Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/W7FnbA-fXHRCzDwfpIE3xsOkKmw.roa
File: W7FnbA-fXHRCzDwfpIE3xsOkKmw.roa (raw, json)
Hash identifier: CAlxuXxfzoTUNWrHbxqlqkGG8lcEscnmLlssL2xfp8U=
Subject key identifier: 5B:B1:67:6C:0F:9F:5C:74:42:CC:3C:1F:A4:81:37:C6:C3:A4:2A:6C
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 0181E21FCB745EC4E0993A0C725AF4EF5B31
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/W7FnbA-fXHRCzDwfpIE3xsOkKmw.roa
Signing time: Sat 09 Jul 2022 08:42:23 +0000
ROA not before: Sat 09 Jul 2022 08:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212580
IP address blocks: 2a11:e487:1::/48 maxlen: 48
2a11:e487:fc01::/48 maxlen: 48
2a11:e487:2::/48 maxlen: 48
2a11:e487:beef::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e2:1f:cb:74:5e:c4:e0:99:3a:0c:72:5a:f4:ef:5b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jul 9 08:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bb1676c0f9f5c7442cc3c1fa48137c6c3a42a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:20:7d:97:95:b4:57:91:61:42:81:75:6a:
5b:f7:77:62:6f:b6:7f:fb:5e:29:8b:46:06:34:dd:
f0:22:07:dc:04:8c:02:f0:89:c3:32:46:a7:20:a9:
d2:c8:e7:14:fb:8e:a0:31:d3:02:c5:a0:8b:dd:3f:
93:35:92:0f:26:f2:00:23:ad:bc:b5:83:eb:12:3b:
fe:73:78:15:a2:9c:9c:67:ac:06:5e:ae:29:0d:eb:
3a:63:2b:a3:8b:46:19:82:24:52:d1:a7:25:bb:73:
c6:43:ab:9d:d6:2f:04:b3:7d:2c:16:31:6e:e5:65:
1d:93:af:e7:c3:74:78:52:0f:17:b9:19:28:3c:68:
3b:93:5d:9e:a8:5d:69:db:e6:15:3b:66:b5:85:34:
a3:fe:e2:3d:85:6b:2a:68:d2:d4:f5:81:38:52:c6:
40:36:b8:3c:70:fc:71:36:b3:c5:1f:c2:74:c1:39:
88:12:dc:33:79:76:8b:98:22:40:c0:7c:77:e9:e4:
d7:e6:86:64:bf:ba:ef:00:c0:16:8c:59:22:38:eb:
d7:a6:3a:28:b6:91:db:57:cd:cc:12:d7:d4:23:3c:
3b:59:a0:73:e9:11:f0:55:8f:5e:49:46:a6:8e:ba:
ba:29:6e:19:59:5d:0f:04:91:fc:42:5c:58:85:dd:
ff:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B1:67:6C:0F:9F:5C:74:42:CC:3C:1F:A4:81:37:C6:C3:A4:2A:6C
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/W7FnbA-fXHRCzDwfpIE3xsOkKmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e487:1::-2a11:e487:2:ffff:ffff:ffff:ffff:ffff
2a11:e487:beef::/48
2a11:e487:fc01::/48
Signature Algorithm: sha256WithRSAEncryption
85:94:cf:b7:b2:a9:4e:af:9a:9b:b3:50:2b:e3:ad:05:fa:ce:
6c:d7:1c:df:d7:ff:d5:1c:5f:fd:1e:c9:b9:bb:76:96:7f:c7:
d4:d9:21:df:fc:81:c2:de:1b:10:c5:19:22:f7:eb:6d:7c:82:
41:88:48:a9:05:17:43:7f:a0:58:27:e8:55:32:61:a2:81:ca:
f9:f2:61:7a:51:a9:9b:6d:0a:c2:a7:33:f4:2e:d9:94:9d:3a:
9e:0e:fc:51:d0:74:e8:d6:1f:c4:2c:45:d3:77:84:44:56:6b:
4b:86:cd:d0:f3:ff:08:64:98:22:f5:06:88:90:d9:b8:2f:68:
63:ba:dc:01:23:b8:2f:02:cd:c3:51:27:70:4f:32:af:49:aa:
59:c1:c5:58:ac:a9:8d:94:99:63:96:c0:8b:9a:20:e0:6b:7a:
d5:45:fe:2c:4f:ce:3e:3e:a6:f8:bc:52:1e:80:fd:f7:74:5d:
b3:c9:ab:71:74:9e:f4:42:08:bb:b5:ac:a4:c1:04:c1:c8:9c:
b1:f7:fb:ef:d2:00:36:18:9d:27:23:cb:ff:e7:b5:1a:de:2d:
de:59:11:8c:85:f0:44:99:63:0d:76:b1:f0:18:00:00:e4:79:
a3:aa:a6:57:89:19:66:59:36:85:c7:02:04:7e:2f:a9:18:f9:
cd:8b:99:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYHiH8t0XsTgmToMclr071sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjIwNzA5MDg0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmIxNjc2YzBmOWY1Yzc0NDJjYzNjMWZhNDgxMzdjNmMzYTQyYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM4gfZeVtFeRYUKBdWpb93dib7Z/
+14pi0YGNN3wIgfcBIwC8InDMkanIKnSyOcU+46gMdMCxaCL3T+TNZIPJvIAI628
tYPrEjv+c3gVopycZ6wGXq4pDes6Yyuji0YZgiRS0aclu3PGQ6ud1i8Es30sFjFu
5WUdk6/nw3R4Ug8XuRkoPGg7k12eqF1p2+YVO2a1hTSj/uI9hWsqaNLU9YE4UsZA
Nrg8cPxxNrPFH8J0wTmIEtwzeXaLmCJAwHx36eTX5oZkv7rvAMAWjFkiOOvXpjoo
tpHbV83MEtfUIzw7WaBz6RHwVY9eSUamjrq6KW4ZWV0PBJH8QlxYhd3//QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFuxZ2wPn1x0Qsw8H6SBN8bDpCpsMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvVzdGbmJBLWZYSFJDekR3ZnBJRTN4c09rS213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwAqEeSH
AAEDBwAqEeSHAAIDBwAqEeSHvu8DBwAqEeSH/AEwDQYJKoZIhvcNAQELBQADggEB
AIWUz7eyqU6vmpuzUCvjrQX6zmzXHN/X/9UcX/0eybm7dpZ/x9TZId/8gcLeGxDF
GSL36218gkGISKkFF0N/oFgn6FUyYaKByvnyYXpRqZttCsKnM/Qu2ZSdOp4O/FHQ
dOjWH8QsRdN3hERWa0uGzdDz/whkmCL1BoiQ2bgvaGO63AEjuC8CzcNRJ3BPMq9J
qlnBxVisqY2UmWOWwIuaIOBretVF/ixPzj4+pvi8Uh6A/fd0XbPJq3F0nvRCCLu1
rKTBBMHInLH3++/SADYYnScjy//ntRreLd5ZEYyF8ESZYw12sfAYAADkeaOqpleJ
GWZZNoXHAgR+L6kY+c2Lmd0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:03 2024 by rpki-client on console-ams.rpki-client.org