp26gUgS6Ms
0ncalhr8+6dDrB/BoauT/Wq6Lgv0Z0oRmY+yhXvxN4/we4ebw86BztI8pIsb8lW+
1oDYzcSf6sX+Zs63dRc6FtqPDdpNyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:28 2023 by rpki-client on console-ams.rpki-client.org