Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/csDSqjkSWNxc_NSNBfDq1Um3HgU.roa
File: csDSqjkSWNxc_NSNBfDq1Um3HgU.roa (raw, json)
Hash identifier: KWvYW6uWNJUW7+8+wiq6zScvUItkZMUapcTJmYcQuMs=
Subject key identifier: 72:C0:D2:AA:39:12:58:DC:5C:FC:D4:8D:05:F0:EA:D5:49:B7:1E:05
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 092D5A05
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/csDSqjkSWNxc_NSNBfDq1Um3HgU.roa
Signing time: Sat 01 Jan 2022 16:00:53 +0000
ROA not before: Sat 01 Jan 2022 16:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210902
IP address blocks: 2a0b:b87:ff10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153967109 (0x92d5a05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72c0d2aa391258dc5cfcd48d05f0ead549b71e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:04:0f:b3:1b:5e:60:86:21:79:60:20:61:b8:
8f:45:49:09:04:bf:0f:3e:d4:17:7b:58:fd:12:86:
7f:00:41:2b:87:44:9f:f9:b6:3e:78:40:88:ab:9f:
4a:9e:65:51:3d:cf:f5:e9:c4:0c:64:dc:a4:a0:56:
12:14:18:dc:54:0e:2a:0e:4a:bf:ab:ef:ac:47:9b:
b1:62:aa:ab:17:33:c4:f0:6a:7c:cd:b6:ad:78:f8:
27:a8:d4:d3:10:0b:c5:56:e5:dc:a7:e3:de:c2:05:
3d:52:4c:86:13:ea:5b:90:b2:e5:31:9a:4b:ad:39:
ea:66:19:69:6f:aa:84:cd:cb:63:24:33:10:5e:bc:
32:bd:84:d5:84:9e:77:bb:7d:5a:0e:3e:5f:4a:3f:
bd:90:0c:64:b4:c3:59:27:90:f9:e2:26:17:4d:26:
08:05:b2:bd:1a:13:34:c8:c2:75:23:e8:3d:fa:47:
1e:93:86:e9:fc:16:3f:ad:88:a6:95:e3:82:68:4a:
05:36:a1:0d:f8:18:b8:61:07:0a:79:5f:7d:96:c1:
7c:4f:46:18:1d:5e:44:4d:31:d9:a3:ef:f9:f5:92:
0a:d1:32:42:d0:05:a5:22:45:49:93:4b:86:c0:41:
2d:fe:11:96:77:50:aa:82:3b:4a:d7:53:d9:3c:c2:
4a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C0:D2:AA:39:12:58:DC:5C:FC:D4:8D:05:F0:EA:D5:49:B7:1E:05
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/csDSqjkSWNxc_NSNBfDq1Um3HgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff10::/48
Signature Algorithm: sha256WithRSAEncryption
d2:39:80:70:52:f9:bb:de:25:2c:76:10:2a:af:41:05:41:a0:
84:79:a7:1a:77:ee:da:c7:da:b2:e3:b0:cf:17:3a:50:17:a2:
e0:5f:b6:54:79:21:4b:d4:36:94:d4:af:3f:80:6c:b2:23:6a:
2d:49:ad:13:6e:4a:f9:cf:ed:66:bd:86:4e:e1:4e:38:c7:48:
6e:56:e3:9b:90:85:77:16:25:89:75:97:2d:61:e4:e2:8c:d9:
62:db:37:eb:e9:bd:85:76:91:ae:f2:44:11:c6:3e:10:92:6c:
1c:d1:70:c6:89:72:de:bd:d4:55:d4:a7:f0:e4:14:80:6f:1b:
67:dc:74:a0:b0:9c:7a:12:0d:1b:1b:34:b5:78:7c:22:bf:9d:
72:c6:fd:e1:df:dc:14:52:0a:6b:08:a2:5c:ff:41:92:25:7d:
69:a5:9e:90:b9:23:99:5a:75:db:e4:ba:af:21:c2:72:1a:e5:
70:ff:59:1e:78:4f:eb:93:86:6a:ec:6c:6a:a0:85:52:06:02:
6f:3e:dd:e5:ef:bb:8d:f1:37:ea:b3:e4:73:6d:2d:72:a9:eb:
46:05:38:f7:03:84:fe:7a:26:5c:99:d1:c0:1f:07:b9:e5:56:
11:e9:2e:d2:c3:d5:c1:a6:fd:2f:1b:25:df:fc:c3:d7:49:97:
9d:df:e5:f5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECS1aBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJjMGQyYWEzOTEy
NThkYzVjZmNkNDhkMDVmMGVhZDU0OWI3MWUwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPgED7MbXmCGIXlgIGG4j0VJCQS/Dz7UF3tY/RKGfwBBK4dE
n/m2PnhAiKufSp5lUT3P9enEDGTcpKBWEhQY3FQOKg5Kv6vvrEebsWKqqxczxPBq
fM22rXj4J6jU0xALxVbl3Kfj3sIFPVJMhhPqW5Cy5TGaS6056mYZaW+qhM3LYyQz
EF68Mr2E1YSed7t9Wg4+X0o/vZAMZLTDWSeQ+eImF00mCAWyvRoTNMjCdSPoPfpH
HpOG6fwWP62IppXjgmhKBTahDfgYuGEHCnlffZbBfE9GGB1eRE0x2aPv+fWSCtEy
QtAFpSJFSZNLhsBBLf4RlndQqoI7StdT2TzCShsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRywNKqORJY3Fz81I0F8OrVSbceBTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L2NzRFNxamtTV054Y19OU05CZkRxMVVtM0hnVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/EDANBgkqhkiG9w0BAQsF
AAOCAQEA0jmAcFL5u94lLHYQKq9BBUGghHmnGnfu2sfasuOwzxc6UBei4F+2VHkh
S9Q2lNSvP4BssiNqLUmtE25K+c/tZr2GTuFOOMdIblbjm5CFdxYliXWXLWHk4ozZ
Yts36+m9hXaRrvJEEcY+EJJsHNFwxoly3r3UVdSn8OQUgG8bZ9x0oLCcehINGxs0
tXh8Ir+dcsb94d/cFFIKawiiXP9BkiV9aaWekLkjmVp12+S6ryHCchrlcP9ZHnhP
65OGauxsaqCFUgYCbz7d5e+7jfE36rPkc20tcqnrRgU49wOE/nomXJnRwB8HueVW
Eeku0sPVwab9Lxsl3/zD10mXnd/l9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org