Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4N5nbyPi1bijLdSJfnde4XhZ-uQ.roa
File: 4N5nbyPi1bijLdSJfnde4XhZ-uQ.roa (raw, json)
Hash identifier: H5qQ7e+YWKqAd0zzChgEs0VRqFW5m7UwaURcYerqMUo=
Subject key identifier: E0:DE:67:6F:23:E2:D5:B8:A3:2D:D4:89:7E:77:5E:E1:78:59:FA:E4
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08CD170E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4N5nbyPi1bijLdSJfnde4XhZ-uQ.roa
Signing time: Sat 01 Jan 2022 14:02:07 +0000
ROA not before: Sat 01 Jan 2022 14:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213126
IP address blocks: 2a0e:8f02:f001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147658510 (0x8cd170e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0de676f23e2d5b8a32dd4897e775ee17859fae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:03:70:4e:d8:0b:c6:57:7d:ab:df:21:4a:5a:
7e:8b:db:9d:f1:e8:d1:2b:dc:9e:a3:2f:13:d0:ff:
9a:7a:eb:12:93:00:61:3b:db:05:37:87:97:9d:e0:
23:8f:4d:65:de:71:6c:00:7b:eb:bb:e0:76:e8:c0:
13:2f:21:10:cb:85:71:3f:a6:c8:bb:f7:02:aa:b6:
7c:fd:94:77:96:bd:ed:2b:66:0c:d7:a6:d1:1c:d3:
d2:06:3b:77:46:95:0f:41:90:00:ee:47:dd:65:78:
43:d2:12:9c:e3:a8:82:e5:8b:69:61:42:a9:2a:c9:
88:a4:a1:c5:40:cb:60:42:ce:05:02:2a:15:6e:10:
c6:18:75:51:53:b9:71:a7:0b:3e:c3:d3:28:31:8c:
c7:b4:2a:bf:cc:3f:48:aa:cd:7b:b2:67:c7:33:c6:
8d:d5:f8:41:35:ec:1f:27:d5:48:73:54:fb:a5:15:
46:d7:9f:1f:93:55:39:79:a6:9f:67:71:73:f9:7d:
91:a2:19:8e:53:ac:a7:ef:bd:11:b8:4e:3d:3f:f1:
65:2c:7b:e2:eb:cc:01:9b:3e:97:ed:ec:c2:4d:28:
df:f7:31:d5:70:f6:70:d3:e2:c3:ad:d7:53:c0:43:
5f:73:0c:84:c0:ee:aa:b6:7f:f6:52:5e:29:b5:27:
c4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DE:67:6F:23:E2:D5:B8:A3:2D:D4:89:7E:77:5E:E1:78:59:FA:E4
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4N5nbyPi1bijLdSJfnde4XhZ-uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f001::/48
Signature Algorithm: sha256WithRSAEncryption
52:f1:ec:fa:1c:35:06:bc:1e:d6:52:7b:72:c8:a8:5c:6d:b2:
89:a1:e7:57:a2:a4:5a:7b:88:ed:4d:1b:59:10:7c:e3:22:09:
3b:24:71:4a:e7:a0:79:7f:fb:1c:ca:db:12:4b:ed:32:fc:9a:
7b:e2:7a:7c:5c:10:a2:5a:e2:cb:92:e5:43:a1:ea:2f:7d:51:
60:ae:93:9c:18:f2:1e:75:42:23:c5:46:fb:67:ed:6f:e2:d9:
4d:88:b4:9f:c1:22:69:71:6b:da:d3:4d:e9:3f:43:17:40:5c:
25:82:fc:20:6f:b4:45:2c:01:c8:d4:3d:66:a3:da:21:23:39:
52:37:a9:dd:83:19:4d:10:af:b7:2a:1c:cf:1e:8e:fb:2a:1b:
da:d5:ad:55:a6:0c:5e:73:2f:79:88:66:24:aa:25:95:eb:b8:
72:64:32:74:58:7b:82:c2:37:00:e5:71:ff:e0:f1:b2:4c:ba:
ca:98:a2:94:dc:4f:05:d7:82:02:80:fe:22:5b:d2:0a:b6:92:
f3:91:c1:85:86:6f:8a:1f:68:21:b2:54:75:8a:6e:87:51:9f:
ff:81:a4:37:d0:c7:17:e1:b6:fa:ad:34:cc:db:19:84:7a:c2:
c5:29:51:21:2d:b2:27:ec:72:91:3e:c9:6c:66:5b:7a:0b:7b:
23:1d:22:94
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECM0XDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBkZTY3NmYyM2Uy
ZDViOGEzMmRkNDg5N2U3NzVlZTE3ODU5ZmFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIDcE7YC8ZXfavfIUpafovbnfHo0SvcnqMvE9D/mnrrEpMA
YTvbBTeHl53gI49NZd5xbAB767vgdujAEy8hEMuFcT+myLv3Aqq2fP2Ud5a97Stm
DNem0RzT0gY7d0aVD0GQAO5H3WV4Q9ISnOOoguWLaWFCqSrJiKShxUDLYELOBQIq
FW4Qxhh1UVO5cacLPsPTKDGMx7Qqv8w/SKrNe7JnxzPGjdX4QTXsHyfVSHNU+6UV
RtefH5NVOXmmn2dxc/l9kaIZjlOsp++9EbhOPT/xZSx74uvMAZs+l+3swk0o3/cx
1XD2cNPiw63XU8BDX3MMhMDuqrZ/9lJeKbUnxMECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTg3mdvI+LVuKMt1Il+d17heFn65DAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzRONW5ieVBpMWJpakxkU0pmbmRlNFhoWi11US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwATANBgkqhkiG9w0BAQsF
AAOCAQEAUvHs+hw1Brwe1lJ7csioXG2yiaHnV6KkWnuI7U0bWRB84yIJOyRxSueg
eX/7HMrbEkvtMvyae+J6fFwQolriy5LlQ6HqL31RYK6TnBjyHnVCI8VG+2ftb+LZ
TYi0n8EiaXFr2tNN6T9DF0BcJYL8IG+0RSwByNQ9ZqPaISM5Ujep3YMZTRCvtyoc
zx6O+yob2tWtVaYMXnMveYhmJKolleu4cmQydFh7gsI3AOVx/+Dxsky6ypiilNxP
BdeCAoD+IlvSCraS85HBhYZvih9oIbJUdYpuh1Gf/4GkN9DHF+G2+q00zNsZhHrC
xSlRIS2yJ+xykT7JbGZbegt7Ix0ilA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org