Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9M9UOMNHXT88_cHGhsf_wKccoZI.roa
File: 9M9UOMNHXT88_cHGhsf_wKccoZI.roa (raw, json)
Hash identifier: NysSoX9MkH0nlbwANlnNqEK746HeKglFXQSHpiLzoEg=
Subject key identifier: F4:CF:54:38:C3:47:5D:3F:3C:FD:C1:C6:86:C7:FF:C0:A7:1C:A1:92
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08CEACD2
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9M9UOMNHXT88_cHGhsf_wKccoZI.roa
Signing time: Sat 01 Jan 2022 14:02:08 +0000
ROA not before: Sat 01 Jan 2022 14:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213248
IP address blocks: 2a0e:8f02:2160::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147762386 (0x8ceacd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4cf5438c3475d3f3cfdc1c686c7ffc0a71ca192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c7:54:8b:b1:e4:11:75:91:55:75:31:b2:1e:
4e:ff:84:ad:c3:6d:8e:4b:2e:81:d1:4b:d7:e8:af:
c5:dd:9a:87:67:15:21:ee:64:e6:e2:84:d6:2a:a1:
01:35:ef:5e:64:01:78:b5:f8:67:9e:aa:5c:38:6d:
76:e3:1b:c5:be:d5:cf:77:af:d3:f7:c2:19:20:63:
73:f0:81:94:01:4c:03:28:65:2b:94:37:16:ba:90:
1f:96:06:9e:5c:2b:bd:c4:90:b5:99:f0:78:4c:eb:
02:4d:f8:17:53:d1:b2:62:db:83:7a:97:f0:0e:ca:
8e:3a:0e:bd:e7:dd:a3:fe:bd:6d:5b:8b:2e:b7:ab:
89:49:e5:d0:8b:35:e1:1f:bc:d6:a4:13:19:32:00:
b3:b2:7d:f0:a7:93:73:c0:5b:37:be:bd:0b:31:e9:
86:2c:0b:01:bf:27:f8:47:3c:3a:57:1f:0a:75:87:
c6:9a:2e:f3:d6:1b:b4:96:9b:b1:ef:d1:8e:c4:f1:
13:f9:63:12:f3:11:4d:77:a6:b6:40:44:f2:ba:07:
a3:da:56:d5:de:af:aa:c1:c7:7f:6a:b2:ea:22:c7:
8b:50:0f:ad:63:3b:2d:a9:fb:3a:b9:f3:45:57:23:
ad:24:95:eb:f4:b8:8b:04:98:9f:8a:85:e3:25:e4:
bb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CF:54:38:C3:47:5D:3F:3C:FD:C1:C6:86:C7:FF:C0:A7:1C:A1:92
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9M9UOMNHXT88_cHGhsf_wKccoZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2160::/44
Signature Algorithm: sha256WithRSAEncryption
43:30:b2:df:b0:35:7b:97:dd:48:ec:0d:63:ed:72:6d:6b:17:
b4:47:3e:33:02:39:18:d9:01:33:86:83:12:fd:a6:35:4a:b7:
98:d9:95:42:c2:9d:69:24:c8:20:65:86:97:3e:ab:85:99:01:
a4:74:f7:08:41:94:a9:09:21:97:09:c8:dd:02:0d:10:0e:ec:
c7:74:b1:4a:79:f1:b9:99:d0:bb:de:49:90:6a:43:be:bc:9e:
0f:8f:97:2f:12:fa:c1:37:1d:56:dc:7c:91:0b:a9:77:58:0a:
d0:5c:1b:7e:84:12:0b:29:19:ce:e3:08:a1:c2:ec:76:17:9c:
bd:12:19:04:34:e2:3e:23:ab:b8:81:32:5f:fb:f2:54:ff:85:
e6:af:6b:6f:e4:86:04:26:03:bf:75:ca:43:66:7b:d3:53:87:
f7:ad:ae:c0:ce:a4:94:ec:0f:c0:69:41:17:7d:a3:4d:e2:06:
bf:d6:9a:3e:c7:67:79:8e:50:b1:0b:a6:ef:be:7a:73:1e:d3:
d1:fe:0b:04:57:2f:63:09:80:41:75:9c:2a:82:8e:e2:0a:44:
21:9d:e4:ce:7c:e8:9b:29:43:d0:85:7a:ca:83:24:9e:d4:72:
50:c8:08:bf:cf:18:dd:39:4a:28:b5:ae:66:0f:fe:66:dd:2c:
d6:cb:c7:80
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECM6s0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRjZjU0MzhjMzQ3
NWQzZjNjZmRjMWM2ODZjN2ZmYzBhNzFjYTE5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDHVIux5BF1kVV1MbIeTv+ErcNtjksugdFL1+ivxd2ah2cV
Ie5k5uKE1iqhATXvXmQBeLX4Z56qXDhtduMbxb7Vz3ev0/fCGSBjc/CBlAFMAyhl
K5Q3FrqQH5YGnlwrvcSQtZnweEzrAk34F1PRsmLbg3qX8A7KjjoOvefdo/69bVuL
LreriUnl0Is14R+81qQTGTIAs7J98KeTc8BbN769CzHphiwLAb8n+Ec8OlcfCnWH
xpou89YbtJabse/RjsTxE/ljEvMRTXemtkBE8roHo9pW1d6vqsHHf2qy6iLHi1AP
rWM7Lan7OrnzRVcjrSSV6/S4iwSYn4qF4yXku20CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT0z1Q4w0ddPzz9wcaGx//ApxyhkjAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzlNOVVPTU5IWFQ4OF9jSEdoc2Zfd0tjY29aSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOjwIhYDANBgkqhkiG9w0BAQsF
AAOCAQEAQzCy37A1e5fdSOwNY+1ybWsXtEc+MwI5GNkBM4aDEv2mNUq3mNmVQsKd
aSTIIGWGlz6rhZkBpHT3CEGUqQkhlwnI3QINEA7sx3SxSnnxuZnQu95JkGpDvrye
D4+XLxL6wTcdVtx8kQupd1gK0FwbfoQSCykZzuMIocLsdhecvRIZBDTiPiOruIEy
X/vyVP+F5q9rb+SGBCYDv3XKQ2Z701OH962uwM6klOwPwGlBF32jTeIGv9aaPsdn
eY5QsQum7756cx7T0f4LBFcvYwmAQXWcKoKO4gpEIZ3kznzomylD0IV6yoMkntRy
UMgIv88Y3TlKKLWuZg/+Zt0s1svHgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org