Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/UsEj2Exqm7CxTz7JZgFIz-BKbHs.roa
File: UsEj2Exqm7CxTz7JZgFIz-BKbHs.roa (raw, json)
Hash identifier: IibB+b7HlJSL7L7tsnFhM1LprKB9ITQMKxemdEGnEC0=
Subject key identifier: 52:C1:23:D8:4C:6A:9B:B0:B1:4F:3E:C9:66:01:48:CF:E0:4A:6C:7B
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3E0341CD
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/UsEj2Exqm7CxTz7JZgFIz-BKbHs.roa
Signing time: Wed 16 Mar 2022 12:38:23 +0000
ROA not before: Wed 16 Mar 2022 12:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397518
IP address blocks: 2a01:488:bb17::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1040400845 (0x3e0341cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Mar 16 12:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52c123d84c6a9bb0b14f3ec9660148cfe04a6c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:93:fc:24:ee:1c:04:4b:35:d8:15:a0:52:
94:0c:ce:e2:a5:4b:9e:5b:c0:53:07:e4:42:71:fb:
f1:dc:2b:2c:1f:a5:63:53:96:b6:c8:47:f0:25:1e:
43:56:34:d4:4e:ee:ba:12:9e:35:51:63:7e:c9:3f:
ad:04:a9:d9:d4:e5:d2:d3:7d:b5:52:22:a4:f0:b0:
78:1f:c4:93:62:96:59:48:93:91:df:ab:84:84:7b:
b6:46:9a:cc:bb:9e:f1:b4:c4:ea:77:5c:4b:9d:30:
09:85:7b:56:f9:1c:2d:98:6d:1f:e6:07:72:ac:c1:
6e:92:55:7b:6e:61:54:a2:c9:10:88:f0:a9:6e:ad:
31:e9:e4:b7:e9:b5:5c:09:50:f0:3f:bf:6b:d6:50:
11:88:7a:f3:e5:3f:00:6f:08:3e:16:3b:75:bf:78:
36:76:44:73:fb:ca:05:ea:db:e0:eb:0b:d3:cf:5f:
70:c8:9c:65:7f:d7:5e:e5:a0:c2:3e:ff:f2:5e:f2:
f8:9f:8f:e6:80:72:47:be:8e:38:44:ec:9e:05:73:
6f:58:c6:27:ce:9e:b2:95:11:29:71:42:ed:69:c6:
91:d1:d5:d0:25:22:2e:89:21:63:a4:47:9e:80:3e:
80:d1:88:fc:23:79:a2:3e:ef:12:77:45:b5:cd:6e:
e5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C1:23:D8:4C:6A:9B:B0:B1:4F:3E:C9:66:01:48:CF:E0:4A:6C:7B
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/UsEj2Exqm7CxTz7JZgFIz-BKbHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb17::/48
Signature Algorithm: sha256WithRSAEncryption
2b:9a:18:e4:b6:b3:62:d3:ee:b8:6c:5c:67:d4:f1:b6:b9:45:
3f:1e:9d:09:a6:ec:ed:0c:cd:f5:b4:01:6d:bb:ea:ef:74:73:
8d:9a:57:81:4b:b7:e8:0d:c8:2c:99:21:35:d5:aa:92:43:d0:
b1:81:d9:cc:1a:3e:f5:91:a4:7e:73:b6:44:ae:b4:25:c9:56:
7c:1d:72:2c:e7:0f:5f:fa:1f:cd:06:13:48:da:bb:cc:2e:19:
8b:db:66:b5:95:c6:27:46:56:a5:45:15:3b:6f:6c:4d:9b:8f:
f1:b2:ee:a5:90:94:b3:70:d0:8f:5d:88:35:d6:6b:65:d8:cd:
0f:16:ea:ce:78:5c:15:11:a8:83:9d:a2:fa:83:ab:4d:c8:59:
3e:ac:e2:f0:65:40:51:8e:f5:de:86:37:65:d7:91:5c:3a:00:
20:0d:f4:0f:95:b8:81:23:40:0a:a4:3c:7a:bf:ed:77:be:04:
66:88:a0:76:79:22:31:2e:61:d3:2a:a4:ab:1e:53:70:5f:69:
83:3d:c4:0f:f6:7a:c7:a0:fa:74:b5:ca:e8:89:2f:fe:9f:4c:
cb:88:78:b5:f5:f8:69:c9:45:bd:f4:8f:c2:dc:4b:b2:8f:1a:
e8:04:b3:ba:58:67:c8:b6:df:26:d8:9d:f9:8e:2f:da:04:57:
b7:0f:95:21
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEPgNBzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDMx
NjEyMzgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJjMTIzZDg0YzZh
OWJiMGIxNGYzZWM5NjYwMTQ4Y2ZlMDRhNmM3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6Ik/wk7hwESzXYFaBSlAzO4qVLnlvAUwfkQnH78dwrLB+l
Y1OWtshH8CUeQ1Y01E7uuhKeNVFjfsk/rQSp2dTl0tN9tVIipPCweB/Ek2KWWUiT
kd+rhIR7tkaazLue8bTE6ndcS50wCYV7VvkcLZhtH+YHcqzBbpJVe25hVKLJEIjw
qW6tMenkt+m1XAlQ8D+/a9ZQEYh68+U/AG8IPhY7db94NnZEc/vKBerb4OsL089f
cMicZX/XXuWgwj7/8l7y+J+P5oByR76OOETsngVzb1jGJ86espURKXFC7WnGkdHV
0CUiLokhY6RHnoA+gNGI/CN5oj7vEndFtc1u5aUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRSwSPYTGqbsLFPPslmAUjP4EpsezAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L1VzRWoyRXhxbTdDeFR6N0paZ0ZJei1CS2JIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBIi7FzANBgkqhkiG9w0BAQsF
AAOCAQEAK5oY5LazYtPuuGxcZ9TxtrlFPx6dCabs7QzN9bQBbbvq73RzjZpXgUu3
6A3ILJkhNdWqkkPQsYHZzBo+9ZGkfnO2RK60JclWfB1yLOcPX/ofzQYTSNq7zC4Z
i9tmtZXGJ0ZWpUUVO29sTZuP8bLupZCUs3DQj12INdZrZdjNDxbqznhcFRGog52i
+oOrTchZPqzi8GVAUY713oY3ZdeRXDoAIA30D5W4gSNACqQ8er/td74EZoigdnki
MS5h0yqkqx5TcF9pgz3ED/Z6x6D6dLXK6Ikv/p9My4h4tfX4aclFvfSPwtxLso8a
6ASzulhnyLbfJtid+Y4v2gRXtw+VIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:08 2023 by rpki-client on console-fra.rpki-client.org