Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_VNtuFE5GSa8qkX4cGRKlLy4amg.roa
File: _VNtuFE5GSa8qkX4cGRKlLy4amg.roa (raw, json)
Hash identifier: XlItqST3YYUMPzKQDqlWDQdWXf42RxvV/RR/rGE64Lw=
Subject key identifier: FD:53:6D:B8:51:39:19:26:BC:AA:45:F8:70:64:4A:94:BC:B8:6A:68
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 093F5436
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_VNtuFE5GSa8qkX4cGRKlLy4amg.roa
Signing time: Sat 01 Jan 2022 16:01:06 +0000
ROA not before: Sat 01 Jan 2022 16:01:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213361
IP address blocks: 2a0b:b87:ffee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155145270 (0x93f5436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:01:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd536db851391926bcaa45f870644a94bcb86a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bd:ac:b6:61:b7:f7:0a:7b:dc:aa:0b:97:25:
79:12:a1:70:5c:5c:5c:8a:b8:ab:e5:bc:eb:e3:21:
36:d0:49:af:cc:b6:9f:03:f3:90:23:09:b4:c8:a3:
15:8a:91:3f:1c:c1:b2:07:09:1a:cc:e2:b3:e2:5f:
1c:c8:44:7d:0c:f6:d5:7f:eb:7f:33:78:5b:1b:d1:
75:c1:62:7c:f8:11:17:11:6c:e2:9c:4d:fb:63:8f:
d6:cf:53:f4:5e:7c:ad:24:d4:9b:31:c4:44:66:a7:
19:d9:de:ef:2f:64:34:c7:b7:db:09:89:81:0a:f2:
8a:c2:2d:26:53:7a:27:8c:64:fb:2b:07:b0:86:a8:
be:37:40:be:fa:1c:64:5b:29:b2:f0:bc:3e:8c:05:
ce:b3:cc:86:8c:dc:1b:01:9b:a7:99:9f:00:c4:8b:
bb:a8:e0:d2:4c:46:4c:23:38:7d:81:ad:33:5f:dd:
c9:8e:07:3b:b7:9e:1d:ed:fe:1b:4a:3f:39:6b:68:
ef:ee:6e:bd:27:b6:79:ef:97:05:36:67:92:43:47:
a1:d8:6f:6b:89:25:a7:d5:86:87:7f:cd:3b:a7:8b:
c8:9a:ca:e8:a6:b1:bc:4a:72:82:21:67:97:50:30:
d3:6e:40:99:bf:66:09:dd:37:36:a7:c2:48:9a:f9:
12:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:53:6D:B8:51:39:19:26:BC:AA:45:F8:70:64:4A:94:BC:B8:6A:68
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_VNtuFE5GSa8qkX4cGRKlLy4amg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffee::/48
Signature Algorithm: sha256WithRSAEncryption
1b:c0:f2:e8:59:6f:41:50:44:7c:5d:de:a0:95:76:96:6a:3c:
24:0c:6d:d2:75:93:87:83:c1:62:70:16:b2:4c:6b:d1:22:8c:
c6:ac:8e:fb:12:f5:b9:95:19:7e:54:9f:9c:28:9d:14:9d:59:
fc:6f:5f:7c:de:d9:81:bc:d6:96:9a:fc:ad:d8:9a:c0:0d:68:
91:89:e1:d5:a5:90:57:9f:8a:4e:e3:5c:e3:ee:ef:48:ea:c9:
7b:30:e4:39:7e:01:86:db:44:58:01:aa:06:2a:10:21:5b:c1:
17:95:aa:62:17:19:21:c8:2e:3f:ba:cb:fd:4e:8a:ea:22:70:
6b:7d:56:19:98:27:37:71:af:b5:0f:8b:dd:16:c9:6e:60:7d:
0c:2f:c5:ea:61:c7:6b:12:7a:47:3c:47:3c:04:11:fc:92:20:
b9:51:bb:ae:a1:8d:d2:20:8c:4e:b6:e0:73:c0:88:c6:dc:42:
3f:85:ab:fa:f7:f7:b8:2a:e0:99:77:21:3d:65:e1:9c:d3:ed:
c5:36:5e:f4:79:1e:d4:c6:78:44:ae:35:a2:6b:b2:fb:4a:49:
c8:e7:fb:ec:e7:b1:e3:61:4f:b0:06:95:7c:26:64:71:5b:0a:
30:3a:24:df:42:f1:69:38:4a:de:32:b8:46:8f:e3:8e:6f:1d:
f0:df:0e:20
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECT9UNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ1MzZkYjg1MTM5
MTkyNmJjYWE0NWY4NzA2NDRhOTRiY2I4NmE2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANG9rLZht/cKe9yqC5cleRKhcFxcXIq4q+W86+MhNtBJr8y2
nwPzkCMJtMijFYqRPxzBsgcJGszis+JfHMhEfQz21X/rfzN4WxvRdcFifPgRFxFs
4pxN+2OP1s9T9F58rSTUmzHERGanGdne7y9kNMe32wmJgQryisItJlN6J4xk+ysH
sIaovjdAvvocZFspsvC8PowFzrPMhozcGwGbp5mfAMSLu6jg0kxGTCM4fYGtM1/d
yY4HO7eeHe3+G0o/OWto7+5uvSe2ee+XBTZnkkNHodhva4klp9WGh3/NO6eLyJrK
6KaxvEpygiFnl1Aw025Amb9mCd03NqfCSJr5EmsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT9U224UTkZJryqRfhwZEqUvLhqaDAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L19WTnR1RkU1R1NhOHFrWDRjR1JLbEx5NGFtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/7jANBgkqhkiG9w0BAQsF
AAOCAQEAG8Dy6FlvQVBEfF3eoJV2lmo8JAxt0nWTh4PBYnAWskxr0SKMxqyO+xL1
uZUZflSfnCidFJ1Z/G9ffN7ZgbzWlpr8rdiawA1okYnh1aWQV5+KTuNc4+7vSOrJ
ezDkOX4BhttEWAGqBioQIVvBF5WqYhcZIcguP7rL/U6K6iJwa31WGZgnN3GvtQ+L
3RbJbmB9DC/F6mHHaxJ6RzxHPAQR/JIguVG7rqGN0iCMTrbgc8CIxtxCP4Wr+vf3
uCrgmXchPWXhnNPtxTZe9Hke1MZ4RK41omuy+0pJyOf77Oex42FPsAaVfCZkcVsK
MDok30LxaThK3jK4Ro/jjm8d8N8OIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org