Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IY0k6IQrCVYizMGq_ox4x-G45Oc.roa
File: IY0k6IQrCVYizMGq_ox4x-G45Oc.roa (raw, json)
Hash identifier: zhFJxCxhkQR6KTY+VlNqEUyR+5+HhVHfLA9LCdYq6Eg=
Subject key identifier: 21:8D:24:E8:84:2B:09:56:22:CC:C1:AA:FE:8C:78:C7:E1:B8:E4:E7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0935D2C3
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IY0k6IQrCVYizMGq_ox4x-G45Oc.roa
Signing time: Sat 01 Jan 2022 16:00:59 +0000
ROA not before: Sat 01 Jan 2022 16:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212450
IP address blocks: 2a0b:b87:ffa5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154522307 (0x935d2c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=218d24e8842b095622ccc1aafe8c78c7e1b8e4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:99:cc:0b:d3:67:c6:6f:78:b9:b4:b4:f0:
96:af:eb:9c:1e:2d:c9:bf:44:04:b9:d8:d3:30:5a:
02:4b:00:8a:22:22:9b:ba:43:42:32:5f:fa:61:9f:
9d:9e:98:2c:db:1e:b1:5a:e5:13:1b:93:b4:eb:bc:
64:92:dd:98:90:f9:2a:3e:a7:92:9d:99:2e:48:78:
d3:56:f4:68:f5:db:f4:93:39:89:53:af:bc:38:01:
29:04:a9:f3:13:f3:bd:a5:42:73:9f:23:e2:0e:fe:
d2:29:e9:9b:47:f7:ac:b5:50:27:a5:da:25:98:81:
bc:07:4c:3a:0c:d2:4e:d9:18:be:cf:34:6c:83:a9:
78:a8:20:ad:4b:97:81:30:ca:41:1d:8d:3e:3b:24:
f9:89:33:35:b5:1d:c5:4f:c3:65:99:54:dc:c9:0d:
e6:9c:5e:d0:70:4b:f4:d9:56:88:51:4d:95:0c:13:
2a:49:14:33:f9:cd:03:35:42:78:e4:20:68:a2:22:
13:bb:3f:e9:ff:9c:3b:b6:e6:16:49:b5:72:90:29:
67:70:96:5d:d6:e2:55:db:02:86:ad:b1:2b:4c:f3:
dd:2e:d8:7a:27:e6:be:1d:be:cc:8a:b0:9e:25:64:
f6:1f:ae:59:73:de:a1:c9:a8:5e:d9:02:59:be:52:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8D:24:E8:84:2B:09:56:22:CC:C1:AA:FE:8C:78:C7:E1:B8:E4:E7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IY0k6IQrCVYizMGq_ox4x-G45Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffa5::/48
Signature Algorithm: sha256WithRSAEncryption
b3:bb:9c:ee:40:b0:77:da:f1:33:1b:5b:0d:22:97:d5:a3:15:
f1:d5:5e:84:ff:4d:67:a9:53:02:c0:c6:d4:aa:64:50:64:c0:
6d:94:12:74:0c:65:53:51:df:80:bc:42:d3:83:b8:bc:31:6f:
ac:25:9e:ed:c9:57:5f:2a:78:a0:8e:0f:b6:53:eb:23:f6:9e:
da:c7:c5:5f:b3:a5:de:d4:96:6d:46:a5:db:f4:c3:fe:f9:aa:
03:94:48:45:c8:a0:20:60:64:f0:66:7d:f8:a3:0f:30:cf:e6:
83:e4:74:30:1e:85:71:e4:8a:72:8b:c0:b2:08:ad:49:ce:69:
22:6e:a4:6f:72:c4:c6:d4:5b:34:55:ef:c1:20:c3:7d:77:2e:
04:4d:29:36:7a:98:c1:3f:ca:f9:bb:34:43:9d:73:7e:37:4b:
9b:98:6a:aa:ac:97:72:26:f2:7b:7f:4c:8e:f5:27:7b:f0:4f:
84:7d:58:34:91:26:52:e9:36:6b:8a:d9:3c:3c:30:7c:c9:14:
93:10:af:69:bd:be:3b:0f:de:1e:02:eb:e9:87:c0:3b:52:81:
2d:1e:b0:70:7f:27:80:cc:ff:4c:33:07:c0:41:fc:3d:d5:db:
90:29:1e:11:d7:36:67:9b:03:91:a7:3a:fb:b9:61:58:01:69:
cd:f9:89:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECTXSwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE4ZDI0ZTg4NDJi
MDk1NjIyY2NjMWFhZmU4Yzc4YzdlMWI4ZTRlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoJmcwL02fGb3i5tLTwlq/rnB4tyb9EBLnY0zBaAksAiiIi
m7pDQjJf+mGfnZ6YLNsesVrlExuTtOu8ZJLdmJD5Kj6nkp2ZLkh401b0aPXb9JM5
iVOvvDgBKQSp8xPzvaVCc58j4g7+0inpm0f3rLVQJ6XaJZiBvAdMOgzSTtkYvs80
bIOpeKggrUuXgTDKQR2NPjsk+YkzNbUdxU/DZZlU3MkN5pxe0HBL9NlWiFFNlQwT
KkkUM/nNAzVCeOQgaKIiE7s/6f+cO7bmFkm1cpApZ3CWXdbiVdsChq2xK0zz3S7Y
eifmvh2+zIqwniVk9h+uWXPeocmoXtkCWb5SOq0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQhjSTohCsJViLMwar+jHjH4bjk5zAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L0lZMGs2SVFyQ1ZZaXpNR3Ffb3g0eC1HNDVPYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/pTANBgkqhkiG9w0BAQsF
AAOCAQEAs7uc7kCwd9rxMxtbDSKX1aMV8dVehP9NZ6lTAsDG1KpkUGTAbZQSdAxl
U1HfgLxC04O4vDFvrCWe7clXXyp4oI4PtlPrI/ae2sfFX7Ol3tSWbUal2/TD/vmq
A5RIRcigIGBk8GZ9+KMPMM/mg+R0MB6FceSKcovAsgitSc5pIm6kb3LExtRbNFXv
wSDDfXcuBE0pNnqYwT/K+bs0Q51zfjdLm5hqqqyXcibye39MjvUne/BPhH1YNJEm
Uuk2a4rZPDwwfMkUkxCvab2+Ow/eHgLr6YfAO1KBLR6wcH8ngMz/TDMHwEH8PdXb
kCkeEdc2Z5sDkac6+7lhWAFpzfmJPg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:38 2023 by rpki-client on console-fra.rpki-client.org