Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/f4LkA9u9rJBotoHs0Q04mf3lNwM.roa
File: f4LkA9u9rJBotoHs0Q04mf3lNwM.roa (raw, json)
Hash identifier: GQtEljK3a7QsQsrr14zmvROKzecjFoVup4d4o1YQ8r4=
Subject key identifier: 7F:82:E4:03:DB:BD:AC:90:68:B6:81:EC:D1:0D:38:99:FD:E5:37:03
Certificate issuer: /CN=1da97cae7de6b29e56f0259af53c95926034a502
Certificate serial: 07E75BA1
Authority key identifier: 1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/f4LkA9u9rJBotoHs0Q04mf3lNwM.roa
Signing time: Thu 20 Jan 2022 10:56:40 +0000
ROA not before: Thu 20 Jan 2022 10:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38945
IP address blocks: 2a03:8600:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132602785 (0x7e75ba1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da97cae7de6b29e56f0259af53c95926034a502
Validity
Not Before: Jan 20 10:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f82e403dbbdac9068b681ecd10d3899fde53703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:25:40:e9:b5:1e:8a:c1:50:d1:7b:fb:81:
ad:04:1d:71:32:4b:cc:9f:1b:d7:31:34:5c:c2:05:
f3:60:9e:46:d6:7b:c8:e4:4e:f5:b4:8d:ff:7f:7f:
3d:a4:ef:d3:13:f4:d8:99:5c:dd:26:d4:65:89:97:
e3:f2:a1:c2:f6:37:d2:73:91:10:a9:c0:fa:25:52:
7e:01:d0:7e:b9:fb:9a:70:1c:a6:38:a9:22:06:44:
b6:da:da:f7:48:b4:00:4a:ec:e3:96:7a:37:c6:86:
f4:dc:fe:9f:bb:b1:58:b8:4d:ca:88:e1:55:84:6b:
b3:ce:29:ad:58:f9:cc:d4:01:3e:3e:c6:96:57:dd:
81:a8:b5:27:2a:59:63:06:b9:b4:0a:e1:fb:d8:1f:
9f:f1:36:1c:34:c4:c1:94:50:ea:7a:eb:bd:a8:26:
bf:f6:51:68:31:f4:ee:cd:04:66:55:ac:c5:2b:4f:
cb:62:2e:da:ac:c9:0d:80:9e:3e:75:e3:a7:73:e7:
02:81:7c:ca:e9:86:52:34:87:b8:81:b3:0d:2f:1f:
04:71:46:37:12:89:fc:a6:d0:e8:ae:aa:c7:d6:7c:
22:59:52:b5:ca:01:dc:e3:91:aa:d8:5b:e3:1a:ed:
30:ca:21:b7:3e:ff:70:2b:11:ba:e6:f5:c8:77:d5:
d7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:82:E4:03:DB:BD:AC:90:68:B6:81:EC:D1:0D:38:99:FD:E5:37:03
X509v3 Authority Key Identifier:
keyid:1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/f4LkA9u9rJBotoHs0Q04mf3lNwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:8600:1::/48
Signature Algorithm: sha256WithRSAEncryption
16:29:20:14:dd:3a:74:64:53:bb:05:48:ba:b3:bd:a0:66:a0:
a3:af:36:78:a2:c8:86:1f:40:51:f1:1c:2f:1e:f0:48:cd:c0:
70:d7:25:95:37:20:02:f8:b2:a4:66:f0:03:dc:62:4f:f0:76:
e8:67:21:78:e3:f6:df:40:f3:88:15:b8:44:00:e6:37:77:75:
12:fd:cd:f7:0b:cb:f8:7d:ed:bb:5b:d4:75:dd:af:85:32:97:
85:fa:9d:d3:06:de:32:43:ff:f4:6f:51:bd:4a:67:69:43:d0:
77:c2:0e:49:3b:01:fa:a3:fb:9b:de:b2:03:21:1b:73:5c:8a:
b8:cc:dc:62:42:e1:74:73:8c:19:8a:7f:c2:33:ec:16:bd:00:
e7:2e:8d:c0:10:96:75:a9:5a:cb:cc:26:f3:5e:11:1e:f0:8c:
ca:ff:6e:94:7f:01:b8:5b:af:92:92:64:11:03:00:7c:e2:b3:
94:67:01:85:3d:a6:5d:42:3e:de:3b:02:58:85:90:43:ec:81:
87:8f:12:1e:38:86:a2:f7:68:1a:52:21:33:74:02:16:c0:dc:
1e:f9:10:70:87:96:39:b8:f7:52:f1:ec:d8:e9:85:30:b9:37:
34:62:c9:1f:31:20:1e:54:7f:a1:f1:b6:4a:e0:d3:b6:27:ad:
94:88:b0:f2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB+dboTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGE5N2NhZTdkZTZiMjllNTZmMDI1OWFmNTNjOTU5MjYwMzRhNTAyMB4XDTIyMDEy
MDEwNTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y4MmU0MDNkYmJk
YWM5MDY4YjY4MWVjZDEwZDM4OTlmZGU1MzcwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgJJUDptR6KwVDRe/uBrQQdcTJLzJ8b1zE0XMIF82CeRtZ7
yORO9bSN/39/PaTv0xP02Jlc3SbUZYmX4/KhwvY30nOREKnA+iVSfgHQfrn7mnAc
pjipIgZEttra90i0AErs45Z6N8aG9Nz+n7uxWLhNyojhVYRrs84prVj5zNQBPj7G
llfdgai1JypZYwa5tArh+9gfn/E2HDTEwZRQ6nrrvagmv/ZRaDH07s0EZlWsxStP
y2Iu2qzJDYCePnXjp3PnAoF8yumGUjSHuIGzDS8fBHFGNxKJ/KbQ6K6qx9Z8IllS
tcoB3OORqthb4xrtMMohtz7/cCsRuub1yHfV11sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR/guQD272skGi2gezRDTiZ/eU3AzAfBgNVHSMEGDAWgBQdqXyufeaynlbw
JZr1PJWSYDSlAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhbDhybjNtc3A1VzhDV2E5VHlWa21BMHBRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8x
L2Y0TGtBOXU5ckpCb3RvSHMwUTA0bWYzbE53TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8xL0hhbDhybjNtc3A1
VzhDV2E5VHlWa21BMHBRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDhgAAATANBgkqhkiG9w0BAQsF
AAOCAQEAFikgFN06dGRTuwVIurO9oGago682eKLIhh9AUfEcLx7wSM3AcNcllTcg
AviypGbwA9xiT/B26GcheOP230DziBW4RADmN3d1Ev3N9wvL+H3tu1vUdd2vhTKX
hfqd0wbeMkP/9G9RvUpnaUPQd8IOSTsB+qP7m96yAyEbc1yKuMzcYkLhdHOMGYp/
wjPsFr0A5y6NwBCWdalay8wm814RHvCMyv9ulH8BuFuvkpJkEQMAfOKzlGcBhT2m
XUI+3jsCWIWQQ+yBh48SHjiGovdoGlIhM3QCFsDcHvkQcIeWObj3UvHs2OmFMLk3
NGLJHzEgHlR/ofG2SuDTtietlIiw8g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org