Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/CLv2XkvfCygPr_jD-fhhU_zN9sM.roa
File: CLv2XkvfCygPr_jD-fhhU_zN9sM.roa (raw, json)
Hash identifier: XUzjAa5YA6KCMMeitnrOepDCik51VK/BFi82DbH4rvg=
Subject key identifier: 08:BB:F6:5E:4B:DF:0B:28:0F:AF:F8:C3:F9:F8:61:53:FC:CD:F6:C3
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0182632BAE9BCAD17F023B965C90D645F11C
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/CLv2XkvfCygPr_jD-fhhU_zN9sM.roa
Signing time: Wed 03 Aug 2022 10:06:23 +0000
ROA not before: Wed 03 Aug 2022 10:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47602
IP address blocks: 2a09:4200::/29 maxlen: 29
2a04:2b87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:2b:ae:9b:ca:d1:7f:02:3b:96:5c:90:d6:45:f1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Aug 3 10:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08bbf65e4bdf0b280faff8c3f9f86153fccdf6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a0:df:9a:cf:f7:43:82:8e:73:11:b2:30:bb:
3e:13:93:45:87:3f:8f:da:4a:1e:d0:aa:4b:71:81:
23:44:a0:a2:df:02:ca:f2:fc:a7:11:91:e5:81:76:
23:4b:c2:bf:30:dd:ea:19:0d:21:c1:e8:0f:9c:45:
22:52:bb:e0:df:fe:cc:da:66:42:c1:c9:5e:cb:00:
15:4b:e8:32:c6:33:ec:5f:46:ca:f7:e9:51:f6:7c:
85:a7:42:3f:90:ca:7f:5d:a2:d2:10:cd:cd:0d:71:
98:3e:90:bb:2f:66:5a:56:ba:90:65:7e:57:b1:eb:
ad:cf:a4:d6:71:a7:e7:1a:d4:06:20:67:83:91:15:
ae:bc:f4:4c:45:1e:d1:b3:da:b8:13:30:ef:12:09:
ce:dc:76:72:8d:b3:19:a2:d1:2e:71:07:7c:6a:5a:
b3:20:29:b0:9e:ed:2e:46:ca:14:3f:70:d1:e0:27:
40:74:ac:43:26:be:c8:d5:37:ae:08:cd:8e:63:86:
00:48:ed:c6:ae:7a:d7:51:8a:63:c5:8a:16:ca:df:
11:9a:08:82:e2:56:41:3c:70:09:b0:8e:3e:02:13:
f2:e3:d5:27:23:ea:7f:63:9c:f0:c3:22:ba:61:71:
0d:e9:ff:a2:51:a0:ae:8d:3a:07:81:0d:4f:07:98:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BB:F6:5E:4B:DF:0B:28:0F:AF:F8:C3:F9:F8:61:53:FC:CD:F6:C3
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/CLv2XkvfCygPr_jD-fhhU_zN9sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b87::/32
2a09:4200::/29
Signature Algorithm: sha256WithRSAEncryption
07:c8:74:61:a4:5e:aa:26:02:6e:f7:de:d7:43:71:47:3f:6b:
e1:5f:a2:bc:41:63:80:77:3a:4e:12:17:66:2a:98:b7:0a:67:
f5:3a:73:04:f2:f8:4d:49:49:9e:78:85:fb:f7:94:29:90:55:
05:fd:f1:40:5a:79:62:bd:48:4b:2e:e3:3b:6f:b7:89:a6:ba:
2d:10:86:70:ab:ec:8d:d1:f9:6c:07:76:ee:cc:1a:79:4c:e8:
6f:79:d3:33:a8:10:62:cf:9c:25:ef:9e:a5:37:52:20:6d:3f:
90:2d:30:76:42:9b:c8:60:6c:4e:60:1d:fa:41:1c:ad:b9:41:
43:80:16:7b:32:23:c8:89:c1:34:72:2d:36:7d:71:48:1e:80:
0f:65:4c:89:0a:60:2e:0d:24:aa:d6:75:0d:ac:c6:70:e5:ce:
d0:aa:11:4a:21:fa:9a:77:65:b8:99:5d:fa:bc:a1:38:5c:39:
dd:4c:8a:47:a5:f9:26:ce:19:df:c1:6a:6c:31:ce:54:7c:50:
d0:71:14:3e:6b:21:c1:1c:a0:6b:b2:f9:65:27:ed:4f:b1:8c:
96:f3:48:4b:a1:92:07:15:f6:a7:32:40:57:1c:6a:bc:85:a3:
6a:44:73:a9:8f:10:c6:03:5f:14:99:f2:50:59:74:ea:2c:9e:
c2:55:1d:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJjK66bytF/AjuWXJDWRfEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjIwODAzMTAwNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJiZjY1ZTRiZGYwYjI4MGZhZmY4YzNmOWY4NjE1M2ZjY2RmNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKDfms/3Q4KOcxGyMLs+E5NFhz+P
2koe0KpLcYEjRKCi3wLK8vynEZHlgXYjS8K/MN3qGQ0hwegPnEUiUrvg3/7M2mZC
wcleywAVS+gyxjPsX0bK9+lR9nyFp0I/kMp/XaLSEM3NDXGYPpC7L2ZaVrqQZX5X
seutz6TWcafnGtQGIGeDkRWuvPRMRR7Rs9q4EzDvEgnO3HZyjbMZotEucQd8alqz
ICmwnu0uRsoUP3DR4CdAdKxDJr7I1TeuCM2OY4YASO3GrnrXUYpjxYoWyt8RmgiC
4lZBPHAJsI4+AhPy49UnI+p/Y5zwwyK6YXEN6f+iUaCujToHgQ1PB5jDrQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAi79l5L3wsoD6/4w/n4YVP8zfbDMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvQ0x2MlhrdmZDeWdQcl9qRC1maGhVX3pOOXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgQrhwMF
AyoJQgAwDQYJKoZIhvcNAQELBQADggEBAAfIdGGkXqomAm733tdDcUc/a+FforxB
Y4B3Ok4SF2YqmLcKZ/U6cwTy+E1JSZ54hfv3lCmQVQX98UBaeWK9SEsu4ztvt4mm
ui0QhnCr7I3R+WwHdu7MGnlM6G950zOoEGLPnCXvnqU3UiBtP5AtMHZCm8hgbE5g
HfpBHK25QUOAFnsyI8iJwTRyLTZ9cUgegA9lTIkKYC4NJKrWdQ2sxnDlztCqEUoh
+pp3ZbiZXfq8oThcOd1Mikel+SbOGd/BamwxzlR8UNBxFD5rIcEcoGuy+WUn7U+x
jJbzSEuhkgcV9qcyQFccaryFo2pEc6mPEMYDXxSZ8lBZdOosnsJVHWI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org