Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xtxxKxjw6YPqwL8y4KXx-2eI3c4.roa
File: xtxxKxjw6YPqwL8y4KXx-2eI3c4.roa (raw, json)
Hash identifier: CW7Fs3bPZ3D9lXm7fC3g11b2813TD0d2dSJmZmtAYYU=
Subject key identifier: C6:DC:71:2B:18:F0:E9:83:EA:C0:BF:32:E0:A5:F1:FB:67:88:DD:CE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184D2EABAE692FF6DD4368F71BE57F46C85
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xtxxKxjw6YPqwL8y4KXx-2eI3c4.roa
Signing time: Fri 02 Dec 2022 12:58:29 +0000
ROA not before: Fri 02 Dec 2022 12:58:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211772
IP address blocks: 2a0b:b81::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:ea:ba:e6:92:ff:6d:d4:36:8f:71:be:57:f4:6c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 2 12:58:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6dc712b18f0e983eac0bf32e0a5f1fb6788ddce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:38:ad:64:5b:8c:78:d2:fd:bd:66:20:e4:9e:
d1:f5:13:71:7f:bc:c5:9f:fa:7c:11:61:58:67:54:
26:31:35:ba:23:0a:35:df:6b:9a:1e:a3:10:31:de:
0c:28:35:6d:0d:9d:ea:b9:94:6e:0b:59:80:3f:51:
af:2d:e9:89:9d:09:21:06:89:97:68:37:e6:4d:ec:
45:22:5e:4d:12:a8:db:d4:41:43:58:1d:da:8f:f3:
c1:d9:63:93:9b:c8:ca:0d:24:1c:4a:cd:86:b5:8d:
6b:17:c2:26:4a:d0:0b:a4:f1:35:c9:e5:14:09:46:
7b:f7:45:c5:e8:6d:2f:8c:5f:9a:44:1b:11:6f:83:
36:ee:64:a0:0a:b6:61:bc:f6:db:8e:36:cc:f8:5a:
63:a1:45:0a:fb:29:05:65:5c:8d:72:21:bd:50:28:
7f:bc:ef:e8:de:54:13:60:6a:a9:09:4d:a6:e2:e7:
9d:ca:25:d0:3a:d6:42:43:11:6d:e5:bc:7e:01:f2:
06:9d:2c:e9:8d:11:45:8d:ec:b3:8f:55:4c:78:50:
59:38:61:86:fc:f6:e8:dd:0d:7c:b3:a8:ca:fe:85:
56:e4:b5:d4:bb:8c:e7:72:4b:f5:57:4d:a0:27:59:
ef:0e:50:30:bc:66:36:73:23:4b:85:ab:32:5a:2d:
9a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DC:71:2B:18:F0:E9:83:EA:C0:BF:32:E0:A5:F1:FB:67:88:DD:CE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/xtxxKxjw6YPqwL8y4KXx-2eI3c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b81::/46
Signature Algorithm: sha256WithRSAEncryption
dc:0e:94:01:d1:a4:ef:82:18:45:46:7c:31:a3:af:76:d0:d3:
61:a6:af:51:31:2e:bf:ec:10:1f:fd:7d:2d:de:a1:da:b0:bc:
14:6a:d1:f8:8d:89:47:31:bb:3e:dd:e2:ef:63:14:1e:4b:94:
70:58:48:65:31:f0:d0:b0:ea:5d:20:f3:8a:b3:be:bd:94:6c:
69:62:4f:74:a8:09:46:52:3a:d5:ef:51:8a:20:48:60:5f:25:
f0:4a:8f:8e:f2:b5:56:7c:ea:fc:22:46:a0:32:ff:ca:15:f2:
7c:50:90:82:f6:92:13:74:e4:00:28:da:4f:33:2a:3a:71:9c:
15:05:79:5b:a8:a5:e7:70:eb:5b:30:bb:cf:01:11:d4:43:87:
f6:97:c8:04:45:f8:0b:7c:97:ab:8f:f5:3f:82:40:74:bb:33:
29:dd:d7:7d:d6:60:92:9c:2b:1d:9e:d9:4c:dc:31:f1:17:c9:
09:03:62:39:56:c8:de:55:0f:d7:3e:03:3f:26:4c:a3:9b:14:
48:50:b0:1a:11:8c:aa:ef:76:33:35:c4:f8:6e:d7:af:36:35:
5e:48:0d:a7:a6:51:f5:f9:83:3c:a0:d2:62:9e:df:47:f3:f1:
79:27:67:2c:d7:b3:69:6a:0b:73:fd:51:98:3f:60:4c:96:0f:
12:8b:59:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTS6rrmkv9t1DaPcb5X9GyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMjAyMTI1ODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRjNzEyYjE4ZjBlOTgzZWFjMGJmMzJlMGE1ZjFmYjY3ODhkZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjitZFuMeNL9vWYg5J7R9RNxf7zF
n/p8EWFYZ1QmMTW6Iwo132uaHqMQMd4MKDVtDZ3quZRuC1mAP1GvLemJnQkhBomX
aDfmTexFIl5NEqjb1EFDWB3aj/PB2WOTm8jKDSQcSs2GtY1rF8ImStALpPE1yeUU
CUZ790XF6G0vjF+aRBsRb4M27mSgCrZhvPbbjjbM+FpjoUUK+ykFZVyNciG9UCh/
vO/o3lQTYGqpCU2m4uedyiXQOtZCQxFt5bx+AfIGnSzpjRFFjeyzj1VMeFBZOGGG
/Pbo3Q18s6jK/oVW5LXUu4znckv1V02gJ1nvDlAwvGY2cyNLhasyWi2a/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMbccSsY8OmD6sC/MuCl8ftniN3OMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEveHR4eEt4anc2WVBxd0w4eTRLWHgtMmVJM2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgsLgQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDcDpQB0aTvghhFRnwxo6920NNhpq9RMS6/7BAf
/X0t3qHasLwUatH4jYlHMbs+3eLvYxQeS5RwWEhlMfDQsOpdIPOKs769lGxpYk90
qAlGUjrV71GKIEhgXyXwSo+O8rVWfOr8IkagMv/KFfJ8UJCC9pITdOQAKNpPMyo6
cZwVBXlbqKXncOtbMLvPARHUQ4f2l8gERfgLfJerj/U/gkB0uzMp3dd91mCSnCsd
ntlM3DHxF8kJA2I5VsjeVQ/XPgM/JkyjmxRIULAaEYyq73YzNcT4btevNjVeSA2n
plH1+YM8oNJint9H8/F5J2cs17Npagtz/VGYP2BMlg8Si1mY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org