Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bAn11cSOcGiRDduf0acy2p7moX0.roa
File: bAn11cSOcGiRDduf0acy2p7moX0.roa (raw, json)
Hash identifier: 0JRvh0UDo4L4Asa6li5J5PvnVt2xcdUG4ZO7ZvkIM8w=
Subject key identifier: 6C:09:F5:D5:C4:8E:70:68:91:0D:DB:9F:D1:A7:32:DA:9E:E6:A1:7D
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 4338A804
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bAn11cSOcGiRDduf0acy2p7moX0.roa
Signing time: Sat 01 Jan 2022 07:59:47 +0000
ROA not before: Sat 01 Jan 2022 07:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a03:f80:420::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1127786500 (0x4338a804)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c09f5d5c48e7068910ddb9fd1a732da9ee6a17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e2:6a:72:ce:79:56:c5:f2:88:20:35:3e:96:
ee:e0:bc:c8:94:91:74:98:cc:e4:88:38:bb:2a:49:
91:3a:d7:98:fa:2c:7f:ac:29:eb:d4:0f:e1:88:ec:
55:2c:52:a3:64:1c:7e:54:84:18:36:61:43:38:0a:
5e:15:0e:fa:d0:22:31:99:11:25:a3:0e:2e:8f:79:
ff:0f:f2:92:52:50:4b:9c:2c:68:35:e7:f5:6c:32:
e5:be:5b:34:cb:b7:32:02:0c:04:0b:cc:79:8f:fe:
57:82:d7:6b:8f:c7:6f:f4:3f:66:f7:e9:9a:4a:eb:
8d:2d:85:c2:79:3c:a2:b6:3f:8f:b6:12:09:7f:09:
74:8e:91:d6:52:3b:6e:8b:1e:93:71:60:b8:ba:46:
08:b1:80:39:bd:05:11:8d:58:af:3f:47:1f:81:14:
93:d0:84:9c:45:d2:76:12:96:f6:b1:4e:ff:65:86:
9a:76:e7:2f:d1:ad:02:92:e2:10:35:2e:d9:e0:27:
05:5c:1b:73:00:8b:a9:5b:b6:e5:9a:9a:f8:8f:07:
a1:8a:88:18:64:35:b3:cb:c3:5f:43:42:cd:55:b1:
0b:35:23:cb:c1:42:c7:89:11:b8:3a:8a:79:97:6e:
87:72:1b:13:3b:d9:21:39:8e:f2:55:08:32:f7:49:
36:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:09:F5:D5:C4:8E:70:68:91:0D:DB:9F:D1:A7:32:DA:9E:E6:A1:7D
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bAn11cSOcGiRDduf0acy2p7moX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:420::/48
Signature Algorithm: sha256WithRSAEncryption
5b:1a:77:6f:a9:7d:48:e3:86:a8:ed:b5:b3:94:d3:a2:44:88:
d4:8f:e9:29:54:f0:33:34:79:0e:da:77:c2:d0:86:a9:13:b6:
12:f8:af:ed:0e:3f:b3:93:38:56:c1:ea:ad:d5:4a:52:f9:0e:
88:87:02:eb:64:65:d7:02:32:0d:17:ed:d1:cc:44:13:c7:0d:
6a:7a:61:89:97:1b:8d:54:95:ec:0e:f0:2d:85:a0:4e:41:8f:
05:8d:d9:da:89:8f:5e:e5:7a:9a:54:d2:fb:2e:34:e5:da:83:
8a:41:1c:d7:46:a9:0c:4d:d5:e1:49:f2:57:22:c8:f4:aa:ae:
5a:1d:0c:b2:5b:16:94:ff:a1:59:77:03:e3:08:35:38:02:fd:
dc:2d:d0:60:20:69:de:fa:d9:e2:e4:ba:1a:f1:63:15:c1:61:
51:14:ee:b7:9a:ac:1a:23:ea:a0:c5:1c:f2:6d:04:8d:2f:7e:
5d:5b:05:0a:17:62:e2:dc:7e:e5:04:ab:fe:26:96:01:1e:b7:
73:43:c0:92:73:f0:06:23:b1:1d:94:a7:37:de:fe:e0:46:16:
83:ba:5e:60:2c:c2:51:c2:cc:ff:28:78:4c:6f:79:32:86:29:
b1:29:be:89:96:d8:eb:43:bf:99:35:54:73:db:08:e1:a9:7e:
2d:01:ba:33
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQzioBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMwOWY1ZDVjNDhl
NzA2ODkxMGRkYjlmZDFhNzMyZGE5ZWU2YTE3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfianLOeVbF8oggNT6W7uC8yJSRdJjM5Ig4uypJkTrXmPos
f6wp69QP4YjsVSxSo2QcflSEGDZhQzgKXhUO+tAiMZkRJaMOLo95/w/yklJQS5ws
aDXn9Wwy5b5bNMu3MgIMBAvMeY/+V4LXa4/Hb/Q/ZvfpmkrrjS2Fwnk8orY/j7YS
CX8JdI6R1lI7bosek3FguLpGCLGAOb0FEY1Yrz9HH4EUk9CEnEXSdhKW9rFO/2WG
mnbnL9GtApLiEDUu2eAnBVwbcwCLqVu25Zqa+I8HoYqIGGQ1s8vDX0NCzVWxCzUj
y8FCx4kRuDqKeZduh3IbEzvZITmO8lUIMvdJNnECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRsCfXVxI5waJEN25/RpzLanuahfTAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L2JBbjExY1NPY0dpUkRkdWYwYWN5MnA3bW9YMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4AEIDANBgkqhkiG9w0BAQsF
AAOCAQEAWxp3b6l9SOOGqO21s5TTokSI1I/pKVTwMzR5Dtp3wtCGqRO2Eviv7Q4/
s5M4VsHqrdVKUvkOiIcC62Rl1wIyDRft0cxEE8cNanphiZcbjVSV7A7wLYWgTkGP
BY3Z2omPXuV6mlTS+y405dqDikEc10apDE3V4UnyVyLI9KquWh0MslsWlP+hWXcD
4wg1OAL93C3QYCBp3vrZ4uS6GvFjFcFhURTut5qsGiPqoMUc8m0EjS9+XVsFChdi
4tx+5QSr/iaWAR63c0PAknPwBiOxHZSnN97+4EYWg7peYCzCUcLM/yh4TG95MoYp
sSm+iZbY60O/mTVUc9sI4al+LQG6Mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org