Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vUMSE2KCrnqt8ZLNTUcW9MBvIgc.roa
File: vUMSE2KCrnqt8ZLNTUcW9MBvIgc.roa (raw, json)
Hash identifier: RnU0Ara7wwTqqWDwZV8XZjnQYQpoYqKW2kjSDbBCGek=
Subject key identifier: BD:43:12:13:62:82:AE:7A:AD:F1:92:CD:4D:47:16:F4:C0:6F:22:07
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0916F970
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vUMSE2KCrnqt8ZLNTUcW9MBvIgc.roa
Signing time: Sat 01 Jan 2022 16:00:37 +0000
ROA not before: Sat 01 Jan 2022 16:00:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202307
IP address blocks: 2a0b:b87:ffe9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152500592 (0x916f970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd4312136282ae7aadf192cd4d4716f4c06f2207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:45:ac:0f:a5:c8:bc:32:eb:a8:39:7e:2c:91:
1f:af:74:3e:3c:90:ce:2b:73:60:80:54:2e:19:60:
70:cf:01:af:01:b2:cd:9b:0a:c7:a3:a8:75:5f:96:
88:d7:cb:f1:39:52:c8:ee:b2:d3:8b:e9:48:4d:4d:
26:ec:c2:11:64:ba:ed:65:3d:7b:1c:73:6a:dd:68:
af:cc:b8:cc:67:1f:2e:c5:95:2a:5f:ee:82:e5:d6:
2d:fe:37:58:8f:55:e2:83:3c:f0:7c:8b:b8:de:cf:
6b:73:33:9d:a2:19:d7:3f:bc:1b:d5:ae:87:ec:ab:
a6:95:f7:f9:93:6f:c1:f8:8a:d1:9a:39:db:3f:dc:
b7:20:5f:87:3b:ef:d2:7e:07:69:33:4e:42:83:d5:
57:0f:ed:69:f5:d2:a8:d2:b4:7e:e2:64:2a:85:53:
33:56:62:79:3f:6c:53:5d:ba:ac:9d:f0:bd:3d:04:
0b:13:dd:11:2e:74:59:b4:f1:a4:1d:a0:21:cd:b2:
9e:58:92:f2:eb:46:ce:ea:cd:0d:a4:4a:37:66:c3:
a2:fd:d4:98:f4:52:23:20:1b:b6:1f:fc:d4:b1:65:
43:42:c7:f9:4e:cf:cf:48:9e:b7:a1:2d:41:e1:69:
4e:87:d1:10:87:c7:72:73:5d:02:57:86:db:2f:4c:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:43:12:13:62:82:AE:7A:AD:F1:92:CD:4D:47:16:F4:C0:6F:22:07
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vUMSE2KCrnqt8ZLNTUcW9MBvIgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe9::/48
Signature Algorithm: sha256WithRSAEncryption
91:64:e5:52:9e:ef:3b:23:18:a7:f7:83:70:d0:b6:45:5d:84:
76:cf:d5:2d:48:aa:df:dd:8e:03:53:a9:df:e7:30:1e:ec:e3:
21:93:8b:ee:96:a5:fd:30:7c:da:b7:8d:29:74:88:44:79:49:
4e:f5:22:fd:50:5b:e7:f9:eb:57:7c:fb:5f:83:76:46:e8:7e:
5f:f7:37:56:b8:94:03:a5:08:9d:0f:0f:c1:6b:f1:36:cc:71:
df:03:6d:df:68:67:1b:38:1d:ec:0d:5a:58:1b:2b:72:7a:fd:
67:40:3e:ac:1c:2b:ed:7f:f6:4a:b2:a1:56:21:01:ec:a1:ac:
65:db:c3:8f:8e:88:31:d1:0c:7b:33:f8:9f:03:d9:78:43:48:
c1:6f:e4:dc:b9:08:d5:54:7c:e1:3b:e4:1a:6b:4d:61:a4:80:
2b:86:31:97:93:a5:67:a1:d6:10:d7:b9:18:e6:a7:e5:d7:4d:
ff:67:97:38:70:8f:e3:02:63:7c:66:14:c2:b6:4e:f2:6b:09:
b1:c0:76:1d:84:ee:14:31:dd:3c:5f:27:1a:5d:0e:68:51:6a:
c1:95:5a:34:3d:aa:ad:52:7a:01:a1:76:2c:51:e5:dd:37:32:
d7:f2:51:10:5e:1b:16:48:b4:2a:6b:65:50:4d:93:36:b7:cd:
4d:53:2d:68
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECRb5cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ0MzEyMTM2Mjgy
YWU3YWFkZjE5MmNkNGQ0NzE2ZjRjMDZmMjIwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFFrA+lyLwy66g5fiyRH690PjyQzitzYIBULhlgcM8BrwGy
zZsKx6OodV+WiNfL8TlSyO6y04vpSE1NJuzCEWS67WU9exxzat1or8y4zGcfLsWV
Kl/uguXWLf43WI9V4oM88HyLuN7Pa3MznaIZ1z+8G9Wuh+yrppX3+ZNvwfiK0Zo5
2z/ctyBfhzvv0n4HaTNOQoPVVw/tafXSqNK0fuJkKoVTM1ZieT9sU126rJ3wvT0E
CxPdES50WbTxpB2gIc2ynliS8utGzurNDaRKN2bDov3UmPRSIyAbth/81LFlQ0LH
+U7Pz0iet6EtQeFpTofREIfHcnNdAleG2y9MSrECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS9QxITYoKueq3xks1NRxb0wG8iBzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L3ZVTVNFMktDcm5xdDhaTE5UVWNXOU1CdklnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/6TANBgkqhkiG9w0BAQsF
AAOCAQEAkWTlUp7vOyMYp/eDcNC2RV2Eds/VLUiq392OA1Op3+cwHuzjIZOL7pal
/TB82reNKXSIRHlJTvUi/VBb5/nrV3z7X4N2Ruh+X/c3VriUA6UInQ8PwWvxNsxx
3wNt32hnGzgd7A1aWBsrcnr9Z0A+rBwr7X/2SrKhViEB7KGsZdvDj46IMdEMezP4
nwPZeENIwW/k3LkI1VR84TvkGmtNYaSAK4Yxl5OlZ6HWENe5GOan5ddN/2eXOHCP
4wJjfGYUwrZO8msJscB2HYTuFDHdPF8nGl0OaFFqwZVaND2qrVJ6AaF2LFHl3Tcy
1/JREF4bFki0KmtlUE2TNrfNTVMtaA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org