Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/zB-L-ruKL_krW0FFWWJg_aGKcRo.roa
File: zB-L-ruKL_krW0FFWWJg_aGKcRo.roa (raw, json)
Hash identifier: +bU/70Szy2rOMzG442mfCjNtcZkGnLTqvATKRX15hKA=
Subject key identifier: CC:1F:8B:FA:BB:8A:2F:F9:2B:5B:41:45:59:62:60:FD:A1:8A:71:1A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018557C5D8D4655A5C2858DBB06FD26CB99A
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/zB-L-ruKL_krW0FFWWJg_aGKcRo.roa
Signing time: Wed 28 Dec 2022 08:07:41 +0000
ROA not before: Wed 28 Dec 2022 08:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0b:3c40:22::/48 maxlen: 48
2a0b:3c40:38::/48 maxlen: 48
2a0b:3c40:26::/48 maxlen: 48
2a0b:3c40:56::/48 maxlen: 48
2a0e:a942::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:c5:d8:d4:65:5a:5c:28:58:db:b0:6f:d2:6c:b9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 28 08:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc1f8bfabb8a2ff92b5b4145596260fda18a711a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bf:40:c6:9e:4e:b1:66:d2:58:d5:6b:79:fe:
bd:83:3f:07:fd:86:1f:cd:f0:5c:aa:9e:15:88:d3:
46:ed:45:d7:c3:2c:e0:d8:23:85:19:a9:bb:51:67:
c9:6c:e1:72:8d:7a:5f:e0:d3:81:80:a5:a3:51:cf:
65:a3:5b:09:df:29:69:25:f6:42:09:e9:53:f4:8f:
46:1d:3b:86:7c:ff:e5:26:f2:23:b4:75:ce:b2:fa:
62:1b:63:b5:54:0a:05:5f:44:6b:eb:89:0f:4a:ac:
d2:20:fd:bb:83:a2:1b:4d:74:80:c9:58:4a:7c:f9:
ba:4e:02:cd:bf:72:92:7a:4c:b4:71:b6:cc:ce:86:
14:92:25:57:42:a1:9b:52:89:b8:fb:b2:a5:8c:28:
cb:c5:1f:ca:25:6c:54:59:c2:51:37:f8:2d:7e:a1:
3f:6a:09:6b:7a:cc:1e:30:37:f2:94:6a:af:cf:75:
50:aa:3c:3c:4f:ae:f1:1c:fb:7d:d3:62:67:21:96:
cb:80:b0:e9:35:b9:95:98:60:f1:0d:42:d8:2c:0a:
f7:1f:e7:40:45:c2:f3:20:85:78:9b:38:74:3f:64:
17:cd:a0:98:86:cd:9f:1a:8a:a8:f6:27:5a:6a:1e:
09:0f:bc:2d:2b:9b:63:47:31:84:9e:6b:8e:e2:aa:
bf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1F:8B:FA:BB:8A:2F:F9:2B:5B:41:45:59:62:60:FD:A1:8A:71:1A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/zB-L-ruKL_krW0FFWWJg_aGKcRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:22::/48
2a0b:3c40:26::/48
2a0b:3c40:38::/48
2a0b:3c40:56::/48
2a0e:a942::/32
Signature Algorithm: sha256WithRSAEncryption
18:4a:49:ec:d1:11:83:56:5d:94:65:42:4d:b8:be:81:af:7b:
a6:cc:52:67:47:0c:ae:07:eb:80:b3:1a:42:b8:50:43:c7:fc:
e4:34:2a:b7:57:7b:47:8a:de:9b:c5:9f:b6:5e:c7:14:53:be:
fb:21:26:b9:15:4c:fb:c5:e0:45:e4:1a:e2:e0:08:42:52:73:
13:3c:68:77:27:7c:e3:7f:9c:9d:16:5a:36:5f:63:d8:9d:4b:
74:cb:14:15:ba:37:db:d1:35:24:e4:44:a7:3c:93:15:6f:6e:
3b:ba:1c:a0:e6:6a:1a:26:13:d4:4e:ad:87:7b:c7:33:fe:ba:
91:16:ac:2d:61:46:45:de:e7:5b:b7:c8:70:22:65:af:bb:79:
42:19:19:58:82:8c:c2:f4:e2:78:e9:17:e4:f4:c9:ec:96:a8:
78:8f:c8:c9:12:cc:20:07:64:95:bb:43:8a:a8:92:2f:29:10:
99:ce:5d:1a:e6:a3:a8:84:8e:b3:09:f9:25:19:bf:19:b9:f3:
92:87:19:92:2a:a0:0b:7a:a9:bd:cc:1a:e4:b6:28:87:3b:bb:
a0:37:11:03:e5:13:c8:42:25:c6:a5:fe:86:df:dc:46:58:bc:
0e:7e:06:a6:49:4f:e4:47:4f:b2:56:31:8d:ff:4c:73:11:8a:
ba:77:fc:90
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVXxdjUZVpcKFjbsG/SbLmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMjI4MDgwNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFmOGJmYWJiOGEyZmY5MmI1YjQxNDU1OTYyNjBmZGExOGE3MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr9Axp5OsWbSWNVref69gz8H/YYf
zfBcqp4ViNNG7UXXwyzg2COFGam7UWfJbOFyjXpf4NOBgKWjUc9lo1sJ3ylpJfZC
CelT9I9GHTuGfP/lJvIjtHXOsvpiG2O1VAoFX0Rr64kPSqzSIP27g6IbTXSAyVhK
fPm6TgLNv3KSeky0cbbMzoYUkiVXQqGbUom4+7KljCjLxR/KJWxUWcJRN/gtfqE/
aglresweMDfylGqvz3VQqjw8T67xHPt902JnIZbLgLDpNbmVmGDxDULYLAr3H+dA
RcLzIIV4mzh0P2QXzaCYhs2fGoqo9idaah4JD7wtK5tjRzGEnmuO4qq/mQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMwfi/q7ii/5K1tBRVliYP2hinEaMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvekItTC1ydUtMX2tyVzBGRldXSmdfYUdLY1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcAKgs8QAAi
AwcAKgs8QAAmAwcAKgs8QAA4AwcAKgs8QABWAwUAKg6pQjANBgkqhkiG9w0BAQsF
AAOCAQEAGEpJ7NERg1ZdlGVCTbi+ga97psxSZ0cMrgfrgLMaQrhQQ8f85DQqt1d7
R4rem8Wftl7HFFO++yEmuRVM+8XgReQa4uAIQlJzEzxodyd843+cnRZaNl9j2J1L
dMsUFbo329E1JOREpzyTFW9uO7ocoOZqGiYT1E6th3vHM/66kRasLWFGRd7nW7fI
cCJlr7t5QhkZWIKMwvTieOkX5PTJ7JaoeI/IyRLMIAdklbtDiqiSLykQmc5dGuaj
qISOswn5JRm/GbnzkocZkiqgC3qpvcwa5LYohzu7oDcRA+UTyEIlxqX+ht/cRli8
Dn4GpklP5EdPslYxjf9McxGKunf8kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org