Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xJchNRrTXh72HCfhbB28f4OYfuk.roa
File: xJchNRrTXh72HCfhbB28f4OYfuk.roa (raw, json)
Hash identifier: u/Q8CsVtQpLpi7wg9+sTmh7K39RCn9moN3igMeQ1ceU=
Subject key identifier: C4:97:21:35:1A:D3:5E:1E:F6:1C:27:E1:6C:1D:BC:7F:83:98:7E:E9
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01849ABAAE0BB0EB1E55F16FBCF80C741E29
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xJchNRrTXh72HCfhbB28f4OYfuk.roa
Signing time: Mon 21 Nov 2022 15:07:16 +0000
ROA not before: Mon 21 Nov 2022 15:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205749
IP address blocks: 2a0f:8ac1:d452::/48 maxlen: 48
2a0f:8ac1:a0a::/48 maxlen: 48
2a0b:b86:fe00::/40 maxlen: 48
2a0f:8ac1:574b::/48 maxlen: 48
2a0f:8ac1:d9a3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:ba:ae:0b:b0:eb:1e:55:f1:6f:bc:f8:0c:74:1e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 21 15:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c49721351ad35e1ef61c27e16c1dbc7f83987ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:02:c1:de:51:80:7a:6b:43:b0:0a:ad:62:
4f:3c:35:3e:d4:4e:a0:f1:28:a6:95:8a:0a:98:24:
e1:fd:1d:ee:75:a7:a9:ce:cb:69:0c:e7:b2:51:36:
d4:81:01:8c:30:12:fa:d6:8a:b8:10:f8:93:1a:55:
b1:56:f5:ca:4b:b7:f8:3e:64:4c:b2:38:91:a0:08:
25:d0:bd:1d:77:be:e2:ec:88:85:c7:26:ae:f4:6b:
77:6b:cd:46:36:47:79:0f:e2:44:b3:14:2a:98:92:
a8:ca:af:af:58:af:75:d4:3f:18:63:bd:ae:d1:44:
0e:3b:d8:77:e3:eb:01:62:6e:7b:c7:6a:ab:47:70:
f2:33:2e:41:67:22:12:27:be:27:94:e7:f5:21:80:
23:93:0c:5f:cb:f5:41:14:24:18:64:fc:bf:be:68:
ee:5c:93:df:bf:f1:fc:a2:7b:a1:ff:e1:07:17:2f:
b0:ec:48:8b:81:68:6a:b4:97:ac:aa:01:d5:0b:9d:
cf:80:85:94:c5:6e:17:4d:d2:65:2d:14:14:db:bc:
ab:40:0d:97:0d:1d:07:e3:83:a3:74:89:ef:3f:4f:
aa:6c:a6:21:76:d5:29:aa:e6:a0:ef:58:e3:d7:70:
56:77:1f:41:44:1c:36:05:54:48:96:38:55:8e:cc:
87:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:97:21:35:1A:D3:5E:1E:F6:1C:27:E1:6C:1D:BC:7F:83:98:7E:E9
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xJchNRrTXh72HCfhbB28f4OYfuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:fe00::/40
2a0f:8ac1:a0a::/48
2a0f:8ac1:574b::/48
2a0f:8ac1:d452::/48
2a0f:8ac1:d9a3::/48
Signature Algorithm: sha256WithRSAEncryption
7f:12:d1:d2:2c:95:83:2c:c0:e2:9b:b4:bd:05:30:17:7c:73:
7d:3d:b6:a2:b1:ff:a9:e1:a1:bc:aa:d4:f7:66:bb:07:e5:14:
5e:62:e6:80:b6:01:92:8e:8c:68:76:4b:6b:de:c8:df:ca:67:
6d:02:1f:2e:95:e3:d0:e9:99:d8:41:ba:98:ce:b8:9e:90:b8:
d3:6a:42:0e:6d:65:8b:3a:56:fe:40:32:98:66:92:d3:e5:d9:
8f:e1:ed:c6:8f:aa:c6:91:e7:46:86:85:c3:64:5d:4e:af:4c:
86:ad:59:47:7c:7a:9f:e0:4a:7f:e5:2f:a3:3b:90:52:17:91:
9f:2c:d4:0a:f7:11:c2:00:4d:4a:33:8f:0b:35:d5:9c:48:8a:
ca:dd:52:ea:90:38:23:c5:c0:d2:48:ff:44:3d:a6:b4:2d:32:
cb:56:56:ac:cb:1f:c7:6a:61:20:87:05:fc:82:62:6d:f9:20:
65:61:91:38:e2:4b:ee:12:2f:a6:eb:61:59:74:ae:56:bb:37:
f8:ce:76:6a:df:5f:66:d8:c1:47:43:b3:a2:85:3c:34:ab:a9:
de:4f:9c:e0:cf:34:cc:55:6c:1c:96:74:a8:6e:d2:8c:17:d3:
4d:19:5c:53:99:41:a5:69:07:ce:bc:61:e8:dc:73:45:cd:84:
0c:42:02:11
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYSauq4LsOseVfFvvPgMdB4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTIxMTUwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk3MjEzNTFhZDM1ZTFlZjYxYzI3ZTE2YzFkYmM3ZjgzOTg3ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnUCwd5RgHprQ7AKrWJPPDU+1E6g
8SimlYoKmCTh/R3udaepzstpDOeyUTbUgQGMMBL61oq4EPiTGlWxVvXKS7f4PmRM
sjiRoAgl0L0dd77i7IiFxyau9Gt3a81GNkd5D+JEsxQqmJKoyq+vWK911D8YY72u
0UQOO9h34+sBYm57x2qrR3DyMy5BZyISJ74nlOf1IYAjkwxfy/VBFCQYZPy/vmju
XJPfv/H8onuh/+EHFy+w7EiLgWhqtJesqgHVC53PgIWUxW4XTdJlLRQU27yrQA2X
DR0H44OjdInvP0+qbKYhdtUpquag71jj13BWdx9BRBw2BVRIljhVjsyHhwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMSXITUa014e9hwn4WwdvH+DmH7pMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEveEpjaE5SclRYaDcySENmaGJCMjhmNE9ZZnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwYAKgsLhv4D
BwAqD4rBCgoDBwAqD4rBV0sDBwAqD4rB1FIDBwAqD4rB2aMwDQYJKoZIhvcNAQEL
BQADggEBAH8S0dIslYMswOKbtL0FMBd8c309tqKx/6nhobyq1PdmuwflFF5i5oC2
AZKOjGh2S2veyN/KZ20CHy6V49DpmdhBupjOuJ6QuNNqQg5tZYs6Vv5AMphmktPl
2Y/h7caPqsaR50aGhcNkXU6vTIatWUd8ep/gSn/lL6M7kFIXkZ8s1Ar3EcIATUoz
jws11ZxIisrdUuqQOCPFwNJI/0Q9prQtMstWVqzLH8dqYSCHBfyCYm35IGVhkTji
S+4SL6brYVl0rla7N/jOdmrfX2bYwUdDs6KFPDSrqd5PnODPNMxVbByWdKhu0owX
000ZXFOZQaVpB868Yejcc0XNhAxCAhE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org