Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/eoqAI0W2a4C2EruCvUK_94SScfo.roa
File: eoqAI0W2a4C2EruCvUK_94SScfo.roa (raw, json)
Hash identifier: vegCcWAgDU3PuvU0LJ4B9IjHTHsARpNXz8Pp4YO1nw0=
Subject key identifier: 7A:8A:80:23:45:B6:6B:80:B6:12:BB:82:BD:42:BF:F7:84:92:71:FA
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 08FFA424
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/eoqAI0W2a4C2EruCvUK_94SScfo.roa
Signing time: Sat 01 Jan 2022 16:00:23 +0000
ROA not before: Sat 01 Jan 2022 16:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35029
IP address blocks: 2a0b:b86:ffc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150971428 (0x8ffa424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a8a802345b66b80b612bb82bd42bff7849271fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:a0:5f:e8:2b:a9:1c:20:51:d1:67:fd:09:
61:46:15:00:19:e3:aa:22:eb:43:2d:d5:8d:10:fa:
42:24:40:3e:fc:b7:4c:93:cb:c5:93:9b:57:b9:42:
d8:6a:0a:10:81:20:b2:17:8e:16:fb:65:db:f8:ba:
db:f6:e9:e2:b7:5f:8f:fa:8a:69:b7:6e:bd:72:fa:
bc:cd:80:39:57:7f:f2:94:9d:8e:42:2f:ef:36:77:
65:8f:3f:88:e0:3e:8b:cc:b8:7c:55:0e:73:34:f8:
64:1b:87:6a:47:43:eb:53:e1:dd:5a:5d:da:a6:ac:
85:a7:86:da:f4:30:98:d9:6d:14:4a:78:9c:99:d3:
c6:c6:45:2e:b1:80:c3:24:30:36:2c:58:29:08:ff:
10:1d:6c:eb:40:d5:b4:d3:6c:91:04:b4:93:f6:ec:
d9:e5:48:a9:78:07:ae:4e:02:59:dd:88:7f:55:7f:
ec:f0:d5:7c:55:19:31:fb:b7:5d:4a:99:2d:e9:27:
15:72:4d:b8:71:77:c8:5f:92:8f:50:9b:6f:a8:79:
30:66:f0:37:67:7f:43:d6:58:6e:a4:57:dd:e2:09:
3f:00:3e:6a:7a:84:88:de:ac:47:0b:e7:69:d2:4c:
52:be:21:6d:a0:0d:95:24:c9:9f:df:4d:ff:70:3c:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:8A:80:23:45:B6:6B:80:B6:12:BB:82:BD:42:BF:F7:84:92:71:FA
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/eoqAI0W2a4C2EruCvUK_94SScfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:ffc0::/48
Signature Algorithm: sha256WithRSAEncryption
cb:fe:e7:5d:53:14:67:27:7d:44:25:56:5d:ac:db:a8:28:88:
b9:de:84:09:55:0b:a9:80:e3:36:ef:6a:7d:42:83:0e:dd:69:
00:ce:83:51:e6:2c:63:53:aa:3e:89:ab:52:e2:f5:9a:9c:ec:
a5:2a:24:e8:d9:de:af:d3:75:b5:1d:f9:6d:dd:f2:a5:f5:36:
64:d9:95:05:c7:03:b5:7c:59:fa:18:bc:a0:d1:6e:e8:d2:a6:
37:81:83:a3:80:68:a2:5c:3a:c4:a0:98:2e:89:87:eb:83:b1:
d9:0c:71:71:bf:38:ba:3e:6c:fd:db:f0:c9:e5:c5:0c:3f:40:
15:02:3a:5d:8a:86:1b:2c:18:79:64:9e:5d:70:eb:9b:9b:81:
08:b0:85:81:a1:aa:8f:44:73:a4:20:14:62:cf:84:00:ce:d5:
9e:8c:50:11:32:03:07:d2:23:a6:88:9e:64:d6:0b:85:af:e5:
6c:b5:f3:dd:12:d0:24:d5:70:4e:8a:43:1d:9e:5d:91:21:59:
18:cf:ae:22:3a:60:64:31:70:d3:6e:e1:ef:92:79:a8:d6:b9:
db:53:e7:e8:b5:94:0d:de:b6:ea:1a:41:14:25:ef:8d:18:78:
ed:09:01:87:ad:a5:5b:da:af:a7:fc:a9:8a:1d:35:e6:8e:67:
01:ce:66:42
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECP+kJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E4YTgwMjM0NWI2
NmI4MGI2MTJiYjgyYmQ0MmJmZjc4NDkyNzFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKusoF/oK6kcIFHRZ/0JYUYVABnjqiLrQy3VjRD6QiRAPvy3
TJPLxZObV7lC2GoKEIEgsheOFvtl2/i62/bp4rdfj/qKabduvXL6vM2AOVd/8pSd
jkIv7zZ3ZY8/iOA+i8y4fFUOczT4ZBuHakdD61Ph3Vpd2qashaeG2vQwmNltFEp4
nJnTxsZFLrGAwyQwNixYKQj/EB1s60DVtNNskQS0k/bs2eVIqXgHrk4CWd2If1V/
7PDVfFUZMfu3XUqZLeknFXJNuHF3yF+Sj1Cbb6h5MGbwN2d/Q9ZYbqRX3eIJPwA+
anqEiN6sRwvnadJMUr4hbaANlSTJn99N/3A8i58CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR6ioAjRbZrgLYSu4K9Qr/3hJJx+jAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L2VvcUFJMFcyYTRDMkVydUN2VUtfOTRTU2Nmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4b/wDANBgkqhkiG9w0BAQsF
AAOCAQEAy/7nXVMUZyd9RCVWXazbqCiIud6ECVULqYDjNu9qfUKDDt1pAM6DUeYs
Y1OqPomrUuL1mpzspSok6Nner9N1tR35bd3ypfU2ZNmVBccDtXxZ+hi8oNFu6NKm
N4GDo4Boolw6xKCYLomH64Ox2Qxxcb84uj5s/dvwyeXFDD9AFQI6XYqGGywYeWSe
XXDrm5uBCLCFgaGqj0RzpCAUYs+EAM7VnoxQETIDB9IjpoieZNYLha/lbLXz3RLQ
JNVwTopDHZ5dkSFZGM+uIjpgZDFw027h75J5qNa521Pn6LWUDd626hpBFCXvjRh4
7QkBh62lW9qvp/ypih015o5nAc5mQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org