Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mYVHd-KQlgJe_KFNLwU1w2EkQDg.roa
File: mYVHd-KQlgJe_KFNLwU1w2EkQDg.roa (raw, json)
Hash identifier: ZwpHqf96LvLeM8+WowajKjgLqBDEX/aUtyWbEmyKdh0=
Subject key identifier: 99:85:47:77:E2:90:96:02:5E:FC:A1:4D:2F:05:35:C3:61:24:40:38
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0923E0CE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mYVHd-KQlgJe_KFNLwU1w2EkQDg.roa
Signing time: Sat 01 Jan 2022 16:00:46 +0000
ROA not before: Sat 01 Jan 2022 16:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207892
IP address blocks: 2a0b:b87:ffdb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153346254 (0x923e0ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99854777e29096025efca14d2f0535c361244038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c4:a2:67:86:4c:71:7a:9f:1f:e0:08:ac:bf:
47:9f:62:63:4c:0c:d3:e7:33:cd:e2:98:ee:6b:fe:
81:fa:1c:ab:ff:e0:a4:6d:a0:07:1f:b3:2f:10:62:
62:e7:06:94:12:4f:4e:64:cc:b9:88:05:6d:9c:27:
f9:3d:98:23:bc:41:b8:f7:d2:00:80:96:c8:63:92:
f8:8f:02:05:0f:b4:9f:71:61:10:a9:f5:92:d0:b2:
45:25:93:25:af:a8:f6:98:d6:2b:f0:05:74:77:77:
5e:0a:4a:c7:77:2b:f5:a7:b6:e3:49:c6:d2:3f:70:
8c:b0:4d:00:13:8d:a7:a4:fe:77:72:85:51:ee:8f:
c4:5f:32:c7:ea:b7:94:85:49:9d:c3:69:9a:5a:2e:
8e:5e:d4:61:54:01:82:46:46:15:4b:e8:c2:55:c2:
99:2f:a8:ed:bc:52:18:06:35:05:84:c2:73:f3:0f:
df:de:a5:67:bb:d5:fe:c0:b9:0b:c7:6b:cc:db:73:
0a:de:a3:4c:e8:19:82:ff:f4:f6:b6:9f:9f:53:6b:
1f:a1:17:f0:a3:1f:c0:0d:39:2a:72:94:ed:f6:64:
ad:4d:e8:15:80:71:bb:bc:91:ff:fc:f6:cc:8b:5e:
ee:38:1f:f2:35:0c:7b:25:f9:aa:4e:89:ec:eb:d8:
ed:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:85:47:77:E2:90:96:02:5E:FC:A1:4D:2F:05:35:C3:61:24:40:38
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/mYVHd-KQlgJe_KFNLwU1w2EkQDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffdb::/48
Signature Algorithm: sha256WithRSAEncryption
9c:be:45:66:04:eb:e4:90:42:a7:8d:e4:12:dc:c9:b9:b1:5c:
f9:c7:97:5c:db:fa:2c:b8:c9:09:d9:6c:bf:50:4e:51:31:84:
ae:e6:18:fb:0a:45:57:de:00:5c:80:5b:40:d3:10:b9:a8:5a:
6a:b0:bd:5e:59:20:26:bd:a7:9a:be:c6:6b:b4:09:2c:b3:a1:
3f:e5:8e:87:ca:6b:4a:5b:14:fd:cb:ed:c8:40:1a:d2:b0:5b:
51:7c:ea:b7:e2:fa:03:72:6e:da:aa:2d:2f:a9:fd:b0:5d:cb:
6c:b2:44:3e:f4:70:6c:13:88:c0:da:ad:fe:df:c0:b2:aa:2c:
70:35:c0:33:31:e8:ed:d8:c1:63:b5:be:02:83:31:51:49:bf:
6e:d0:9d:4b:28:47:4b:06:54:b6:a1:2b:9e:5e:ff:13:9b:7f:
2f:72:64:2c:87:26:5c:78:03:a3:02:0f:5d:16:d6:9f:f0:e0:
e0:50:af:a7:70:ed:10:66:73:10:cc:96:87:2b:a9:84:30:3c:
15:f3:ee:2e:8b:9f:fe:28:01:63:55:f6:b1:3e:14:07:45:a0:
e0:08:35:dd:de:e4:7e:f6:59:e0:9a:c5:5f:99:7f:bc:fd:c0:
d5:ed:13:5c:d6:d1:71:a8:d5:27:87:0e:f5:51:be:b5:6a:e7:
14:48:97:d5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSPgzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk4NTQ3NzdlMjkw
OTYwMjVlZmNhMTRkMmYwNTM1YzM2MTI0NDAzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvEomeGTHF6nx/gCKy/R59iY0wM0+czzeKY7mv+gfocq//g
pG2gBx+zLxBiYucGlBJPTmTMuYgFbZwn+T2YI7xBuPfSAICWyGOS+I8CBQ+0n3Fh
EKn1ktCyRSWTJa+o9pjWK/AFdHd3XgpKx3cr9ae240nG0j9wjLBNABONp6T+d3KF
Ue6PxF8yx+q3lIVJncNpmloujl7UYVQBgkZGFUvowlXCmS+o7bxSGAY1BYTCc/MP
396lZ7vV/sC5C8drzNtzCt6jTOgZgv/09rafn1NrH6EX8KMfwA05KnKU7fZkrU3o
FYBxu7yR//z2zIte7jgf8jUMeyX5qk6J7OvY7ZUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSZhUd34pCWAl78oU0vBTXDYSRAODAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L21ZVkhkLUtRbGdKZV9LRk5Md1UxdzJFa1FEZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/2zANBgkqhkiG9w0BAQsF
AAOCAQEAnL5FZgTr5JBCp43kEtzJubFc+ceXXNv6LLjJCdlsv1BOUTGEruYY+wpF
V94AXIBbQNMQuahaarC9XlkgJr2nmr7Ga7QJLLOhP+WOh8prSlsU/cvtyEAa0rBb
UXzqt+L6A3Ju2qotL6n9sF3LbLJEPvRwbBOIwNqt/t/AsqoscDXAMzHo7djBY7W+
AoMxUUm/btCdSyhHSwZUtqErnl7/E5t/L3JkLIcmXHgDowIPXRbWn/Dg4FCvp3Dt
EGZzEMyWhyuphDA8FfPuLouf/igBY1X2sT4UB0Wg4Ag13d7kfvZZ4JrFX5l/vP3A
1e0TXNbRcajVJ4cO9VG+tWrnFEiX1Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org