Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/S4zGXcjfixMqGo0MtkfcXfzqZOw.roa
File: S4zGXcjfixMqGo0MtkfcXfzqZOw.roa (raw, json)
Hash identifier: nwzLvJIKKRNWfdqM9ritnvApPrW+KjJjKh8+6z4IXdg=
Subject key identifier: 4B:8C:C6:5D:C8:DF:8B:13:2A:1A:8D:0C:B6:47:DC:5D:FC:EA:64:EC
Certificate issuer: /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial: 0185355EE92105536CBAAC4FCDE69C61FA84
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/S4zGXcjfixMqGo0MtkfcXfzqZOw.roa
Signing time: Wed 21 Dec 2022 15:48:10 +0000
ROA not before: Wed 21 Dec 2022 15:48:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9186
IP address blocks: 2a09:5640:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:5e:e9:21:05:53:6c:ba:ac:4f:cd:e6:9c:61:fa:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Validity
Not Before: Dec 21 15:48:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b8cc65dc8df8b132a1a8d0cb647dc5dfcea64ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bb:bc:be:d4:3e:16:ef:a1:06:b0:13:c7:c7:
b0:a8:35:50:5c:ab:f6:f3:bb:ca:25:91:9f:4e:15:
cf:ad:84:39:3d:d1:0f:ab:06:d2:dc:f9:36:ce:78:
7b:5c:66:2c:1c:a0:a0:70:6a:c9:b4:3f:c1:b1:f4:
cd:4b:e3:66:87:51:a7:eb:18:41:f2:34:d1:93:19:
f3:6b:bd:a9:9c:4f:3d:1c:c9:ee:18:99:0e:a9:0c:
9e:cb:09:69:bf:7b:37:05:ed:de:d4:3f:47:73:f6:
4a:00:55:1e:df:30:ac:1d:46:e9:70:98:e0:b5:1a:
3f:d6:10:fa:44:37:65:4a:1a:1b:51:ef:63:d1:26:
4b:0c:62:e5:f8:37:64:2e:59:11:39:b4:b6:fa:2e:
a8:60:f3:ec:d0:e4:20:8e:f8:18:d0:6c:a6:bc:60:
49:0a:ba:15:b4:d0:e0:0c:4c:f0:ed:89:1f:85:0e:
15:9f:4a:8f:8b:ec:78:0f:41:ea:b5:21:68:a3:3c:
14:df:93:56:6f:28:79:5a:22:50:09:9d:c5:3f:d1:
96:be:d7:8c:f7:dc:02:ed:37:25:ee:4c:a4:af:49:
ad:e5:80:1c:08:34:50:6a:7d:21:a7:fa:0c:66:63:
ff:c3:1d:d2:0a:a1:7e:4c:77:c2:b4:0d:e2:ee:ac:
19:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8C:C6:5D:C8:DF:8B:13:2A:1A:8D:0C:B6:47:DC:5D:FC:EA:64:EC
X509v3 Authority Key Identifier:
keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/S4zGXcjfixMqGo0MtkfcXfzqZOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:5640:1::/48
Signature Algorithm: sha256WithRSAEncryption
24:13:b4:b8:44:63:c5:62:94:b0:6a:7b:f6:78:18:06:eb:39:
77:ad:f1:53:62:9f:c1:9c:98:89:85:b8:1e:38:21:76:b3:3f:
91:0d:fd:c6:3d:24:76:9e:34:23:7d:af:0c:4b:aa:3e:01:69:
ae:f8:cb:60:10:74:d8:c8:e4:97:f3:66:80:36:8d:a0:f0:5d:
08:89:9f:50:7c:b6:3c:f3:6e:07:40:bd:57:b4:f8:4b:86:12:
af:68:42:09:11:c1:0b:33:98:a5:e4:1e:d7:e5:20:b0:ce:ac:
06:d2:3e:4f:60:3a:b1:e3:f7:b7:8b:24:1a:c1:6b:44:f4:02:
1b:6c:99:3b:8a:dd:55:6a:1f:4f:f6:25:58:ad:85:85:d2:79:
26:db:5e:89:64:2b:cf:f4:07:5a:bc:7d:81:02:f2:2a:ed:9d:
39:55:0c:e5:84:12:8f:f6:6b:66:bc:d2:8f:da:6e:d5:31:c6:
72:fe:db:46:6e:d1:0d:68:15:51:51:cb:ce:0d:99:2a:e1:f6:
2b:d4:cb:13:e7:fb:bd:86:8a:2d:19:a7:22:2a:38:ff:35:82:
ad:35:0a:b1:29:fe:eb:8c:04:d0:20:69:45:6e:22:58:10:97:
a7:48:12:9e:b9:0c:73:c6:04:61:d7:29:c1:01:86:04:50:02:
4b:3c:68:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYU1XukhBVNsuqxPzeacYfqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjIxMjIxMTU0ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhjYzY1ZGM4ZGY4YjEzMmExYThkMGNiNjQ3ZGM1ZGZjZWE2NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLu8vtQ+Fu+hBrATx8ewqDVQXKv2
87vKJZGfThXPrYQ5PdEPqwbS3Pk2znh7XGYsHKCgcGrJtD/BsfTNS+Nmh1Gn6xhB
8jTRkxnza72pnE89HMnuGJkOqQyeywlpv3s3Be3e1D9Hc/ZKAFUe3zCsHUbpcJjg
tRo/1hD6RDdlShobUe9j0SZLDGLl+DdkLlkRObS2+i6oYPPs0OQgjvgY0GymvGBJ
CroVtNDgDEzw7YkfhQ4Vn0qPi+x4D0HqtSFoozwU35NWbyh5WiJQCZ3FP9GWvteM
99wC7Tcl7kykr0mt5YAcCDRQan0hp/oMZmP/wx3SCqF+THfCtA3i7qwZQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEuMxl3I34sTKhqNDLZH3F386mTsMB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvUzR6R1hjamZpeE1xR28wTXRrZmNYZnpxWk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKglWQAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAkE7S4RGPFYpSwanv2eBgG6zl3rfFTYp/BnJiJ
hbgeOCF2sz+RDf3GPSR2njQjfa8MS6o+AWmu+MtgEHTYyOSX82aANo2g8F0IiZ9Q
fLY8824HQL1XtPhLhhKvaEIJEcELM5il5B7X5SCwzqwG0j5PYDqx4/e3iyQawWtE
9AIbbJk7it1Vah9P9iVYrYWF0nkm216JZCvP9AdavH2BAvIq7Z05VQzlhBKP9mtm
vNKP2m7VMcZy/ttGbtENaBVRUcvODZkq4fYr1MsT5/u9hootGaciKjj/NYKtNQqx
Kf7rjATQIGlFbiJYEJenSBKeuQxzxgRh1ynBAYYEUAJLPGi+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:53 2023 by rpki-client on console-ams.rpki-client.org