Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tJBrY7JMXWtr_-th29LvBUL0xHA.roa
File: tJBrY7JMXWtr_-th29LvBUL0xHA.roa (raw, json)
Hash identifier: yWFbnJtrF1O42dmBOo4KQs3jAEv/jgeIjJuRnXO46xw=
Subject key identifier: B4:90:6B:63:B2:4C:5D:6B:6B:FF:EB:61:DB:D2:EF:05:42:F4:C4:70
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09294830
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tJBrY7JMXWtr_-th29LvBUL0xHA.roa
Signing time: Sat 01 Jan 2022 16:00:51 +0000
ROA not before: Sat 01 Jan 2022 16:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210632
IP address blocks: 2a0b:b87:ff13::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153700400 (0x9294830)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4906b63b24c5d6b6bffeb61dbd2ef0542f4c470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:02:f1:55:48:11:43:b4:1f:be:34:81:e3:
32:ab:66:d9:e1:f3:31:78:3e:2b:1d:92:13:d9:08:
1d:f7:04:a9:ae:f2:c8:e9:43:31:44:96:ce:45:5b:
b1:1b:e2:35:2b:e2:80:e0:02:aa:b0:9e:3a:0c:5b:
c2:08:47:d4:59:ee:90:4e:bc:d9:78:4c:47:e3:0c:
6b:8b:b4:32:26:f5:8b:36:d4:e9:c4:07:82:63:a5:
be:91:2e:21:b2:4c:2b:cd:2c:f9:ea:28:0c:f0:41:
ba:c2:87:7c:ce:97:f1:ea:67:90:c4:05:98:82:7e:
8c:7a:8f:f2:02:9b:e2:c2:16:5f:b7:f5:a3:1a:87:
86:91:db:7e:50:2f:5b:84:ee:28:af:04:0f:85:85:
ce:79:76:f2:1a:6e:ab:75:17:65:ae:ea:bf:18:42:
8d:69:50:ac:ca:96:33:d9:d9:c7:f3:8f:d1:47:55:
94:6f:e8:3e:84:22:98:56:af:04:c9:65:c1:99:ca:
63:c0:3a:72:55:20:e4:65:f0:44:41:12:08:7c:8e:
02:a9:f1:f8:a3:d7:eb:57:5c:0b:ec:07:15:33:48:
8c:ae:93:3b:57:72:06:83:9e:40:e6:f4:c7:0b:7e:
a1:b3:13:bb:17:c4:f0:a0:f0:d8:2e:98:5c:9c:95:
bc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:90:6B:63:B2:4C:5D:6B:6B:FF:EB:61:DB:D2:EF:05:42:F4:C4:70
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tJBrY7JMXWtr_-th29LvBUL0xHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff13::/48
Signature Algorithm: sha256WithRSAEncryption
49:1a:42:dc:ee:11:02:8a:de:97:23:c6:38:8a:f2:38:10:64:
3c:bb:39:6a:7f:5c:3a:fa:b4:b4:7d:01:07:ed:9d:89:44:33:
82:17:80:ba:8b:cf:16:ab:8e:93:9c:bb:47:d8:ae:7f:0a:88:
e5:ed:b7:43:2d:7d:98:e5:84:94:1f:eb:f3:75:70:f9:50:b6:
32:d4:ff:96:4d:47:21:2b:c7:f2:bc:c1:ff:52:e0:c7:8f:e6:
b8:62:2c:a2:f8:fb:e6:75:9a:70:1e:19:0f:41:99:4a:36:8b:
a1:85:76:8c:88:34:e3:58:38:84:1b:46:19:06:ef:c2:fb:9c:
8d:54:91:f7:3d:c0:e5:78:81:39:f7:fb:b7:a8:13:67:89:e8:
4f:5c:9d:7a:28:4f:fd:cc:1a:39:ce:f9:34:1c:48:79:e6:71:
a3:fe:72:32:c2:01:ac:a9:5e:8e:19:65:87:59:61:e2:79:e4:
b2:0e:14:01:93:af:6a:4d:ca:5a:4f:e6:98:ff:e5:82:60:aa:
c7:41:30:f0:3c:81:8d:ff:d1:a9:f8:e0:c3:01:3a:5d:42:5e:
d6:0d:a4:b2:7e:ed:76:7f:6a:5d:35:84:52:77:af:8f:99:fc:
06:70:6e:72:64:6d:e1:02:0e:ca:ad:83:04:08:94:8d:3d:8d:
21:12:8e:99
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECSlIMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ5MDZiNjNiMjRj
NWQ2YjZiZmZlYjYxZGJkMmVmMDU0MmY0YzQ3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVSAvFVSBFDtB++NIHjMqtm2eHzMXg+Kx2SE9kIHfcEqa7y
yOlDMUSWzkVbsRviNSvigOACqrCeOgxbwghH1FnukE682XhMR+MMa4u0Mib1izbU
6cQHgmOlvpEuIbJMK80s+eooDPBBusKHfM6X8epnkMQFmIJ+jHqP8gKb4sIWX7f1
oxqHhpHbflAvW4TuKK8ED4WFznl28hpuq3UXZa7qvxhCjWlQrMqWM9nZx/OP0UdV
lG/oPoQimFavBMllwZnKY8A6clUg5GXwREESCHyOAqnx+KPX61dcC+wHFTNIjK6T
O1dyBoOeQOb0xwt+obMTuxfE8KDw2C6YXJyVvJECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS0kGtjskxda2v/62Hb0u8FQvTEcDAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L3RKQnJZN0pNWFd0cl8tdGgyOUx2QlVMMHhIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/EzANBgkqhkiG9w0BAQsF
AAOCAQEASRpC3O4RAorelyPGOIryOBBkPLs5an9cOvq0tH0BB+2diUQzgheAuovP
FquOk5y7R9iufwqI5e23Qy19mOWElB/r83Vw+VC2MtT/lk1HISvH8rzB/1Lgx4/m
uGIsovj75nWacB4ZD0GZSjaLoYV2jIg041g4hBtGGQbvwvucjVSR9z3A5XiBOff7
t6gTZ4noT1ydeihP/cwaOc75NBxIeeZxo/5yMsIBrKlejhllh1lh4nnksg4UAZOv
ak3KWk/mmP/lgmCqx0Ew8DyBjf/RqfjgwwE6XUJe1g2ksn7tdn9qXTWEUnevj5n8
BnBucmRt4QIOyq2DBAiUjT2NIRKOmQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org