Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VG1mo7bkqppsMtaaPUM1xfjZzUc.roa
File: VG1mo7bkqppsMtaaPUM1xfjZzUc.roa (raw, json)
Hash identifier: 0IcYFQWnIA5/mWJzdG4sC6YT6GifuTZcGd8zXcnpwck=
Subject key identifier: 54:6D:66:A3:B6:E4:AA:9A:6C:32:D6:9A:3D:43:35:C5:F8:D9:CD:47
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09247A5A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VG1mo7bkqppsMtaaPUM1xfjZzUc.roa
Signing time: Sat 01 Jan 2022 16:00:47 +0000
ROA not before: Sat 01 Jan 2022 16:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208088
IP address blocks: 2a0b:b87:ffb3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153385562 (0x9247a5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=546d66a3b6e4aa9a6c32d69a3d4335c5f8d9cd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:df:90:be:75:bf:5a:22:f3:dc:80:31:8d:
f5:3f:32:15:98:f3:54:80:6e:d9:8d:c0:72:9e:01:
25:b8:59:6b:f3:94:97:3c:2b:1c:a5:95:c0:23:ab:
5d:ca:98:57:20:fa:d2:f8:83:2b:de:05:4e:34:b7:
7d:8d:bc:ac:6b:f1:95:fc:2e:68:5e:e9:e3:4f:25:
41:3c:3d:a6:31:98:15:36:d7:c6:0a:72:a2:09:12:
66:ac:32:5e:9d:b4:46:16:93:73:ea:ea:02:3e:04:
77:ab:d8:40:d8:a8:65:45:19:6b:0c:df:ec:49:a0:
de:8c:17:85:59:06:b4:eb:d3:ef:98:c2:80:56:16:
a5:27:50:ab:87:ca:88:4c:79:1f:f1:65:9e:c8:26:
e3:90:7c:a1:e5:a0:10:54:a9:1d:5a:f5:71:79:b0:
db:cc:0d:b3:23:a0:81:1b:b4:9f:c5:58:f0:36:0f:
c1:87:ec:be:47:e0:5d:a0:0c:48:4b:af:44:5f:dc:
97:cd:72:b3:2f:4b:c7:f6:78:26:ee:51:1b:1b:82:
a3:a7:f0:60:57:8e:0d:3f:fa:8e:b4:1a:1a:49:06:
9d:d9:f4:87:a9:15:f0:27:ae:8a:66:4a:d3:4b:5f:
58:16:31:11:50:e8:34:1e:23:10:93:3d:79:e2:51:
32:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:66:A3:B6:E4:AA:9A:6C:32:D6:9A:3D:43:35:C5:F8:D9:CD:47
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VG1mo7bkqppsMtaaPUM1xfjZzUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffb3::/48
Signature Algorithm: sha256WithRSAEncryption
a7:10:2f:c6:d5:e7:02:76:5b:5f:0c:82:e2:c0:f5:0c:74:0b:
e0:e3:37:d3:e9:b5:17:08:82:3e:a6:3e:8f:a5:2d:4e:93:ee:
45:f2:74:82:b7:98:0a:4c:72:c3:4b:df:f8:a2:a4:e6:18:ee:
d9:ac:6d:dc:82:04:b6:ff:ed:8b:1c:0d:c2:d9:7c:69:a9:86:
9b:df:44:5a:2b:f7:60:fe:9d:79:45:dd:e3:0c:e2:50:0b:2d:
04:de:91:b4:eb:05:82:71:16:2b:9f:5f:d2:6e:dc:7b:17:a3:
fa:84:df:de:77:22:07:52:d9:0b:2b:b4:f6:57:67:9c:c7:ab:
b2:4a:10:c7:95:04:69:af:26:04:04:b4:08:66:98:05:e3:71:
5a:8f:08:8b:36:ff:3c:d6:fd:df:f7:0d:f6:7e:80:3d:bf:dc:
a0:9f:1f:7c:4d:68:50:f4:d7:69:6a:9f:85:47:9a:e4:95:57:
55:0c:19:99:de:f6:48:1e:8d:31:5b:d0:dc:c4:09:46:c4:1b:
ea:69:ba:fb:a3:8a:2f:c9:cc:f8:65:bd:4b:38:ad:be:f2:ca:
66:42:70:53:2f:29:05:d9:ec:fd:92:45:7b:9e:da:0a:af:c0:
6b:fc:2c:95:20:e7:c6:5e:8b:03:49:0a:dd:ee:19:a6:65:07:
92:32:7b:94
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSR6WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ2ZDY2YTNiNmU0
YWE5YTZjMzJkNjlhM2Q0MzM1YzVmOGQ5Y2Q0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHo35C+db9aIvPcgDGN9T8yFZjzVIBu2Y3Acp4BJbhZa/OU
lzwrHKWVwCOrXcqYVyD60viDK94FTjS3fY28rGvxlfwuaF7p408lQTw9pjGYFTbX
xgpyogkSZqwyXp20RhaTc+rqAj4Ed6vYQNioZUUZawzf7Emg3owXhVkGtOvT75jC
gFYWpSdQq4fKiEx5H/Flnsgm45B8oeWgEFSpHVr1cXmw28wNsyOggRu0n8VY8DYP
wYfsvkfgXaAMSEuvRF/cl81ysy9Lx/Z4Ju5RGxuCo6fwYFeODT/6jrQaGkkGndn0
h6kV8CeuimZK00tfWBYxEVDoNB4jEJM9eeJRMgsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRUbWajtuSqmmwy1po9QzXF+NnNRzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L1ZHMW1vN2JrcXBwc010YWFQVU0xeGZqWnpVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/szANBgkqhkiG9w0BAQsF
AAOCAQEApxAvxtXnAnZbXwyC4sD1DHQL4OM30+m1FwiCPqY+j6UtTpPuRfJ0greY
Ckxyw0vf+KKk5hju2axt3IIEtv/tixwNwtl8aamGm99EWiv3YP6deUXd4wziUAst
BN6RtOsFgnEWK59f0m7cexej+oTf3nciB1LZCyu09ldnnMerskoQx5UEaa8mBAS0
CGaYBeNxWo8Iizb/PNb93/cN9n6APb/coJ8ffE1oUPTXaWqfhUea5JVXVQwZmd72
SB6NMVvQ3MQJRsQb6mm6+6OKL8nM+GW9SzitvvLKZkJwUy8pBdns/ZJFe57aCq/A
a/wslSDnxl6LA0kK3e4ZpmUHkjJ7lA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org