Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5NBjiR340iiY38XFZLraBtucH6U.roa
File: 5NBjiR340iiY38XFZLraBtucH6U.roa (raw, json)
Hash identifier: 6wmb0WTlEh6qhLlExWHJ0/j9IR4uDfwyp9atKQA9iq8=
Subject key identifier: E4:D0:63:89:1D:F8:D2:28:98:DF:C5:C5:64:BA:DA:06:DB:9C:1F:A5
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08ADA608
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5NBjiR340iiY38XFZLraBtucH6U.roa
Signing time: Sat 01 Jan 2022 14:01:46 +0000
ROA not before: Sat 01 Jan 2022 14:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210714
IP address blocks: 2a0e:8f02:2180::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145597960 (0x8ada608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4d063891df8d22898dfc5c564bada06db9c1fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:84:b3:36:ed:bb:29:39:63:32:c9:9c:27:cb:
fd:5b:d7:ae:d0:59:8c:33:77:09:1d:37:86:b6:e4:
4a:d9:dd:c4:ad:f6:97:27:be:ea:23:4d:92:d9:ab:
17:17:0c:c6:d9:32:9f:50:ef:43:0b:9e:21:df:ee:
2c:ea:c7:37:d1:b9:54:1c:12:0d:3a:47:61:06:b4:
cd:8f:2b:a9:da:27:b0:98:f1:5b:f4:d4:a8:54:b7:
6a:9f:dc:b9:32:cb:a9:40:54:43:82:2a:22:7b:09:
ac:57:d7:df:85:fb:2d:e6:ed:b9:8b:d0:f0:3e:04:
e0:ec:7b:78:d8:c0:07:1a:2b:7c:3e:64:1e:22:6d:
9d:a9:fe:55:f3:06:8d:92:85:d0:b4:c9:3d:46:d8:
3c:7b:66:1f:eb:3a:12:c7:2c:ba:9d:d6:d5:f0:bc:
e2:78:9d:79:a7:d6:c0:e7:4d:e0:8d:f7:68:c9:63:
0e:5a:10:c0:90:cd:c4:65:47:06:09:ff:7a:31:d5:
b5:bb:5c:ee:dd:fc:01:bc:8f:43:78:c2:40:ff:72:
02:c1:ae:44:a3:f0:fb:e7:90:c9:a9:87:5b:85:24:
30:d9:6f:a7:71:6d:5b:f6:a4:3a:de:2c:a3:23:2b:
51:d0:78:b9:f3:73:9d:44:00:ce:ec:8e:2c:96:f3:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D0:63:89:1D:F8:D2:28:98:DF:C5:C5:64:BA:DA:06:DB:9C:1F:A5
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5NBjiR340iiY38XFZLraBtucH6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2180::/44
Signature Algorithm: sha256WithRSAEncryption
62:14:04:e6:64:55:77:22:23:0c:92:57:2b:fb:6b:56:63:14:
31:f1:ba:ca:e7:67:d1:56:3f:71:be:83:9b:f2:f9:4e:32:ee:
01:49:bf:7d:ef:96:06:00:0e:d7:ca:b5:cd:35:9b:ec:30:94:
97:e2:dc:e6:d4:cd:74:fc:09:86:65:a2:34:c7:6d:30:13:ba:
10:03:f8:0a:83:a8:53:3b:95:b2:47:c9:f0:2e:26:60:36:0e:
c4:dd:f3:52:24:f1:1c:77:43:f1:02:f3:28:89:63:bf:0f:f3:
f5:df:d7:61:bb:11:50:59:05:f6:2f:00:ef:dc:ff:3c:7b:e0:
cb:e4:7d:ca:95:3e:97:d3:3c:f3:93:ac:8a:50:d6:e5:e1:c2:
4c:d5:82:6b:e3:79:13:e1:14:9d:e9:61:1a:99:c7:0c:8c:18:
37:a8:4a:1a:7e:68:58:2a:98:b9:f2:c4:dd:31:c1:c0:54:5c:
8b:2b:b9:ab:70:da:91:9f:b3:fc:aa:24:eb:5e:c3:ba:9d:d4:
e2:d9:f5:3c:1d:7e:ee:bf:bb:b4:93:71:e2:3d:77:89:97:94:
f0:02:72:64:9a:a6:e8:29:53:ee:3d:79:51:f0:d3:38:46:ee:
d0:55:68:42:7f:3c:14:09:40:c3:d7:87:38:06:1c:5e:00:88:
83:83:c5:cb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECK2mCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRkMDYzODkxZGY4
ZDIyODk4ZGZjNWM1NjRiYWRhMDZkYjljMWZhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2Eszbtuyk5YzLJnCfL/VvXrtBZjDN3CR03hrbkStndxK32
lye+6iNNktmrFxcMxtkyn1DvQwueId/uLOrHN9G5VBwSDTpHYQa0zY8rqdonsJjx
W/TUqFS3ap/cuTLLqUBUQ4IqInsJrFfX34X7LebtuYvQ8D4E4Ox7eNjABxorfD5k
HiJtnan+VfMGjZKF0LTJPUbYPHtmH+s6Escsup3W1fC84nideafWwOdN4I33aMlj
DloQwJDNxGVHBgn/ejHVtbtc7t38AbyPQ3jCQP9yAsGuRKPw++eQyamHW4UkMNlv
p3FtW/akOt4soyMrUdB4ufNznUQAzuyOLJbz13kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTk0GOJHfjSKJjfxcVkutoG25wfpTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzVOQmppUjM0MGlpWTM4WEZaTHJhQnR1Y0g2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOjwIhgDANBgkqhkiG9w0BAQsF
AAOCAQEAYhQE5mRVdyIjDJJXK/trVmMUMfG6yudn0VY/cb6Dm/L5TjLuAUm/fe+W
BgAO18q1zTWb7DCUl+Lc5tTNdPwJhmWiNMdtMBO6EAP4CoOoUzuVskfJ8C4mYDYO
xN3zUiTxHHdD8QLzKIljvw/z9d/XYbsRUFkF9i8A79z/PHvgy+R9ypU+l9M885Os
ilDW5eHCTNWCa+N5E+EUnelhGpnHDIwYN6hKGn5oWCqYufLE3THBwFRciyu5q3Da
kZ+z/Kok617Dup3U4tn1PB1+7r+7tJNx4j13iZeU8AJyZJqm6ClT7j15UfDTOEbu
0FVoQn88FAlAw9eHOAYcXgCIg4PFyw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org