Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/64aFyDbi55DEKi34BViVavG_dZ8.roa
File: 64aFyDbi55DEKi34BViVavG_dZ8.roa (raw, json)
Hash identifier: TuFWTftgf2QtxzqZp2FJTtgxcBZcI24mvN7fzL0Mg1M=
Subject key identifier: EB:86:85:C8:36:E2:E7:90:C4:2A:2D:F8:05:58:95:6A:F1:BF:75:9F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09278913
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/64aFyDbi55DEKi34BViVavG_dZ8.roa
Signing time: Sat 01 Jan 2022 16:00:50 +0000
ROA not before: Sat 01 Jan 2022 16:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209556
IP address blocks: 2a0b:b86:ffe0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153585939 (0x9278913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb8685c836e2e790c42a2df80558956af1bf759f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:8d:76:ab:8a:4c:00:44:0a:dc:02:ea:d5:
5b:38:4e:14:08:1c:62:e7:a1:0b:a4:57:00:8f:e4:
86:f6:14:80:db:ca:f1:98:77:0a:01:56:ab:83:1b:
f6:ab:d9:ee:73:38:a2:fb:bf:82:78:dd:4f:28:9c:
df:8e:5f:e3:29:43:a0:65:e3:71:69:5a:27:b4:cf:
ad:f3:03:31:53:fa:ac:af:dd:76:4f:da:57:1e:b9:
ac:98:96:09:59:cc:6f:d6:a1:15:57:9c:83:d2:0a:
d8:5a:80:36:90:1d:0c:58:1e:8a:5a:ea:bf:5b:a8:
95:68:3b:8a:46:19:1b:95:ae:a7:e1:ee:27:94:0b:
d9:25:e5:fc:2f:e5:41:a9:f4:2c:4c:09:6d:93:e6:
1a:46:48:06:09:e8:d7:57:50:2c:24:1b:de:5e:59:
1d:c2:00:14:4b:e1:d2:ad:17:fd:65:0b:1d:15:c6:
fa:3c:b7:5e:f6:86:d1:44:44:66:23:9f:76:b1:64:
81:d0:22:f3:27:04:26:36:2d:a2:a1:5e:38:c9:2c:
37:5f:86:ad:5e:f1:b5:e2:b5:43:07:03:3f:60:0b:
c8:61:56:9c:f7:5b:d3:1a:c3:25:ad:89:de:cb:f0:
86:8d:8b:89:2b:8e:d4:b7:50:cf:f6:48:4d:d8:56:
60:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:86:85:C8:36:E2:E7:90:C4:2A:2D:F8:05:58:95:6A:F1:BF:75:9F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/64aFyDbi55DEKi34BViVavG_dZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:ffe0::/48
Signature Algorithm: sha256WithRSAEncryption
61:33:af:5b:4d:86:72:9e:97:5d:d2:98:b9:d0:b9:de:81:ba:
43:4f:37:34:58:75:6c:94:f0:e9:0a:3d:39:b4:19:55:a0:98:
4a:e9:d5:ed:93:5c:df:a6:cc:ef:3b:5b:6b:07:3a:98:0b:3f:
3a:b5:5f:05:8c:86:82:ae:15:e9:b4:fd:b3:d1:70:96:da:9b:
93:f2:2d:2c:e8:94:c2:3a:e3:9b:e2:b0:49:3c:8f:91:93:4e:
fb:dc:e7:0c:5a:d0:20:d8:11:8a:63:15:3c:e5:06:49:9a:9d:
c7:57:1f:f6:89:5a:82:a5:95:53:c3:36:f7:e1:e2:f3:44:2b:
15:3b:49:a5:43:20:73:ee:bd:bf:5e:a7:4d:ef:12:0a:28:07:
77:94:19:7a:07:bc:48:da:1c:21:04:f9:11:ee:32:57:0f:5b:
ef:30:8d:8a:f5:54:bc:91:ee:4d:2d:97:b2:8c:84:79:46:dc:
4b:09:59:c9:4f:a1:c5:ff:93:f6:11:7a:03:d4:7d:81:ff:7e:
8f:a9:8c:50:df:ba:e4:f8:8e:e0:f8:76:03:95:65:c3:41:55:
25:93:1a:06:09:01:50:03:a4:09:6d:19:e6:ba:f5:66:1d:7c:
75:88:ca:40:ce:d7:1a:da:5f:68:21:e3:9d:68:46:69:fa:23:
8c:17:94:c8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSeJEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI4Njg1YzgzNmUy
ZTc5MGM0MmEyZGY4MDU1ODk1NmFmMWJmNzU5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC3jXarikwARArcAurVWzhOFAgcYuehC6RXAI/khvYUgNvK
8Zh3CgFWq4Mb9qvZ7nM4ovu/gnjdTyic345f4ylDoGXjcWlaJ7TPrfMDMVP6rK/d
dk/aVx65rJiWCVnMb9ahFVecg9IK2FqANpAdDFgeilrqv1uolWg7ikYZG5Wup+Hu
J5QL2SXl/C/lQan0LEwJbZPmGkZIBgno11dQLCQb3l5ZHcIAFEvh0q0X/WULHRXG
+jy3XvaG0UREZiOfdrFkgdAi8ycEJjYtoqFeOMksN1+GrV7xteK1QwcDP2ALyGFW
nPdb0xrDJa2J3svwho2LiSuO1LdQz/ZITdhWYKECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTrhoXINuLnkMQqLfgFWJVq8b91nzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
LzY0YUZ5RGJpNTVERUtpMzRCVmlWYXZHX2RaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4b/4DANBgkqhkiG9w0BAQsF
AAOCAQEAYTOvW02Gcp6XXdKYudC53oG6Q083NFh1bJTw6Qo9ObQZVaCYSunV7ZNc
36bM7ztbawc6mAs/OrVfBYyGgq4V6bT9s9Fwltqbk/ItLOiUwjrjm+KwSTyPkZNO
+9znDFrQINgRimMVPOUGSZqdx1cf9olagqWVU8M29+Hi80QrFTtJpUMgc+69v16n
Te8SCigHd5QZege8SNocIQT5Ee4yVw9b7zCNivVUvJHuTS2XsoyEeUbcSwlZyU+h
xf+T9hF6A9R9gf9+j6mMUN+65PiO4Ph2A5Vlw0FVJZMaBgkBUAOkCW0Z5rr1Zh18
dYjKQM7XGtpfaCHjnWhGafojjBeUyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org