Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/skUe85GVA7gLwYy5gO0L5MUyYyw.roa
File: skUe85GVA7gLwYy5gO0L5MUyYyw.roa (raw, json)
Hash identifier: zUjJhtzJo5kyQUAMMZ551Ye9ZE25vrlZGRox3Pbf1Ls=
Subject key identifier: B2:45:1E:F3:91:95:03:B8:0B:C1:8C:B9:80:ED:0B:E4:C5:32:63:2C
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0BF212D3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/skUe85GVA7gLwYy5gO0L5MUyYyw.roa
Signing time: Sat 01 Jan 2022 12:55:08 +0000
ROA not before: Sat 01 Jan 2022 12:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213288
IP address blocks: 2a0c:9a40:1059::/48 maxlen: 48
2a0c:9a40:1022::/48 maxlen: 48
2a0c:9a40:10a0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200413907 (0xbf212d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 12:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2451ef3919503b80bc18cb980ed0be4c532632c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:be:66:10:85:06:09:07:06:31:90:f2:b7:
64:72:f9:9a:fd:0a:4d:ef:70:2e:32:48:e4:ff:6d:
32:08:52:7b:e8:85:63:89:1e:1a:6e:9d:8b:9a:c3:
dc:ee:15:8a:a6:bb:bc:a7:f3:d0:52:0d:ac:bf:6b:
a2:4d:e7:01:71:b7:d6:00:1b:71:02:64:6d:94:b2:
7b:d9:2a:12:c8:c0:08:11:6f:5d:d8:22:07:9f:e6:
c0:66:b7:45:45:4d:5f:61:82:89:c2:18:15:c9:49:
ae:15:38:45:a2:d4:95:f4:de:05:95:54:f5:df:51:
3b:37:6e:0f:87:b2:23:12:4f:d9:9b:5a:29:f0:5b:
72:79:a4:11:e5:62:34:90:6f:bc:b8:33:16:08:44:
95:76:cb:e6:9f:6b:76:90:22:d0:9a:ef:dd:9b:6a:
c1:5d:30:1c:c7:5f:8f:24:2c:b1:a2:c7:9b:c5:31:
c1:23:0f:61:44:24:3a:a3:91:55:2c:cc:a9:b0:e0:
c8:b5:58:77:dd:d9:46:93:0f:0b:a6:95:77:fd:fe:
3e:71:d6:60:c0:4a:8b:e2:0e:b7:45:e9:d4:43:cf:
a6:3a:35:1f:96:ae:3d:7d:f4:fb:b4:76:9c:64:02:
56:a5:b0:d0:da:f3:d2:79:37:28:b2:71:39:ee:31:
62:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:45:1E:F3:91:95:03:B8:0B:C1:8C:B9:80:ED:0B:E4:C5:32:63:2C
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/skUe85GVA7gLwYy5gO0L5MUyYyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:1022::/48
2a0c:9a40:1059::/48
2a0c:9a40:10a0::/44
Signature Algorithm: sha256WithRSAEncryption
35:48:a5:c7:43:74:b3:7d:28:8e:a6:ea:56:b6:b0:04:20:5e:
8e:fc:ba:b7:f2:2e:e1:38:5b:7c:62:c1:db:f0:a9:04:aa:ed:
98:7b:e1:27:53:9b:a5:c1:c8:02:ab:0d:b7:90:bc:c7:d2:19:
f8:86:3a:89:b6:e7:fa:d4:f1:e1:c4:19:98:7d:bd:40:b9:ec:
36:9a:45:d6:17:3a:e3:b7:8a:76:b1:77:e7:38:77:ba:5d:1f:
02:bf:71:73:84:7d:af:67:08:2e:0a:48:10:73:7a:b9:1a:36:
1f:8c:66:68:a0:f1:ed:34:af:d6:13:82:6b:1a:bf:79:41:b5:
57:9d:23:78:4a:07:f6:a9:4b:de:09:9f:5d:30:b5:27:a4:5d:
8b:6f:38:8b:98:ba:a0:b7:05:31:f8:ac:b8:0f:20:81:f4:14:
2e:fb:61:b0:11:44:c4:a8:d5:9c:89:cb:fe:96:a8:8f:30:86:
3d:b6:57:68:8c:b0:c4:41:e8:9b:06:8f:91:ff:f4:4d:27:37:
31:2c:47:0c:67:62:82:82:da:22:ba:84:dd:77:cc:c0:45:33:
cd:26:8c:5a:9f:a3:68:b8:27:36:98:18:3b:ec:32:42:26:08:
9c:5f:fa:d3:1d:97:cb:f4:59:de:f1:e7:60:33:c7:5b:16:1f:
1f:67:f1:af
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEC/IS0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEw
MTEyNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI0NTFlZjM5MTk1
MDNiODBiYzE4Y2I5ODBlZDBiZTRjNTMyNjMyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZwvmYQhQYJBwYxkPK3ZHL5mv0KTe9wLjJI5P9tMghSe+iF
Y4keGm6di5rD3O4Viqa7vKfz0FINrL9rok3nAXG31gAbcQJkbZSye9kqEsjACBFv
XdgiB5/mwGa3RUVNX2GCicIYFclJrhU4RaLUlfTeBZVU9d9ROzduD4eyIxJP2Zta
KfBbcnmkEeViNJBvvLgzFghElXbL5p9rdpAi0Jrv3ZtqwV0wHMdfjyQssaLHm8Ux
wSMPYUQkOqORVSzMqbDgyLVYd93ZRpMPC6aVd/3+PnHWYMBKi+IOt0Xp1EPPpjo1
H5auPX30+7R2nGQCVqWw0Nrz0nk3KLJxOe4xYiMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSyRR7zkZUDuAvBjLmA7QvkxTJjLDAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L3NrVWU4NUdWQTdnTHdZeTVnTzBMNU1VeVl5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoMmkAQIgMHACoMmkAQWQMHBCoM
mkAQoDANBgkqhkiG9w0BAQsFAAOCAQEANUilx0N0s30ojqbqVrawBCBejvy6t/Iu
4ThbfGLB2/CpBKrtmHvhJ1ObpcHIAqsNt5C8x9IZ+IY6ibbn+tTx4cQZmH29QLns
NppF1hc647eKdrF35zh3ul0fAr9xc4R9r2cILgpIEHN6uRo2H4xmaKDx7TSv1hOC
axq/eUG1V50jeEoH9qlL3gmfXTC1J6Rdi284i5i6oLcFMfisuA8ggfQULvthsBFE
xKjVnInL/paojzCGPbZXaIywxEHomwaPkf/0TSc3MSxHDGdigoLaIrqE3XfMwEUz
zSaMWp+jaLgnNpgYO+wyQiYInF/60x2Xy/RZ3vHnYDPHWxYfH2fxrw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:34 2023 by rpki-client on console-fra.rpki-client.org