Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/6iJ0burLNvv0ZEDGagPv1bShRg0.roa
File: 6iJ0burLNvv0ZEDGagPv1bShRg0.roa (raw, json)
Hash identifier: Kc27MHRGfmIIfL1ZAbtaTdDb9RRNtUu6+GUyxM+3S3s=
Subject key identifier: EA:22:74:6E:EA:CB:36:FB:F4:64:40:C6:6A:03:EF:D5:B4:A1:46:0D
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 01843AE3FB18001B58C9D811E09A5F167791
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/6iJ0burLNvv0ZEDGagPv1bShRg0.roa
Signing time: Thu 03 Nov 2022 00:28:50 +0000
ROA not before: Thu 03 Nov 2022 00:28:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a0e:48c0::/32 maxlen: 48
2a0e:48c5::/48 maxlen: 48
2a0e:48c2::/32 maxlen: 48
2a0e:48c3::/32 maxlen: 48
2a0e:48c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3a:e3:fb:18:00:1b:58:c9:d8:11:e0:9a:5f:16:77:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Nov 3 00:28:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea22746eeacb36fbf46440c66a03efd5b4a1460d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:59:1e:54:01:a9:c6:d8:d3:34:9a:54:eb:
f5:21:48:91:87:e9:a0:60:c6:63:cf:6e:11:e7:f9:
6b:82:60:6b:98:13:85:ea:8b:23:2e:10:2e:89:de:
95:9c:f9:ac:16:e1:39:dc:31:84:d4:bb:62:01:6f:
4f:64:cc:b0:12:42:ae:ba:2e:b6:8f:a2:74:f4:cd:
a2:5d:73:b5:05:f1:ec:3a:50:8b:06:14:7c:36:f6:
44:48:f5:c9:71:8d:03:17:44:b2:a6:89:e0:00:53:
51:0f:99:92:20:0f:30:48:1c:a7:f4:e7:49:c3:99:
04:b7:90:54:90:8d:ea:17:f0:2c:4d:57:a9:c9:d6:
52:e4:a2:06:d8:67:df:73:54:0b:eb:96:2e:bb:d2:
63:98:20:47:11:20:85:34:76:a3:7c:53:ce:77:7d:
f5:0e:51:19:09:da:de:db:4d:78:67:6b:03:fa:8a:
f4:61:a1:62:1e:3f:59:08:92:21:02:f0:87:e5:5a:
09:f0:1d:22:1b:41:4f:ac:e9:d0:38:2b:e3:0a:0d:
4e:24:b4:f9:a3:0f:2b:cd:46:77:2a:16:d9:7e:52:
00:80:cf:88:8c:14:30:6d:03:2d:1d:60:48:cb:8d:
9e:02:73:40:54:6c:9c:4f:a7:64:1e:b6:41:57:be:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:22:74:6E:EA:CB:36:FB:F4:64:40:C6:6A:03:EF:D5:B4:A1:46:0D
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/6iJ0burLNvv0ZEDGagPv1bShRg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/30
2a0e:48c5::/48
Signature Algorithm: sha256WithRSAEncryption
87:52:cf:4f:5b:cb:94:ac:19:c3:34:97:af:e1:1e:3d:fc:a1:
f5:22:5d:25:ec:2d:ed:b3:b2:fb:26:e7:bc:67:50:76:d1:53:
13:8e:f7:15:fb:77:e1:9e:d9:dd:43:c4:53:94:97:c3:1e:54:
33:17:b5:a5:63:a2:fc:f2:91:b1:6f:d9:0e:71:9c:24:58:36:
1a:ee:e2:cb:24:25:ff:a2:c2:05:68:e6:29:c3:a7:7a:59:f0:
f7:aa:ee:1f:6c:27:22:c1:c6:94:d1:86:6e:89:d0:4e:e9:c2:
61:2a:64:5a:e0:c1:71:d0:fb:90:f0:1f:75:3a:80:5e:34:91:
99:cf:47:96:8c:db:c0:2c:13:96:f6:cd:95:c5:63:6c:eb:d8:
81:8d:a9:c9:bf:f9:1f:7a:3f:c5:cd:12:0d:68:e2:10:f7:b6:
b2:a5:df:8a:ac:f6:b9:fe:62:67:4b:15:2c:b3:06:18:d9:18:
25:14:72:ab:5b:05:a2:ec:24:40:8e:80:dc:9a:1c:58:1c:17:
a1:63:5c:7f:b9:29:5a:1e:ec:19:3a:e4:61:40:19:bd:b4:a0:
a2:9a:d6:11:40:f9:4d:17:36:52:3f:41:3a:55:73:e4:8b:5f:
48:9f:86:dc:bf:bb:9e:33:90:2f:ee:71:38:9b:f2:2e:6e:8a:
0c:27:67:d4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYQ64/sYABtYydgR4JpfFneRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMTAzMDAyODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIyNzQ2ZWVhY2IzNmZiZjQ2NDQwYzY2YTAzZWZkNWI0YTE0NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqFZHlQBqcbY0zSaVOv1IUiRh+mg
YMZjz24R5/lrgmBrmBOF6osjLhAuid6VnPmsFuE53DGE1LtiAW9PZMywEkKuui62
j6J09M2iXXO1BfHsOlCLBhR8NvZESPXJcY0DF0SypongAFNRD5mSIA8wSByn9OdJ
w5kEt5BUkI3qF/AsTVepydZS5KIG2Gffc1QL65Yuu9JjmCBHESCFNHajfFPOd331
DlEZCdre2014Z2sD+or0YaFiHj9ZCJIhAvCH5VoJ8B0iG0FPrOnQOCvjCg1OJLT5
ow8rzUZ3KhbZflIAgM+IjBQwbQMtHWBIy42eAnNAVGycT6dkHrZBV75q1QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOoidG7qyzb79GRAxmoD79W0oUYNMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvNmlKMGJ1ckxOdnYwWkVER2FnUHYxYlNoUmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUCKg5IwAMH
ACoOSMUAADANBgkqhkiG9w0BAQsFAAOCAQEAh1LPT1vLlKwZwzSXr+EePfyh9SJd
Jewt7bOy+ybnvGdQdtFTE473Fft34Z7Z3UPEU5SXwx5UMxe1pWOi/PKRsW/ZDnGc
JFg2Gu7iyyQl/6LCBWjmKcOnelnw96ruH2wnIsHGlNGGbonQTunCYSpkWuDBcdD7
kPAfdTqAXjSRmc9HlozbwCwTlvbNlcVjbOvYgY2pyb/5H3o/xc0SDWjiEPe2sqXf
iqz2uf5iZ0sVLLMGGNkYJRRyq1sFouwkQI6A3JocWBwXoWNcf7kpWh7sGTrkYUAZ
vbSgoprWEUD5TRc2Uj9BOlVz5ItfSJ+G3L+7njOQL+5xOJvyLm6KDCdn1A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-ams.rpki-client.org