Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XhaHQ1hMjea1nyK9tYL18pjQtfs.roa
File: XhaHQ1hMjea1nyK9tYL18pjQtfs.roa (raw, json)
Hash identifier: ggOBAmCGbvrjXaH3VikC/Cydr9n56/PfS3BZBX38EeU=
Subject key identifier: 5E:16:87:43:58:4C:8D:E6:B5:9F:22:BD:B5:82:F5:F2:98:D0:B5:FB
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0913064A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XhaHQ1hMjea1nyK9tYL18pjQtfs.roa
Signing time: Sat 01 Jan 2022 16:00:34 +0000
ROA not before: Sat 01 Jan 2022 16:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62338
IP address blocks: 2a0b:b86::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152241738 (0x913064a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e168743584c8de6b59f22bdb582f5f298d0b5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:9f:09:de:16:d4:3f:b9:50:d7:48:f4:71:
ac:78:4b:77:98:7d:cd:27:a7:05:7b:c9:44:dc:f8:
51:21:7d:e9:6d:24:a2:db:95:3b:32:4e:a7:58:53:
8f:64:9b:58:61:0e:fc:f0:a0:83:ca:ea:c1:d3:ac:
50:e7:85:38:5c:25:cf:e1:81:2d:72:1a:9d:eb:be:
3b:16:16:12:c6:fa:11:b3:f2:09:d6:9f:af:77:e9:
72:cd:6c:5a:25:05:ba:6f:f7:5f:8f:10:17:cd:12:
f3:6e:a4:8b:a0:85:aa:fd:a0:61:d8:2a:75:a6:2a:
5a:6c:e4:a8:f3:bf:5e:31:5e:17:76:d8:5f:a4:1c:
25:f2:c8:0c:85:b5:40:2d:f8:b6:66:00:47:01:e6:
f2:03:7e:dd:47:00:e7:45:d5:91:c5:51:01:f1:d4:
b6:46:45:6f:d2:1c:a9:35:cc:fb:3e:11:61:ac:d2:
30:02:63:db:4f:9c:e5:c8:ed:94:07:ce:04:9b:9d:
69:3e:4c:de:66:d2:f2:7c:c0:c2:a0:59:85:98:dd:
04:78:58:23:bb:87:cb:6d:41:70:b3:2b:fe:7a:9e:
98:c0:b6:74:09:18:b2:53:3a:02:c2:af:49:0a:e6:
af:b8:da:c2:f4:74:ae:1a:4a:d4:d3:24:3f:18:c0:
21:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:16:87:43:58:4C:8D:E6:B5:9F:22:BD:B5:82:F5:F2:98:D0:B5:FB
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XhaHQ1hMjea1nyK9tYL18pjQtfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86::/40
Signature Algorithm: sha256WithRSAEncryption
da:b6:7b:fe:d3:65:9c:fc:f4:bb:98:99:2c:6d:37:76:70:f6:
d5:37:ae:a6:dd:43:5d:0c:66:e4:2a:4b:7e:12:70:2c:6e:1f:
a7:4a:e8:e8:8e:75:e1:22:5b:39:da:f0:b8:b9:4f:2c:4b:c6:
c0:ae:25:2e:0d:85:25:a9:be:2c:2a:3f:d2:ac:ed:04:b9:96:
02:5b:43:4a:bc:db:4d:cb:10:7c:c8:8c:c7:77:43:ae:82:dd:
9d:74:52:e2:b3:67:b0:64:00:ea:30:55:2f:45:fd:bf:60:db:
ae:38:10:76:be:29:97:5c:a3:60:33:00:25:f4:ce:96:af:3f:
f3:a3:c3:2a:31:cf:06:63:af:aa:96:af:2f:66:83:d3:1e:23:
a4:32:ab:90:dd:67:be:13:8f:ff:10:c6:8e:78:1e:1e:9f:b2:
70:57:ae:5e:bf:93:7e:66:5e:d1:da:f0:31:c7:64:67:53:5b:
4d:26:3a:8f:c6:2c:ca:26:a7:34:8a:83:46:a6:05:43:51:7a:
ff:8a:99:5c:0b:f2:2f:82:f7:74:d5:c8:92:5f:5c:3d:3d:29:
12:a4:1c:2c:c3:19:25:7b:11:17:2d:e9:c1:6b:5e:40:b7:e8:
f7:9f:e7:8f:60:d0:78:10:c6:c2:31:91:8a:24:03:ef:ee:03:
61:c6:71:2b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECRMGSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUxNjg3NDM1ODRj
OGRlNmI1OWYyMmJkYjU4MmY1ZjI5OGQwYjVmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJynwneFtQ/uVDXSPRxrHhLd5h9zSenBXvJRNz4USF96W0k
otuVOzJOp1hTj2SbWGEO/PCgg8rqwdOsUOeFOFwlz+GBLXIaneu+OxYWEsb6EbPy
Cdafr3fpcs1sWiUFum/3X48QF80S826ki6CFqv2gYdgqdaYqWmzkqPO/XjFeF3bY
X6QcJfLIDIW1QC34tmYARwHm8gN+3UcA50XVkcVRAfHUtkZFb9IcqTXM+z4RYazS
MAJj20+c5cjtlAfOBJudaT5M3mbS8nzAwqBZhZjdBHhYI7uHy21BcLMr/nqemMC2
dAkYslM6AsKvSQrmr7jawvR0rhpK1NMkPxjAIQ8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBReFodDWEyN5rWfIr21gvXymNC1+zAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L1hoYUhRMWhNamVhMW55Szl0WUwxOHBqUXRmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLC4YAMA0GCSqGSIb3DQEBCwUA
A4IBAQDatnv+02Wc/PS7mJksbTd2cPbVN66m3UNdDGbkKkt+EnAsbh+nSujojnXh
Ils52vC4uU8sS8bAriUuDYUlqb4sKj/SrO0EuZYCW0NKvNtNyxB8yIzHd0Ougt2d
dFLis2ewZADqMFUvRf2/YNuuOBB2vimXXKNgMwAl9M6Wrz/zo8MqMc8GY6+qlq8v
ZoPTHiOkMquQ3We+E4//EMaOeB4en7JwV65ev5N+Zl7R2vAxx2RnU1tNJjqPxizK
Jqc0ioNGpgVDUXr/iplcC/Ivgvd01ciSX1w9PSkSpBwswxklexEXLenBa15At+j3
n+ePYNB4EMbCMZGKJAPv7gNhxnEr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org