Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/UCm-yu-vmYv6o-gijg6OHodsXsA.roa
File: UCm-yu-vmYv6o-gijg6OHodsXsA.roa (raw, json)
Hash identifier: XZtOabi1K9to3RRVeXnQcOLn7HYZUtjOC3oiT38ScaU=
Subject key identifier: 50:29:BE:CA:EF:AF:99:8B:FA:A3:E8:22:8E:0E:8E:1E:87:6C:5E:C0
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0BE84542
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/UCm-yu-vmYv6o-gijg6OHodsXsA.roa
Signing time: Sat 01 Jan 2022 12:55:03 +0000
ROA not before: Sat 01 Jan 2022 12:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209022
IP address blocks: 2a0c:9a40:c003::/48 maxlen: 48
2a0c:9a40:c001::/48 maxlen: 48
2a0c:9a44:beef::/48 maxlen: 48
2a0c:9a40:c004::/48 maxlen: 48
2a0c:9a40:c002::/48 maxlen: 48
2a0c:9a40:c000::/36 maxlen: 48
2a0c:9a40:c000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199771458 (0xbe84542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 12:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5029becaefaf998bfaa3e8228e0e8e1e876c5ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f1:3c:0b:2d:a3:a8:07:47:7f:0e:ff:13:b5:
6b:f6:44:5d:95:87:74:f6:c6:57:65:57:45:a0:68:
c3:f7:f1:cb:71:88:ca:24:7a:8b:a7:95:64:83:9e:
a9:a2:9d:32:28:0d:49:8e:d5:ae:68:92:4b:a8:04:
fe:5b:ad:b8:b4:df:0a:cd:6e:d9:c7:17:22:2f:a4:
10:2e:c5:5e:79:1c:f3:88:cf:61:8b:10:74:00:de:
8c:c2:f0:07:70:0e:ab:08:98:35:68:ad:65:63:bb:
c2:69:9e:34:94:ef:d8:77:e2:74:6e:94:d2:21:68:
fd:17:95:99:d2:45:13:a7:6c:fa:4c:69:9b:23:00:
bd:72:63:9d:40:27:a0:ef:8a:13:6a:0b:3f:01:cf:
8d:1b:83:d4:82:e0:ac:d8:35:97:53:de:70:75:d5:
37:c6:b8:ec:84:25:3c:cd:a9:ea:26:42:a5:bb:d1:
2b:89:2c:c7:80:82:e1:7a:4a:61:3f:8b:ae:e4:90:
e8:5d:80:d3:ce:b4:bb:33:00:7a:9f:84:c4:c3:6a:
24:aa:2a:9a:7c:92:be:d6:ec:2a:d2:25:4f:80:dd:
f2:8d:65:a3:3e:e4:3c:da:3f:84:86:e3:41:6e:db:
21:cb:12:33:92:6a:0e:cf:44:53:c0:ef:f0:06:80:
cc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:29:BE:CA:EF:AF:99:8B:FA:A3:E8:22:8E:0E:8E:1E:87:6C:5E:C0
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/UCm-yu-vmYv6o-gijg6OHodsXsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:c000::/36
2a0c:9a44:beef::/48
Signature Algorithm: sha256WithRSAEncryption
d0:fe:0e:7c:17:50:39:af:4a:e9:8b:05:b7:be:b4:85:3c:08:
b8:54:b7:aa:b1:26:7e:20:d4:59:84:08:c9:e4:6a:32:54:84:
e6:76:46:c0:84:9a:d0:ee:ca:c2:ef:43:06:46:31:aa:b2:a9:
88:2e:cc:6e:7c:ad:46:51:1f:80:5c:58:bf:25:4d:c9:70:18:
03:5f:24:23:43:19:3d:d8:07:72:cf:7f:04:97:52:2b:a7:1b:
44:0a:dd:85:a9:8c:03:15:68:69:ba:2e:15:6c:9e:e2:76:49:
d5:12:41:fa:f5:df:58:b6:09:4b:53:94:60:e5:d8:1e:05:9c:
09:4c:14:61:98:10:83:59:42:98:12:0e:91:83:ba:c5:e2:3f:
30:f7:0e:26:71:a3:1a:54:d9:d5:ae:47:6e:5b:bb:b9:c6:33:
53:55:3e:b0:62:be:bd:32:ce:ef:9e:bd:c7:01:db:db:3b:2d:
af:2c:96:a0:1f:2e:f2:2e:dd:0b:34:99:ec:80:fa:54:e0:d0:
ed:88:e6:15:57:78:a2:f8:84:96:de:39:d6:55:8c:39:df:77:
f6:44:00:7f:20:de:34:b8:34:e3:9a:13:b3:88:84:d4:36:6e:
2e:4c:9a:d7:67:2d:a2:f9:3f:2e:ee:ff:77:57:15:62:ac:f7:
3f:1e:54:64
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEC+hFQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEw
MTEyNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTAyOWJlY2FlZmFm
OTk4YmZhYTNlODIyOGUwZThlMWU4NzZjNWVjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTxPAsto6gHR38O/xO1a/ZEXZWHdPbGV2VXRaBow/fxy3GI
yiR6i6eVZIOeqaKdMigNSY7VrmiSS6gE/lutuLTfCs1u2ccXIi+kEC7FXnkc84jP
YYsQdADejMLwB3AOqwiYNWitZWO7wmmeNJTv2HfidG6U0iFo/ReVmdJFE6ds+kxp
myMAvXJjnUAnoO+KE2oLPwHPjRuD1ILgrNg1l1PecHXVN8a47IQlPM2p6iZCpbvR
K4ksx4CC4XpKYT+LruSQ6F2A0860uzMAep+ExMNqJKoqmnySvtbsKtIlT4Dd8o1l
oz7kPNo/hIbjQW7bIcsSM5JqDs9EU8Dv8AaAzMkCAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBRQKb7K76+Zi/qj6CKODo4eh2xewDAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L1VDbS15dS12bVl2Nm8tZ2lqZzZPSG9kc1hzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMGBCoMmkDAAwcAKgyaRL7vMA0GCSqG
SIb3DQEBCwUAA4IBAQDQ/g58F1A5r0rpiwW3vrSFPAi4VLeqsSZ+INRZhAjJ5Goy
VITmdkbAhJrQ7srC70MGRjGqsqmILsxufK1GUR+AXFi/JU3JcBgDXyQjQxk92Ady
z38El1IrpxtECt2FqYwDFWhpui4VbJ7idknVEkH69d9YtglLU5Rg5dgeBZwJTBRh
mBCDWUKYEg6Rg7rF4j8w9w4mcaMaVNnVrkduW7u5xjNTVT6wYr69Ms7vnr3HAdvb
Oy2vLJagHy7yLt0LNJnsgPpU4NDtiOYVV3ii+ISW3jnWVYw533f2RAB/IN40uDTj
mhOziITUNm4uTJrXZy2i+T8u7v93VxVirPc/HlRk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:34 2023 by rpki-client on console-fra.rpki-client.org