Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/zuGKmdWdydlkY3UCKXnGF7GA4MI.roa
File: zuGKmdWdydlkY3UCKXnGF7GA4MI.roa (raw, json)
Hash identifier: F6aCmNTwSYorwbcWzkfJbSAEUmBDz5sWtTj1Biga3uo=
Subject key identifier: CE:E1:8A:99:D5:9D:C9:D9:64:63:75:02:29:79:C6:17:B1:80:E0:C2
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 01843FA3CBFD743599432B7966FC6DC2665D
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/zuGKmdWdydlkY3UCKXnGF7GA4MI.roa
Signing time: Thu 03 Nov 2022 22:36:49 +0000
ROA not before: Thu 03 Nov 2022 22:36:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a0e:48c0::/32 maxlen: 48
2a0e:48c5::/48 maxlen: 48
2a0e:48c2::/32 maxlen: 48
2a0e:48c3::/32 maxlen: 48
2a0e:48c1::/32 maxlen: 48
2a0e:48c6::/32 maxlen: 48
2a0e:48c7::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:a3:cb:fd:74:35:99:43:2b:79:66:fc:6d:c2:66:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Nov 3 22:36:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cee18a99d59dc9d9646375022979c617b180e0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:25:f0:a1:af:94:1f:dc:ec:95:d3:83:f7:f5:
7c:a9:fa:da:d5:02:af:c5:7d:aa:35:00:83:67:c2:
ce:d1:e7:bf:70:73:b7:15:7e:8e:c1:23:d0:c2:fa:
24:4b:1f:76:73:ac:c8:20:be:7a:26:53:1d:88:89:
fc:f9:a7:1d:05:e2:a3:ae:29:fc:36:05:b6:55:5c:
e4:a8:ec:70:9d:49:9a:38:46:af:64:d3:02:e4:c5:
5e:30:94:6a:36:b9:d7:e2:fe:cc:82:7f:73:ed:97:
c7:ae:32:7c:d3:f1:ec:b9:98:b3:55:ff:fd:50:4a:
f0:23:a1:d6:32:94:e6:ba:60:50:18:87:60:d4:bb:
3e:a3:2b:de:a9:cd:54:56:80:6e:8f:40:c7:6e:8b:
11:7b:52:0c:42:3f:4b:9b:d0:97:a4:c7:aa:98:d9:
46:08:fb:26:24:5e:28:ba:b0:41:9d:84:51:2d:74:
12:d0:11:8a:b7:36:0c:a9:79:89:3e:a6:f8:8f:d3:
af:c0:1f:3e:39:bf:ac:12:07:05:b5:6c:0f:dc:16:
83:2f:d7:3a:98:f8:f1:7b:9a:0f:10:81:67:40:c1:
67:c5:d9:e7:86:2a:aa:0b:c2:c4:8d:33:d8:07:6f:
d4:7c:9b:e5:ed:bf:8e:57:77:db:2c:24:26:6b:6b:
5f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E1:8A:99:D5:9D:C9:D9:64:63:75:02:29:79:C6:17:B1:80:E0:C2
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/zuGKmdWdydlkY3UCKXnGF7GA4MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/30
2a0e:48c5::/48
2a0e:48c6::/31
Signature Algorithm: sha256WithRSAEncryption
33:5c:98:f5:ad:80:b9:20:f9:ad:5a:7e:08:c9:d0:7c:ad:41:
78:b2:6b:12:ac:fb:65:2f:d1:84:1f:ce:b8:3a:25:88:e8:63:
2a:ab:8d:0f:f9:5f:f9:18:2d:71:2d:36:a4:0b:9a:6c:db:c3:
ad:e5:a8:11:5e:eb:f5:93:a8:92:67:78:e0:bd:21:d8:2a:f6:
65:04:d6:77:fc:ca:ef:3a:30:fd:00:ce:0e:58:08:45:7a:d0:
28:76:f4:27:42:a1:b0:fd:a5:4b:15:a6:04:72:d0:ae:28:06:
ea:88:95:85:5d:44:c2:4f:44:80:4e:d3:bf:67:1e:d9:28:7e:
c9:0f:93:df:c6:64:26:9e:5b:ff:4b:b0:a1:55:99:f9:bb:68:
13:73:4d:38:30:a8:2c:fd:f5:d4:fe:0a:37:78:a4:d0:cd:65:
56:2b:8e:9a:58:73:f6:c2:b3:c4:ee:b2:e8:41:61:72:16:af:
3c:03:d2:df:32:8b:c0:fc:c7:51:53:09:7f:f3:c7:73:ba:3f:
ae:84:2f:c9:f4:ae:e6:d4:43:3c:3a:c6:be:c1:9e:e2:45:9b:
1c:26:34:5b:14:85:73:72:6d:23:ca:e8:6b:83:57:b7:2f:89:
1f:47:8a:d6:0a:11:9d:f3:c1:1e:0d:eb:7c:68:a0:a4:98:8e:
16:f2:3a:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQ/o8v9dDWZQyt5ZvxtwmZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMTAzMjIzNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWUxOGE5OWQ1OWRjOWQ5NjQ2Mzc1MDIyOTc5YzYxN2IxODBlMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSXwoa+UH9zsldOD9/V8qfra1QKv
xX2qNQCDZ8LO0ee/cHO3FX6OwSPQwvokSx92c6zIIL56JlMdiIn8+acdBeKjrin8
NgW2VVzkqOxwnUmaOEavZNMC5MVeMJRqNrnX4v7Mgn9z7ZfHrjJ80/HsuZizVf/9
UErwI6HWMpTmumBQGIdg1Ls+oyveqc1UVoBuj0DHbosRe1IMQj9Lm9CXpMeqmNlG
CPsmJF4ourBBnYRRLXQS0BGKtzYMqXmJPqb4j9OvwB8+Ob+sEgcFtWwP3BaDL9c6
mPjxe5oPEIFnQMFnxdnnhiqqC8LEjTPYB2/UfJvl7b+OV3fbLCQma2tfGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM7hipnVncnZZGN1Ail5xhexgODCMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvenVHS21kV2R5ZGxrWTNVQ0tYbkdGN0dBNE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUCKg5IwAMH
ACoOSMUAAAMFASoOSMYwDQYJKoZIhvcNAQELBQADggEBADNcmPWtgLkg+a1afgjJ
0HytQXiyaxKs+2Uv0YQfzrg6JYjoYyqrjQ/5X/kYLXEtNqQLmmzbw63lqBFe6/WT
qJJneOC9Idgq9mUE1nf8yu86MP0Azg5YCEV60Ch29CdCobD9pUsVpgRy0K4oBuqI
lYVdRMJPRIBO079nHtkofskPk9/GZCaeW/9LsKFVmfm7aBNzTTgwqCz99dT+Cjd4
pNDNZVYrjppYc/bCs8TusuhBYXIWrzwD0t8yi8D8x1FTCX/zx3O6P66EL8n0rubU
Qzw6xr7BnuJFmxwmNFsUhXNybSPK6GuDV7cviR9HitYKEZ3zwR4N63xooKSYjhby
OjE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-ams.rpki-client.org