Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dgrJcqYSvAP88hSC65Tj5aF_7g8.roa
File: dgrJcqYSvAP88hSC65Tj5aF_7g8.roa (raw, json)
Hash identifier: jc0yI/AENmcx12jCeVwLfwqILhUZrdpbO2SKbw0LPcU=
Subject key identifier: 76:0A:C9:72:A6:12:BC:03:FC:F2:14:82:EB:94:E3:E5:A1:7F:EE:0F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0926A372
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dgrJcqYSvAP88hSC65Tj5aF_7g8.roa
Signing time: Sat 01 Jan 2022 16:00:48 +0000
ROA not before: Sat 01 Jan 2022 16:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208885
IP address blocks: 2a0b:b86:ffe4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153527154 (0x926a372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=760ac972a612bc03fcf21482eb94e3e5a17fee0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:77:09:52:ba:4a:99:45:4a:a5:fc:ba:50:fc:
17:10:0b:0d:68:fc:10:0d:32:80:99:bc:c4:51:1b:
0d:92:b4:d2:63:e7:2a:a7:35:76:64:a0:35:5d:bf:
51:45:58:0b:7b:fd:15:f9:06:53:8e:1b:9b:2a:7a:
52:08:87:dc:3a:2e:11:cb:ee:8f:a2:5e:17:9a:4f:
00:b7:5d:9e:15:4e:a8:0a:cb:62:bd:a0:76:01:2e:
a3:1e:16:b2:98:11:1a:2f:5f:5b:dc:d1:f9:a4:69:
38:15:dc:93:c9:48:1d:e6:92:0e:f2:da:df:18:fe:
f8:ea:ff:f0:69:cd:ee:de:b7:63:55:ce:3b:a3:f7:
3f:7e:49:ce:cf:b7:61:14:4c:b8:6c:58:00:46:67:
2a:e2:82:b9:be:56:f0:23:08:c1:54:5d:46:75:a4:
b4:24:a6:f9:83:5f:9d:4c:15:8d:e8:e9:46:c5:3c:
1d:ba:62:ff:26:95:25:d2:5c:4e:68:49:07:9b:15:
ea:84:05:02:ac:7c:f6:72:a8:0c:c7:67:29:b6:51:
da:70:34:85:91:94:dd:48:bb:01:bf:fe:3f:2c:f6:
a1:e1:ae:db:cd:7f:d0:aa:96:46:59:ea:7b:86:1a:
c8:04:61:b7:87:8c:b5:c2:ce:d6:34:d8:92:df:e4:
a0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0A:C9:72:A6:12:BC:03:FC:F2:14:82:EB:94:E3:E5:A1:7F:EE:0F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dgrJcqYSvAP88hSC65Tj5aF_7g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:ffe4::/48
Signature Algorithm: sha256WithRSAEncryption
52:b8:10:d7:bc:6d:d8:d0:ce:64:a6:11:a2:91:d9:5d:89:9e:
a4:dd:4c:c7:35:fe:32:8f:1f:bf:50:ca:e8:d5:ca:cb:30:f7:
d1:31:cb:dc:32:a6:d9:b6:15:81:c6:03:75:c0:eb:93:22:35:
9c:f7:75:b1:99:b6:5e:a8:6f:d7:43:9f:03:c5:18:39:31:a7:
57:6b:3c:42:09:ec:ab:b5:2d:47:25:e2:24:c2:b6:d5:51:33:
c1:ec:22:34:2a:15:03:9e:bf:ff:2f:57:57:a5:06:cf:ad:e3:
d1:4e:6b:8c:5f:35:e6:98:aa:4c:63:2d:01:3f:7d:84:ec:be:
27:ec:e3:58:06:38:9c:79:7f:8b:c6:b5:6e:d6:c8:1d:ba:86:
13:a8:81:ef:96:f4:63:f1:36:d0:93:09:d3:bf:50:78:54:bc:
d0:06:16:16:75:26:8a:09:20:25:3d:27:3e:d7:c1:81:c7:e4:
71:86:15:6e:15:0c:18:8e:4a:99:b9:b4:5a:94:bd:52:39:82:
7b:53:4a:cb:b5:eb:74:a1:e5:17:e4:76:f6:46:be:32:c5:5b:
f1:19:19:55:90:be:47:5c:39:34:55:4c:52:ec:d1:25:20:f1:
ce:1c:7e:fe:31:57:b8:36:d4:1b:8c:3f:df:41:c9:a3:07:94:
13:de:72:e7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSajcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYwYWM5NzJhNjEy
YmMwM2ZjZjIxNDgyZWI5NGUzZTVhMTdmZWUwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOd3CVK6SplFSqX8ulD8FxALDWj8EA0ygJm8xFEbDZK00mPn
Kqc1dmSgNV2/UUVYC3v9FfkGU44bmyp6UgiH3DouEcvuj6JeF5pPALddnhVOqArL
Yr2gdgEuox4WspgRGi9fW9zR+aRpOBXck8lIHeaSDvLa3xj++Or/8GnN7t63Y1XO
O6P3P35Jzs+3YRRMuGxYAEZnKuKCub5W8CMIwVRdRnWktCSm+YNfnUwVjejpRsU8
Hbpi/yaVJdJcTmhJB5sV6oQFAqx89nKoDMdnKbZR2nA0hZGU3Ui7Ab/+Pyz2oeGu
281/0KqWRlnqe4YayARht4eMtcLO1jTYkt/koOcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR2CslyphK8A/zyFILrlOPloX/uDzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L2RnckpjcVlTdkFQODhoU0M2NVRqNWFGXzdnOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4b/5DANBgkqhkiG9w0BAQsF
AAOCAQEAUrgQ17xt2NDOZKYRopHZXYmepN1MxzX+Mo8fv1DK6NXKyzD30THL3DKm
2bYVgcYDdcDrkyI1nPd1sZm2Xqhv10OfA8UYOTGnV2s8Qgnsq7UtRyXiJMK21VEz
wewiNCoVA56//y9XV6UGz63j0U5rjF815piqTGMtAT99hOy+J+zjWAY4nHl/i8a1
btbIHbqGE6iB75b0Y/E20JMJ079QeFS80AYWFnUmigkgJT0nPtfBgcfkcYYVbhUM
GI5Kmbm0WpS9UjmCe1NKy7XrdKHlF+R29ka+MsVb8RkZVZC+R1w5NFVMUuzRJSDx
zhx+/jFXuDbUG4w/30HJoweUE95y5w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org