Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/2-kjejbnBzfo7Op_rCvj0yEcVRM.roa
File: 2-kjejbnBzfo7Op_rCvj0yEcVRM.roa (raw, json)
Hash identifier: 9OAp6H6YUs+iy+Vah+xfHghBrFXuALmSTkZYHNzCmB4=
Subject key identifier: DB:E9:23:7A:36:E7:07:37:E8:EC:EA:7F:AC:2B:E3:D3:21:1C:55:13
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 0183186DAA17206DD9CA3DF825DAF5CB5FC6
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/2-kjejbnBzfo7Op_rCvj0yEcVRM.roa
Signing time: Wed 07 Sep 2022 14:49:43 +0000
ROA not before: Wed 07 Sep 2022 14:49:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205138
IP address blocks: 2a0c:7cc5:3::/48 maxlen: 48
2a0c:7cc5::/48 maxlen: 48
2a0c:7cc5:1::/48 maxlen: 48
2a0c:7cc5:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:6d:aa:17:20:6d:d9:ca:3d:f8:25:da:f5:cb:5f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Sep 7 14:49:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbe9237a36e70737e8ecea7fac2be3d3211c5513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b7:96:80:31:9d:cf:55:66:33:67:b7:93:c2:
88:94:7b:f0:50:ed:5c:84:a5:25:8d:43:00:64:a9:
8c:41:3d:53:d3:8e:6d:0f:2c:c0:33:f8:8a:2d:d4:
18:22:d7:38:0a:51:2d:dc:7b:11:97:7c:b7:ff:40:
df:e6:d0:ee:18:b2:72:1e:ff:39:c7:1d:96:09:89:
19:83:b7:1d:f0:83:91:0b:f7:dc:54:a8:ab:41:33:
4e:b0:92:27:d6:7b:77:1d:a3:e2:65:79:ff:5a:b0:
db:97:94:e0:d9:34:bd:ad:2e:9d:36:b2:f9:34:3c:
bb:ad:e3:08:bb:cd:52:0d:be:e4:11:22:37:75:2f:
b8:fa:66:07:6b:b6:98:49:78:12:40:6a:66:dc:16:
8d:6d:c3:0b:8a:1d:87:20:33:ed:bd:d9:30:8f:17:
0c:b9:62:6c:07:44:00:d4:0d:8f:3c:b9:4d:21:fd:
e0:cc:95:25:9a:a0:f9:5b:1f:e8:2c:16:d5:cd:1f:
5a:2b:20:20:e2:d7:74:34:92:7a:29:f8:85:2a:b1:
3f:3f:7d:0c:e4:a3:f7:76:2f:19:cc:49:a8:16:9a:
84:cc:6d:10:f7:b8:42:e3:3d:df:cc:0d:ae:52:4d:
a2:4f:c0:3c:b4:2e:d0:f7:52:bf:79:ef:41:57:fc:
f4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E9:23:7A:36:E7:07:37:E8:EC:EA:7F:AC:2B:E3:D3:21:1C:55:13
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/2-kjejbnBzfo7Op_rCvj0yEcVRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7cc5::/46
Signature Algorithm: sha256WithRSAEncryption
2c:f6:84:5e:b4:17:a0:a1:62:58:c2:fd:e0:4d:d9:ed:45:37:
40:8a:f4:9f:d9:1e:0a:ad:81:63:e8:fe:cb:e7:65:ce:e5:34:
86:54:0a:dc:18:ba:e5:78:7d:08:3b:7e:a7:63:9c:38:e2:b8:
83:ef:c7:63:57:29:8b:dd:04:c7:5a:13:13:fa:04:5d:7b:81:
a6:1c:ca:eb:55:99:de:8a:d4:22:7f:ed:1f:8a:ab:11:92:d1:
be:19:84:30:1b:0c:b9:3c:fe:c4:78:3a:23:68:8c:e4:f6:b3:
0c:ce:ab:14:85:3b:f5:da:4a:46:c7:3e:d5:42:85:2d:3e:ae:
f2:4b:78:f6:4b:e7:06:c7:b7:f9:48:f2:5b:e0:b2:25:39:2b:
ea:76:cb:e3:62:6a:d3:f5:40:3b:1c:fa:2b:1c:e4:97:f8:f5:
e0:28:e8:64:9c:47:a6:c6:ac:6a:90:20:31:8d:fb:7c:98:c2:
f8:b9:a3:1d:84:2a:34:b3:a4:7e:dc:bf:a5:48:40:59:b9:2a:
59:d6:a9:65:d7:51:0f:e1:7f:75:65:64:ea:f6:bc:84:60:0a:
7c:42:ea:9f:87:d8:9d:9d:37:93:3a:30:b4:6b:7b:aa:c5:0d:
23:bd:e1:a9:db:0e:25:fe:24:0f:b3:cc:4d:1c:78:15:ad:aa:
0f:0c:e8:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMYbaoXIG3Zyj34Jdr1y1/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjIwOTA3MTQ0OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU5MjM3YTM2ZTcwNzM3ZThlY2VhN2ZhYzJiZTNkMzIxMWM1NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgreWgDGdz1VmM2e3k8KIlHvwUO1c
hKUljUMAZKmMQT1T045tDyzAM/iKLdQYItc4ClEt3HsRl3y3/0Df5tDuGLJyHv85
xx2WCYkZg7cd8IORC/fcVKirQTNOsJIn1nt3HaPiZXn/WrDbl5Tg2TS9rS6dNrL5
NDy7reMIu81SDb7kESI3dS+4+mYHa7aYSXgSQGpm3BaNbcMLih2HIDPtvdkwjxcM
uWJsB0QA1A2PPLlNIf3gzJUlmqD5Wx/oLBbVzR9aKyAg4td0NJJ6KfiFKrE/P30M
5KP3di8ZzEmoFpqEzG0Q97hC4z3fzA2uUk2iT8A8tC7Q91K/ee9BV/z0+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNvpI3o25wc36Ozqf6wr49MhHFUTMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvMi1ramVqYm5CemZvN09wX3JDdmoweUVjVlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgx8xQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAs9oRetBegoWJYwv3gTdntRTdAivSf2R4KrYFj
6P7L52XO5TSGVArcGLrleH0IO36nY5w44riD78djVymL3QTHWhMT+gRde4GmHMrr
VZneitQif+0fiqsRktG+GYQwGwy5PP7EeDojaIzk9rMMzqsUhTv12kpGxz7VQoUt
Pq7yS3j2S+cGx7f5SPJb4LIlOSvqdsvjYmrT9UA7HPorHOSX+PXgKOhknEemxqxq
kCAxjft8mML4uaMdhCo0s6R+3L+lSEBZuSpZ1qll11EP4X91ZWTq9ryEYAp8Quqf
h9idnTeTOjC0a3uqxQ0jveGp2w4l/iQPs8xNHHgVraoPDOjX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:35 2024 by rpki-client on console-ams.rpki-client.org