Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/8htNbx3dQrKKENRL1KgntzCsNYs.roa
File: 8htNbx3dQrKKENRL1KgntzCsNYs.roa (raw, json)
Hash identifier: QW2jZCDsKOW8ztBbuTsjcNKhUdt1F5s/rejOND3ExVE=
Subject key identifier: F2:1B:4D:6F:1D:DD:42:B2:8A:10:D4:4B:D4:A8:27:B7:30:AC:35:8B
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08CD431A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/8htNbx3dQrKKENRL1KgntzCsNYs.roa
Signing time: Sat 01 Jan 2022 14:02:07 +0000
ROA not before: Sat 01 Jan 2022 14:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213127
IP address blocks: 2a0e:8f02:f000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147669786 (0x8cd431a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f21b4d6f1ddd42b28a10d44bd4a827b730ac358b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e9:2e:4a:3c:2e:39:3b:f8:41:62:b0:ce:85:
ec:96:24:81:51:48:e1:ac:fc:6a:5c:e5:68:a9:7d:
e5:46:a0:74:50:64:ea:98:f8:53:ec:23:51:cd:4e:
98:e7:df:1d:13:98:dc:66:1a:0d:97:79:13:d6:d2:
54:28:b4:df:f1:48:12:3b:34:5c:83:42:f5:73:7a:
8c:4c:da:d1:40:64:42:8d:d0:7c:0e:eb:37:a4:3c:
6a:3a:47:c8:b3:9f:e4:3c:7f:36:83:ca:fb:f9:50:
a4:cc:31:e1:14:02:36:ca:8d:b4:bb:60:bd:e6:be:
1d:82:1c:d6:0d:53:20:4c:5f:24:d5:05:a9:1c:16:
26:a8:a5:c3:a0:22:d9:09:bc:fd:a8:61:df:98:f7:
77:2b:f7:73:5f:ef:20:f5:fe:c0:26:51:4b:fc:11:
dd:fa:32:d8:62:74:b0:8d:37:de:47:0f:17:ae:1f:
f4:fe:a0:ee:53:56:29:af:43:dd:17:0d:33:ee:9a:
32:b0:f4:de:e7:c6:79:37:1b:a0:ce:65:6a:ce:42:
4c:0b:a3:b8:2a:ba:d7:80:73:39:aa:cd:b2:b5:83:
7f:47:d5:0e:b6:0c:29:2f:37:c7:a2:21:6a:b2:09:
8e:80:86:55:2c:90:c4:81:2a:ee:c9:1c:e2:a9:05:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1B:4D:6F:1D:DD:42:B2:8A:10:D4:4B:D4:A8:27:B7:30:AC:35:8B
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/8htNbx3dQrKKENRL1KgntzCsNYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f000::/48
Signature Algorithm: sha256WithRSAEncryption
2c:85:6e:48:2c:fd:04:81:44:ce:bf:53:af:cc:17:44:70:f2:
8b:7d:8c:f4:84:58:c5:41:12:bf:03:b4:83:ee:7f:6a:2a:c2:
40:0d:a5:79:27:36:72:de:20:ff:81:a8:9f:f2:b8:b7:4a:c6:
ce:c0:d0:22:19:74:a9:0a:93:72:26:f9:d9:42:4a:ae:b0:f9:
1c:04:c3:46:14:d4:2b:af:93:7a:7b:8a:e0:9d:13:d3:12:14:
7f:70:c0:7c:5f:df:4d:ae:c0:7d:7d:0b:ba:32:af:b3:f5:26:
30:b3:b6:f8:66:0d:ba:c7:5d:4d:3a:50:14:95:1a:06:b7:d7:
62:f4:50:ea:72:d5:68:72:d7:61:55:63:4f:26:fa:80:42:30:
52:4a:e0:cc:99:d8:c0:6e:b9:79:da:e1:40:86:d3:d0:13:0a:
f7:a4:75:99:30:36:83:1f:3d:67:fc:b7:d8:ee:82:72:78:ed:
4b:88:97:81:bc:d8:e5:ee:6e:6e:6a:9f:b9:09:60:07:0e:2f:
bc:b6:f0:e2:b9:08:63:eb:8b:6b:b3:38:df:59:c3:6d:2b:8c:
7d:19:2c:c7:72:88:9b:c6:94:7b:0b:2f:88:b1:36:97:f7:f7:
ad:fb:5e:70:14:43:fe:bc:ca:0e:70:e2:cc:5f:11:7b:e0:f2:
0b:29:f3:38
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECM1DGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIxYjRkNmYxZGRk
NDJiMjhhMTBkNDRiZDRhODI3YjczMGFjMzU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXpLko8Ljk7+EFisM6F7JYkgVFI4az8alzlaKl95UagdFBk
6pj4U+wjUc1OmOffHROY3GYaDZd5E9bSVCi03/FIEjs0XINC9XN6jEza0UBkQo3Q
fA7rN6Q8ajpHyLOf5Dx/NoPK+/lQpMwx4RQCNsqNtLtgvea+HYIc1g1TIExfJNUF
qRwWJqilw6Ai2Qm8/ahh35j3dyv3c1/vIPX+wCZRS/wR3foy2GJ0sI033kcPF64f
9P6g7lNWKa9D3RcNM+6aMrD03ufGeTcboM5las5CTAujuCq614BzOarNsrWDf0fV
DrYMKS83x6IharIJjoCGVSyQxIEq7skc4qkFi9ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTyG01vHd1CsooQ1EvUqCe3MKw1izAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzhodE5ieDNkUXJLS0VOUkwxS2dudHpDc05Zcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwADANBgkqhkiG9w0BAQsF
AAOCAQEALIVuSCz9BIFEzr9Tr8wXRHDyi32M9IRYxUESvwO0g+5/airCQA2leSc2
ct4g/4Gon/K4t0rGzsDQIhl0qQqTcib52UJKrrD5HATDRhTUK6+TenuK4J0T0xIU
f3DAfF/fTa7AfX0LujKvs/UmMLO2+GYNusddTTpQFJUaBrfXYvRQ6nLVaHLXYVVj
Tyb6gEIwUkrgzJnYwG65edrhQIbT0BMK96R1mTA2gx89Z/y32O6CcnjtS4iXgbzY
5e5ubmqfuQlgBw4vvLbw4rkIY+uLa7M431nDbSuMfRksx3KIm8aUewsviLE2l/f3
rftecBRD/rzKDnDizF8Re+DyCynzOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org