Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/01s0GO_RI00UDxDQyXt0tixb-oc.roa
File: 01s0GO_RI00UDxDQyXt0tixb-oc.roa (raw, json)
Hash identifier: jaO/FcibVi0M3GO0RyAG+LCvArU/V4BLHyIOEQNs7xw=
Subject key identifier: D3:5B:34:18:EF:D1:23:4D:14:0F:10:D0:C9:7B:74:B6:2C:5B:FA:87
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 0183761766BE9A737B4BAD02A951FB0FF111
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/01s0GO_RI00UDxDQyXt0tixb-oc.roa
Signing time: Sun 25 Sep 2022 19:19:48 +0000
ROA not before: Sun 25 Sep 2022 19:19:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211522
IP address blocks: 2a05:4140:202::/48 maxlen: 48
2a05:4145:1::/48 maxlen: 48
2a05:4140:200::/40 maxlen: 48
2a05:4145::/32 maxlen: 48
2a05:4140:201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:76:17:66:be:9a:73:7b:4b:ad:02:a9:51:fb:0f:f1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Sep 25 19:19:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d35b3418efd1234d140f10d0c97b74b62c5bfa87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b5:2d:27:43:6a:a2:ba:fa:02:f8:b6:ac:a3:
d8:44:2b:39:1b:d7:56:a5:e5:d4:a1:d5:f4:c6:44:
4f:08:23:70:b2:96:3c:62:3f:88:bd:51:97:e7:3a:
84:21:ba:27:9d:37:00:aa:29:30:2d:89:d7:0e:82:
e3:57:13:c6:96:64:ee:bf:62:71:7f:51:34:97:c4:
55:61:93:d7:3e:3a:97:7c:86:23:0f:84:15:47:9e:
09:9d:36:72:4b:be:2d:87:97:91:23:1b:e5:bf:a5:
1d:2e:b1:ba:cd:35:59:1f:5f:b3:3e:da:61:06:9a:
ae:16:c3:ca:de:e3:79:31:ad:2e:12:aa:7e:3b:57:
b8:d7:5d:4e:0a:df:b7:67:1c:af:94:ff:17:6e:22:
96:71:1b:a0:3e:3f:62:65:50:30:04:32:1d:23:29:
e2:16:bb:87:8e:53:45:47:a2:b7:81:ed:35:f8:7b:
87:02:4b:73:a5:36:c2:e4:18:bf:ed:47:1d:49:29:
f2:39:3a:a9:5d:ee:67:84:32:03:3d:18:78:0b:67:
a3:d3:e3:22:2e:b6:6d:87:17:92:cb:97:6b:e6:21:
0e:68:15:e1:84:8e:6d:d5:27:c0:b3:5e:3b:6f:a0:
18:d9:b9:11:4d:67:cf:b6:02:20:99:ee:7e:c4:a7:
9f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5B:34:18:EF:D1:23:4D:14:0F:10:D0:C9:7B:74:B6:2C:5B:FA:87
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/01s0GO_RI00UDxDQyXt0tixb-oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:200::/40
2a05:4145::/32
Signature Algorithm: sha256WithRSAEncryption
80:a9:f1:04:29:e0:b0:22:94:52:e3:43:bf:df:c1:18:a0:e9:
22:ff:f5:93:25:f0:0e:09:cc:fa:b5:e1:6e:18:ba:17:2a:51:
e2:f1:f3:15:6d:43:01:25:50:81:8c:ca:d0:50:b5:30:bd:0a:
94:5b:ba:da:ec:77:cb:39:c7:12:36:0e:9b:96:7d:53:73:c2:
71:3d:eb:7d:76:a9:d5:46:6c:10:41:bc:d4:a6:c4:fb:b8:09:
9d:cd:22:24:01:dc:fd:e3:2b:6a:90:d6:9c:ed:9d:99:70:2c:
d9:42:31:ab:63:a9:cc:42:5d:24:ff:ba:3e:1f:4c:3f:b6:89:
ea:00:5b:4e:32:c3:80:67:da:9d:a2:5a:48:cf:24:80:3e:c3:
d8:f3:33:f4:98:21:27:a9:68:58:e9:cf:0f:40:c5:5f:25:46:
4f:43:ce:20:c1:73:a2:51:06:fa:26:5e:07:8f:3a:1a:0b:d9:
fb:06:3e:ba:ad:2b:f8:35:de:31:97:1e:02:b9:01:97:84:30:
9a:b9:07:bc:9d:2c:33:f6:f8:67:60:dc:10:c7:c9:2b:3b:e6:
f1:74:0d:69:09:9e:58:40:16:a8:70:79:57:29:47:92:8d:20:
89:ac:27:90:7c:17:ca:bb:97:ca:95:52:82:c0:71:35:c7:40:
e8:f7:f0:09
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYN2F2a+mnN7S60CqVH7D/ERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIwOTI1MTkxOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzViMzQxOGVmZDEyMzRkMTQwZjEwZDBjOTdiNzRiNjJjNWJmYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7UtJ0Nqorr6Avi2rKPYRCs5G9dW
peXUodX0xkRPCCNwspY8Yj+IvVGX5zqEIbonnTcAqikwLYnXDoLjVxPGlmTuv2Jx
f1E0l8RVYZPXPjqXfIYjD4QVR54JnTZyS74th5eRIxvlv6UdLrG6zTVZH1+zPtph
BpquFsPK3uN5Ma0uEqp+O1e4111OCt+3ZxyvlP8XbiKWcRugPj9iZVAwBDIdIyni
FruHjlNFR6K3ge01+HuHAktzpTbC5Bi/7UcdSSnyOTqpXe5nhDIDPRh4C2ej0+Mi
LrZthxeSy5dr5iEOaBXhhI5t1SfAs147b6AY2bkRTWfPtgIgme5+xKef9wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFNNbNBjv0SNNFA8Q0Ml7dLYsW/qHMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvMDFzMEdPX1JJMDBVRHhEUXlYdDB0aXhiLW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYAKgVBQAID
BQAqBUFFMA0GCSqGSIb3DQEBCwUAA4IBAQCAqfEEKeCwIpRS40O/38EYoOki//WT
JfAOCcz6teFuGLoXKlHi8fMVbUMBJVCBjMrQULUwvQqUW7ra7HfLOccSNg6bln1T
c8JxPet9dqnVRmwQQbzUpsT7uAmdzSIkAdz94ytqkNac7Z2ZcCzZQjGrY6nMQl0k
/7o+H0w/tonqAFtOMsOAZ9qdolpIzySAPsPY8zP0mCEnqWhY6c8PQMVfJUZPQ84g
wXOiUQb6Jl4HjzoaC9n7Bj66rSv4Nd4xlx4CuQGXhDCauQe8nSwz9vhnYNwQx8kr
O+bxdA1pCZ5YQBaocHlXKUeSjSCJrCeQfBfKu5fKlVKCwHE1x0Do9/AJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org