Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ivOIz0PumGGTrecGvehNvK1b67M.roa
File: ivOIz0PumGGTrecGvehNvK1b67M.roa (raw, json)
Hash identifier: IG1oIyfqZcc+J4D0GVoqjnLj/O4gM0kVUWxrzoVSQE8=
Subject key identifier: 8A:F3:88:CF:43:EE:98:61:93:AD:E7:06:BD:E8:4D:BC:AD:5B:EB:B3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09646069
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ivOIz0PumGGTrecGvehNvK1b67M.roa
Signing time: Fri 14 Jan 2022 12:42:53 +0000
ROA not before: Fri 14 Jan 2022 12:42:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209862
IP address blocks: 2a0b:b87:ff17::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157573225 (0x9646069)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 14 12:42:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8af388cf43ee986193ade706bde84dbcad5bebb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:87:f4:70:0d:56:bc:bc:98:f7:2a:d4:d1:
e2:26:a8:b1:7e:d1:4d:a6:03:9a:4a:7d:c4:af:76:
5d:63:85:5f:4d:09:c0:c9:0c:df:91:3f:f4:f0:3f:
66:00:c3:e3:7c:90:c4:f8:4d:38:2a:5c:05:d0:f9:
47:eb:8d:57:e2:4d:5b:5a:3a:89:75:bd:7d:45:98:
9c:2f:32:84:cc:f1:f6:45:39:af:62:25:21:e1:3c:
e3:61:0d:cb:c6:91:ea:18:a7:24:b2:58:23:40:e4:
da:18:b9:cd:64:1a:1e:34:03:76:4d:e0:18:63:1c:
5a:ed:dd:60:64:e0:3b:a2:c4:9d:07:81:a1:fd:2f:
a7:92:05:29:81:b7:be:f0:e4:8b:f3:8c:3f:fd:a3:
8f:db:9c:10:4e:54:e8:05:3b:7f:ea:f9:6b:a8:c4:
22:4f:c9:a5:f5:14:df:70:00:4e:23:be:91:3e:55:
1e:13:b6:05:92:43:31:03:80:8e:ad:23:1d:68:57:
79:a5:96:37:d9:98:9a:71:aa:d0:b8:e5:b2:98:71:
51:66:2a:88:e9:ac:c7:f5:16:1b:ca:49:11:76:2f:
17:fe:7d:0e:f4:98:d1:95:1e:ec:7a:4f:52:9d:ef:
28:9d:de:7b:45:7f:9e:57:28:74:94:13:5a:35:60:
f1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F3:88:CF:43:EE:98:61:93:AD:E7:06:BD:E8:4D:BC:AD:5B:EB:B3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ivOIz0PumGGTrecGvehNvK1b67M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff17::/48
Signature Algorithm: sha256WithRSAEncryption
a9:dd:6d:a6:a2:34:45:37:87:08:f0:91:e7:ab:71:2b:35:ac:
0e:ed:c6:c5:30:65:ab:12:1b:95:c6:39:34:ba:a9:3d:8d:e7:
0b:01:6e:1e:02:51:6b:02:ad:52:ff:53:60:6f:db:dd:41:aa:
d3:4e:56:2f:bc:1e:18:29:74:d2:e4:d1:4d:65:06:1f:07:2e:
d1:22:e1:b6:9e:6b:9f:30:73:68:f3:fb:85:49:c2:51:33:1e:
21:9d:76:d3:d9:e2:95:c2:a4:33:74:fd:74:e6:90:c3:e7:2c:
d1:99:ff:34:96:85:08:5f:f9:02:1c:5a:07:0e:e9:57:b7:ac:
14:22:db:7a:07:2f:59:81:1d:d7:d2:d4:2f:80:c4:cb:75:a9:
63:be:92:e4:44:7b:5e:a1:ca:0c:e9:b8:42:3c:2c:43:6d:9a:
8f:08:45:d3:ec:3d:6e:27:cb:b9:70:89:59:1b:71:ab:50:6d:
a6:ef:e7:7f:71:93:44:a2:32:b0:67:ae:66:00:c4:85:2f:98:
b9:d0:1d:4b:2f:91:e5:3f:0b:21:59:17:94:bd:a1:53:74:81:
bf:8d:91:ce:06:b2:f2:a7:a4:76:e5:5f:ad:a8:f5:f1:0f:2c:
2d:d5:3f:18:e1:38:1a:9b:85:19:6e:42:73:61:d6:71:e2:9c:
6d:6d:4b:3b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWRgaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEx
NDEyNDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFmMzg4Y2Y0M2Vl
OTg2MTkzYWRlNzA2YmRlODRkYmNhZDViZWJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCnh/RwDVa8vJj3KtTR4iaosX7RTaYDmkp9xK92XWOFX00J
wMkM35E/9PA/ZgDD43yQxPhNOCpcBdD5R+uNV+JNW1o6iXW9fUWYnC8yhMzx9kU5
r2IlIeE842ENy8aR6hinJLJYI0Dk2hi5zWQaHjQDdk3gGGMcWu3dYGTgO6LEnQeB
of0vp5IFKYG3vvDki/OMP/2jj9ucEE5U6AU7f+r5a6jEIk/JpfUU33AATiO+kT5V
HhO2BZJDMQOAjq0jHWhXeaWWN9mYmnGq0LjlsphxUWYqiOmsx/UWG8pJEXYvF/59
DvSY0ZUe7HpPUp3vKJ3ee0V/nlcodJQTWjVg8c0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSK84jPQ+6YYZOt5wa96E28rVvrszAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L2l2T0l6MFB1bUdHVHJlY0d2ZWhOdksxYjY3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/FzANBgkqhkiG9w0BAQsF
AAOCAQEAqd1tpqI0RTeHCPCR56txKzWsDu3GxTBlqxIblcY5NLqpPY3nCwFuHgJR
awKtUv9TYG/b3UGq005WL7weGCl00uTRTWUGHwcu0SLhtp5rnzBzaPP7hUnCUTMe
IZ1209nilcKkM3T9dOaQw+cs0Zn/NJaFCF/5AhxaBw7pV7esFCLbegcvWYEd19LU
L4DEy3WpY76S5ER7XqHKDOm4QjwsQ22ajwhF0+w9bifLuXCJWRtxq1Btpu/nf3GT
RKIysGeuZgDEhS+YudAdSy+R5T8LIVkXlL2hU3SBv42Rzgay8qekduVfraj18Q8s
LdU/GOE4GpuFGW5Cc2HWceKcbW1LOw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org