Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/zBHDqUhSQ5AobzTT2HIP8_-qRj0.roa
File: zBHDqUhSQ5AobzTT2HIP8_-qRj0.roa (raw, json)
Hash identifier: 0y1RoIbQMOUObQXli+YAlWyzXK+XwjYNsPybcSCWks8=
Subject key identifier: CC:11:C3:A9:48:52:43:90:28:6F:34:D3:D8:72:0F:F3:FF:AA:46:3D
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018458B1E33CB357AB99F70C3D6F59E6A2AA
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/zBHDqUhSQ5AobzTT2HIP8_-qRj0.roa
Signing time: Tue 08 Nov 2022 19:22:43 +0000
ROA not before: Tue 08 Nov 2022 19:22:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203363
IP address blocks: 2a05:4140:700::/40 maxlen: 40
2a05:4140:800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:58:b1:e3:3c:b3:57:ab:99:f7:0c:3d:6f:59:e6:a2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Nov 8 19:22:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc11c3a948524390286f34d3d8720ff3ffaa463d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f9:4b:41:ce:ad:04:e9:1d:db:30:34:1d:48:
24:eb:17:0c:95:06:ab:b9:2f:a1:5a:18:fb:a1:aa:
d9:14:ba:fc:84:1a:cf:d7:73:a7:83:12:b9:2e:50:
b7:e6:35:d1:81:e7:05:00:2a:89:c1:e9:d9:20:6e:
ca:02:b5:5c:d5:b7:0f:fc:91:10:a8:9f:d1:ad:81:
32:d3:54:be:5e:4d:5e:74:71:82:74:bc:b6:90:50:
65:a3:e6:3e:4f:26:af:45:7d:08:12:29:0b:44:c0:
14:a9:8c:41:2b:b3:43:ac:49:f3:aa:ad:b5:27:ec:
ea:2e:3b:ff:20:8d:bf:37:f8:73:80:10:e2:27:8f:
31:53:bf:49:7d:f2:85:13:bc:6a:00:41:79:d5:54:
11:dc:1a:4e:48:e6:1e:38:f2:a6:9e:82:a0:53:69:
27:a1:d2:f9:04:18:e5:61:eb:99:91:7e:67:81:c8:
cc:88:5f:b2:23:fc:40:67:fc:ed:9f:c0:3a:0c:29:
e9:76:ba:00:e9:bb:b4:66:c4:f3:48:12:fd:88:f2:
58:70:65:d0:48:1e:85:2a:0a:9f:f4:38:52:1f:e2:
19:88:11:fc:76:5c:65:40:06:65:1d:0d:91:f4:52:
97:86:c2:f2:a3:b9:7d:40:47:e0:80:6f:3f:4a:fc:
1a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:11:C3:A9:48:52:43:90:28:6F:34:D3:D8:72:0F:F3:FF:AA:46:3D
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/zBHDqUhSQ5AobzTT2HIP8_-qRj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:700::-2a05:4140:8ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0d:72:34:a6:96:f0:e4:00:9d:ee:fa:ec:a8:f8:61:6c:f3:ff:
bf:ce:b4:c6:6e:68:1a:88:eb:83:45:a5:2d:1b:e5:64:24:34:
29:92:4c:8e:af:ce:11:90:94:82:9f:3b:55:e2:e5:e7:a0:df:
fc:d6:78:a1:95:01:27:0e:5b:6e:8e:04:d9:31:e4:e7:6c:7b:
47:1e:62:d0:df:a1:38:80:10:f1:e5:01:80:49:c4:45:f1:a2:
9d:a8:7d:7b:35:e2:2c:2f:a9:c7:e6:52:78:b0:40:b0:f2:96:
0b:b1:5a:36:f2:03:06:73:bc:c5:80:26:dc:dd:31:46:1d:c7:
dd:26:48:e3:f8:21:04:32:45:b7:9d:31:de:b6:53:42:41:b4:
58:f6:6f:0b:fe:60:2d:56:82:39:0e:71:8e:bb:24:96:66:5d:
a0:4e:f9:96:f3:13:b8:78:dc:37:db:2a:92:bb:79:55:05:a7:
c8:ca:67:ed:e9:47:58:33:d6:4c:d4:9e:35:92:f2:0c:3c:a3:
fc:c4:41:fa:42:09:4d:7a:0e:da:e4:6f:19:72:ac:b7:ee:16:
ba:c5:cc:73:e4:59:99:3e:56:eb:10:df:8c:8e:61:6b:98:af:
a7:8c:1a:1e:58:ef:ef:0f:7d:d7:70:48:8c:f0:e5:e8:e1:a7:
7f:34:35:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRYseM8s1ermfcMPW9Z5qKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIxMTA4MTkyMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzExYzNhOTQ4NTI0MzkwMjg2ZjM0ZDNkODcyMGZmM2ZmYWE0NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlflLQc6tBOkd2zA0HUgk6xcMlQar
uS+hWhj7oarZFLr8hBrP13OngxK5LlC35jXRgecFACqJwenZIG7KArVc1bcP/JEQ
qJ/RrYEy01S+Xk1edHGCdLy2kFBlo+Y+TyavRX0IEikLRMAUqYxBK7NDrEnzqq21
J+zqLjv/II2/N/hzgBDiJ48xU79JffKFE7xqAEF51VQR3BpOSOYeOPKmnoKgU2kn
odL5BBjlYeuZkX5ngcjMiF+yI/xAZ/ztn8A6DCnpdroA6bu0ZsTzSBL9iPJYcGXQ
SB6FKgqf9DhSH+IZiBH8dlxlQAZlHQ2R9FKXhsLyo7l9QEfggG8/SvwaLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMwRw6lIUkOQKG8009hyD/P/qkY9MB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvekJIRHFVaFNRNUFvYnpUVDJISVA4Xy1xUmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqBUFA
BwMGACoFQUAIMA0GCSqGSIb3DQEBCwUAA4IBAQANcjSmlvDkAJ3u+uyo+GFs8/+/
zrTGbmgaiOuDRaUtG+VkJDQpkkyOr84RkJSCnztV4uXnoN/81nihlQEnDltujgTZ
MeTnbHtHHmLQ36E4gBDx5QGAScRF8aKdqH17NeIsL6nH5lJ4sECw8pYLsVo28gMG
c7zFgCbc3TFGHcfdJkjj+CEEMkW3nTHetlNCQbRY9m8L/mAtVoI5DnGOuySWZl2g
TvmW8xO4eNw32yqSu3lVBafIymft6UdYM9ZM1J41kvIMPKP8xEH6QglNeg7a5G8Z
cqy37ha6xcxz5FmZPlbrEN+MjmFrmK+njBoeWO/vD33XcEiM8OXo4ad/NDUM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org