Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m6KX375op5ZMLMBlGBpiq78eY3A.roa
File: m6KX375op5ZMLMBlGBpiq78eY3A.roa (raw, json)
Hash identifier: dwU25kATHN14xVlq+/7JTkQPZ8AqqhPwW0eFR7vyTNA=
Subject key identifier: 9B:A2:97:DF:BE:68:A7:96:4C:2C:C0:65:18:1A:62:AB:BF:1E:63:70
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0932CB83
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m6KX375op5ZMLMBlGBpiq78eY3A.roa
Signing time: Sat 01 Jan 2022 16:00:57 +0000
ROA not before: Sat 01 Jan 2022 16:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211849
IP address blocks: 2a0b:b86:ffc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154323843 (0x932cb83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ba297dfbe68a7964c2cc065181a62abbf1e6370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:96:15:53:f2:a4:80:8f:1c:8b:50:9f:e5:6c:
bb:83:4c:49:87:63:44:f9:7a:22:58:9e:97:c4:25:
db:0a:03:00:1f:34:0f:ca:15:b7:a9:cf:6e:aa:ad:
b8:6c:6e:aa:f5:b2:2d:ee:bd:ad:79:0e:23:aa:17:
14:05:1c:6f:a3:f4:c6:8e:63:06:13:51:b4:28:f2:
07:97:be:2c:c1:97:a6:0f:a3:d0:1f:d5:46:37:1f:
46:02:ea:b7:a2:8d:ff:46:47:74:61:64:c3:48:2d:
37:8a:4f:65:fe:fd:ef:3f:eb:d2:a7:7c:ce:95:df:
2b:5e:1e:d3:c9:2c:60:06:76:77:65:52:ed:d2:14:
c6:c5:c6:93:d8:1a:38:fe:6f:57:bf:ee:40:3d:62:
5d:e8:2f:2a:40:9b:5a:64:0a:3a:6e:03:d8:09:8b:
52:23:5e:97:80:11:6b:1a:19:06:f3:ee:03:69:d5:
39:8f:59:45:84:04:99:a1:45:21:0b:db:38:ca:54:
b2:7e:73:d0:a7:31:a9:16:16:86:a6:db:cf:d6:65:
01:41:e6:6c:77:d4:e5:8e:a1:8f:b0:b6:82:2a:6d:
78:ca:55:48:91:6a:35:b6:94:15:20:3b:31:cd:0e:
0e:24:56:2f:d5:a7:a8:01:97:42:b3:39:4c:bc:b5:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A2:97:DF:BE:68:A7:96:4C:2C:C0:65:18:1A:62:AB:BF:1E:63:70
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m6KX375op5ZMLMBlGBpiq78eY3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:ffc0::/48
Signature Algorithm: sha256WithRSAEncryption
4d:29:1f:d3:bd:68:89:8d:a4:71:89:d4:57:1f:a0:00:b1:e4:
af:b0:1a:a3:21:d9:17:e4:79:62:5e:d9:48:fe:c3:dc:38:de:
96:6e:00:56:be:bf:34:b2:23:ed:f3:6e:ae:33:ea:5f:d2:8b:
28:d5:33:82:4d:3c:b7:17:80:32:4d:6d:45:5f:94:a0:78:ad:
e9:79:ae:d2:63:87:77:e4:48:d2:8c:50:33:27:09:f8:03:3a:
83:25:44:87:8c:b0:09:02:08:3c:8e:ea:08:e2:29:03:07:25:
17:b6:22:68:2c:9f:26:58:c4:33:61:6c:04:71:48:cc:cf:6f:
7b:f7:38:41:96:c1:f0:0e:68:fd:5e:97:f2:9d:4d:d1:9c:46:
d6:6f:04:26:b2:66:bb:4e:6d:83:14:ce:50:c3:10:be:9c:fb:
15:3e:e0:d5:28:dd:4a:6f:60:4c:cb:cd:b3:02:22:33:d2:f3:
15:94:67:f4:6c:41:97:2b:ce:bd:76:98:a3:37:70:8b:2d:6f:
9e:96:84:15:cd:36:be:53:d8:a0:8f:08:0b:aa:69:5a:c7:28:
ea:ff:e7:7a:a3:9a:dd:9a:6a:9b:58:45:64:25:0b:7a:d9:c1:
f9:7f:7c:cf:dc:13:e6:7d:eb:85:82:48:e3:3e:82:03:42:ab:
b1:22:e3:7a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECTLLgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhMjk3ZGZiZTY4
YTc5NjRjMmNjMDY1MTgxYTYyYWJiZjFlNjM3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPKWFVPypICPHItQn+Vsu4NMSYdjRPl6Iliel8Ql2woDAB80
D8oVt6nPbqqtuGxuqvWyLe69rXkOI6oXFAUcb6P0xo5jBhNRtCjyB5e+LMGXpg+j
0B/VRjcfRgLqt6KN/0ZHdGFkw0gtN4pPZf797z/r0qd8zpXfK14e08ksYAZ2d2VS
7dIUxsXGk9gaOP5vV7/uQD1iXegvKkCbWmQKOm4D2AmLUiNel4ARaxoZBvPuA2nV
OY9ZRYQEmaFFIQvbOMpUsn5z0KcxqRYWhqbbz9ZlAUHmbHfU5Y6hj7C2gipteMpV
SJFqNbaUFSA7Mc0ODiRWL9WnqAGXQrM5TLy1adsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSbopffvminlkwswGUYGmKrvx5jcDAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L202S1gzNzVvcDVaTUxNQmxHQnBpcTc4ZVkzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4b/wDANBgkqhkiG9w0BAQsF
AAOCAQEATSkf071oiY2kcYnUVx+gALHkr7AaoyHZF+R5Yl7ZSP7D3Djelm4AVr6/
NLIj7fNurjPqX9KLKNUzgk08txeAMk1tRV+UoHit6Xmu0mOHd+RI0oxQMycJ+AM6
gyVEh4ywCQIIPI7qCOIpAwclF7YiaCyfJljEM2FsBHFIzM9ve/c4QZbB8A5o/V6X
8p1N0ZxG1m8EJrJmu05tgxTOUMMQvpz7FT7g1SjdSm9gTMvNswIiM9LzFZRn9GxB
lyvOvXaYozdwiy1vnpaEFc02vlPYoI8IC6ppWsco6v/neqOa3Zpqm1hFZCULetnB
+X98z9wT5n3rhYJI4z6CA0KrsSLjeg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org