Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2zGCVfYug3-NcnM2s2MdXOmEGek.roa
File: 2zGCVfYug3-NcnM2s2MdXOmEGek.roa (raw, json)
Hash identifier: 2JM8vhDsxZ7Xale8rGhQvSfoCC/IB/zO8qi1GjK6ukM=
Subject key identifier: DB:31:82:55:F6:2E:83:7F:8D:72:73:36:B3:63:1D:5C:E9:84:19:E9
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09213470
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2zGCVfYug3-NcnM2s2MdXOmEGek.roa
Signing time: Sat 01 Jan 2022 16:00:44 +0000
ROA not before: Sat 01 Jan 2022 16:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207083
IP address blocks: 2a0b:b87:ffe4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153171056 (0x9213470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db318255f62e837f8d727336b3631d5ce98419e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:41:9e:f9:af:27:14:25:0c:99:5c:d4:6a:
c2:4c:9a:49:22:85:dc:74:47:e8:61:9c:2a:95:b9:
25:6f:2b:b0:a0:0e:3b:51:32:cf:46:34:90:e3:9d:
05:5d:1d:3a:f5:7a:e8:93:58:fe:32:1a:bf:7e:d5:
6f:61:ec:2a:53:71:06:0f:16:f5:db:05:52:41:d0:
ca:4d:8e:cb:b2:0b:78:d4:44:d8:70:21:11:5e:70:
d4:69:b6:a6:68:72:ff:1f:60:82:de:f0:19:23:36:
7d:41:a9:6d:56:21:89:e5:23:74:53:ad:c1:7a:8d:
f9:2b:ab:1a:c2:e7:58:8b:ee:b3:d6:79:78:d0:28:
4b:2f:11:eb:05:a5:27:a4:eb:56:30:f5:ab:7b:85:
da:c2:70:8c:9a:51:c7:46:26:32:4a:26:68:4c:2c:
01:9f:97:39:96:ef:f2:86:a8:25:87:3f:b3:18:11:
4f:3b:42:8c:29:44:8d:15:71:48:21:7a:2a:46:e4:
b3:70:d4:b5:0c:e6:8f:7c:3e:8d:4a:0d:a7:57:48:
72:b6:de:38:27:40:42:2a:aa:2d:3d:98:4b:c9:fe:
9e:3b:16:a7:69:2a:52:fd:19:4e:6d:0c:c0:d8:b4:
09:d6:bc:d7:00:ae:19:f2:fe:e6:da:1e:3f:06:c5:
0d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:31:82:55:F6:2E:83:7F:8D:72:73:36:B3:63:1D:5C:E9:84:19:E9
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2zGCVfYug3-NcnM2s2MdXOmEGek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe4::/48
Signature Algorithm: sha256WithRSAEncryption
4e:d3:eb:04:a3:42:45:fd:82:5e:79:aa:53:4c:c6:70:82:30:
a8:5f:f0:f1:5b:f5:62:29:8a:72:03:0b:51:c1:f6:98:86:f7:
6d:6d:ef:03:84:b1:2a:d8:d4:ff:62:54:0a:0e:cb:2a:82:fd:
ba:16:3c:90:d6:a3:3c:1a:3f:9e:54:7f:c5:24:34:62:97:9f:
ed:5a:e5:18:ef:1a:e5:3c:c0:fa:d9:ab:2a:c7:c4:09:65:17:
ba:49:cf:45:46:80:38:50:bc:ad:ee:50:48:72:4f:a3:df:17:
2c:96:81:ab:63:f4:88:64:60:93:4f:d6:8c:55:ea:36:ec:a0:
0a:6a:0f:0e:78:e2:25:2d:84:79:6e:cc:12:13:9d:46:2f:6e:
db:2a:73:05:c0:04:58:5d:84:4d:c2:96:af:12:73:86:b1:08:
ec:0b:98:6c:c7:ab:52:ff:4b:76:76:94:24:88:93:4c:2d:83:
26:ea:95:a5:f0:1b:e3:c7:d7:04:1c:7b:8b:e2:8d:44:c1:92:
b2:ab:94:8a:5d:49:31:67:f0:d9:06:e5:69:5e:95:b0:30:a4:
5e:1f:2e:18:6a:20:1b:ea:46:98:2c:99:d0:ab:30:2e:a3:17:
30:1b:d5:a4:73:fa:2c:95:e3:71:5e:c4:a7:19:64:ca:7a:20:
de:05:53:12
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSE0cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIzMTgyNTVmNjJl
ODM3ZjhkNzI3MzM2YjM2MzFkNWNlOTg0MTllOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBTQZ75rycUJQyZXNRqwkyaSSKF3HRH6GGcKpW5JW8rsKAO
O1Eyz0Y0kOOdBV0dOvV66JNY/jIav37Vb2HsKlNxBg8W9dsFUkHQyk2Oy7ILeNRE
2HAhEV5w1Gm2pmhy/x9ggt7wGSM2fUGpbVYhieUjdFOtwXqN+SurGsLnWIvus9Z5
eNAoSy8R6wWlJ6TrVjD1q3uF2sJwjJpRx0YmMkomaEwsAZ+XOZbv8oaoJYc/sxgR
TztCjClEjRVxSCF6Kkbks3DUtQzmj3w+jUoNp1dIcrbeOCdAQiqqLT2YS8n+njsW
p2kqUv0ZTm0MwNi0Cda81wCuGfL+5toePwbFDYsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTbMYJV9i6Df41yczazYx1c6YQZ6TAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
LzJ6R0NWZll1ZzMtTmNuTTJzMk1kWE9tRUdlay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/5DANBgkqhkiG9w0BAQsF
AAOCAQEATtPrBKNCRf2CXnmqU0zGcIIwqF/w8Vv1YimKcgMLUcH2mIb3bW3vA4Sx
KtjU/2JUCg7LKoL9uhY8kNajPBo/nlR/xSQ0Ypef7VrlGO8a5TzA+tmrKsfECWUX
uknPRUaAOFC8re5QSHJPo98XLJaBq2P0iGRgk0/WjFXqNuygCmoPDnjiJS2EeW7M
EhOdRi9u2ypzBcAEWF2ETcKWrxJzhrEI7AuYbMerUv9LdnaUJIiTTC2DJuqVpfAb
48fXBBx7i+KNRMGSsquUil1JMWfw2QblaV6VsDCkXh8uGGogG+pGmCyZ0KswLqMX
MBvVpHP6LJXjcV7Epxlkynog3gVTEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org