Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ZY8QdsDAAPIar-P3W1dEkHRQs8U.roa
File: ZY8QdsDAAPIar-P3W1dEkHRQs8U.roa (raw, json)
Hash identifier: i0QnyUThw2MDGFm98GInGbUchyzN+RVhLuYgBj5+ibY=
Subject key identifier: 65:8F:10:76:C0:C0:00:F2:1A:AF:E3:F7:5B:57:44:90:74:50:B3:C5
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08C5A0E8
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ZY8QdsDAAPIar-P3W1dEkHRQs8U.roa
Signing time: Sat 01 Jan 2022 14:01:59 +0000
ROA not before: Sat 01 Jan 2022 14:01:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212358
IP address blocks: 2a0e:8f02:f00f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147169512 (0x8c5a0e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=658f1076c0c000f21aafe3f75b5744907450b3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2c:28:58:80:b1:bc:37:e8:f1:f2:67:cc:1a:
bb:95:24:f1:e2:36:a9:f3:0f:f2:eb:0c:67:e1:36:
45:21:97:7b:1b:8d:a6:36:d4:8f:e7:ef:52:c8:0c:
93:43:db:fc:31:02:d5:5f:80:2a:24:98:9a:29:5e:
fe:e9:be:c2:5e:87:da:c9:4a:ad:36:a2:0d:47:12:
77:3a:00:0b:22:d6:b3:f3:af:92:d8:fd:aa:b9:80:
b3:c9:a3:8f:70:54:c3:f5:e2:0c:01:7f:05:e3:94:
03:df:36:99:7d:42:a4:f4:21:db:00:68:3f:48:12:
05:8e:c4:bb:e4:4f:4b:f4:7c:73:99:e3:55:34:e1:
9b:b0:ae:9a:07:26:78:b6:b5:fc:02:2a:ad:fa:fb:
27:42:7f:9f:7c:fd:f2:c5:9f:9f:f0:9a:17:40:6d:
57:ff:44:be:5c:6f:50:75:f1:11:88:8f:7a:b8:9b:
e4:0c:e3:6c:74:79:02:47:2b:bf:a7:8a:21:38:97:
21:1e:52:a8:cf:77:17:e1:8b:9b:fd:2b:35:d7:6b:
f9:7b:07:a4:ca:8b:b7:e0:f7:ad:aa:70:26:4e:de:
d9:c6:26:0d:7c:02:7f:db:95:e8:c8:be:05:bf:47:
06:9d:15:c9:bb:ae:e4:b2:ba:52:93:4e:e7:30:f9:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8F:10:76:C0:C0:00:F2:1A:AF:E3:F7:5B:57:44:90:74:50:B3:C5
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ZY8QdsDAAPIar-P3W1dEkHRQs8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f00f::/48
Signature Algorithm: sha256WithRSAEncryption
79:af:d1:d9:b4:90:10:f1:a1:02:a4:64:53:fe:e6:1b:da:a3:
3f:14:98:3f:65:fe:ba:09:a1:60:2d:0b:da:ee:81:07:8f:1c:
5c:df:b4:04:f2:bd:16:ae:fb:77:32:5c:72:1d:51:36:e8:9a:
e3:11:f3:bc:80:a5:92:95:2e:5f:65:1e:9d:55:82:1a:2f:ad:
86:71:94:1c:98:d9:64:e6:2c:2b:42:53:13:79:81:ad:1a:5a:
e1:f6:ec:45:7a:96:46:e9:7a:e0:3f:c6:87:aa:49:23:cc:14:
73:7a:71:97:b7:7c:78:5b:61:7a:98:81:ba:e7:9d:66:06:83:
41:da:3b:cb:d0:2e:85:00:62:cf:d8:2d:d4:76:d8:72:aa:e7:
44:57:8a:7b:5c:37:08:85:8a:15:65:94:73:41:82:55:31:e3:
44:20:a3:7e:fc:cc:67:44:c7:ef:52:c8:18:7e:80:5f:51:dd:
48:f5:b4:25:0c:34:89:31:eb:c8:23:6f:2b:fe:cc:93:f5:55:
5a:f7:6a:eb:8d:56:3d:41:be:86:20:fc:b3:6a:10:4f:2a:9c:
08:29:ac:b9:e3:f1:ab:08:57:62:64:d4:80:16:f4:73:7b:76:
77:c3:b0:22:88:57:4d:a3:d8:69:37:2b:3c:32:f8:6b:1a:fe:
4f:bd:89:b2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECMWg6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU4ZjEwNzZjMGMw
MDBmMjFhYWZlM2Y3NWI1NzQ0OTA3NDUwYjNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMsKFiAsbw36PHyZ8wau5Uk8eI2qfMP8usMZ+E2RSGXexuN
pjbUj+fvUsgMk0Pb/DEC1V+AKiSYmile/um+wl6H2slKrTaiDUcSdzoACyLWs/Ov
ktj9qrmAs8mjj3BUw/XiDAF/BeOUA982mX1CpPQh2wBoP0gSBY7Eu+RPS/R8c5nj
VTThm7CumgcmeLa1/AIqrfr7J0J/n3z98sWfn/CaF0BtV/9EvlxvUHXxEYiPerib
5AzjbHR5Akcrv6eKITiXIR5SqM93F+GLm/0rNddr+XsHpMqLt+D3rapwJk7e2cYm
DXwCf9uV6Mi+Bb9HBp0Vybuu5LK6UpNO5zD5NfMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRljxB2wMAA8hqv4/dbV0SQdFCzxTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L1pZOFFkc0RBQVBJYXItUDNXMWRFa0hSUXM4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwDzANBgkqhkiG9w0BAQsF
AAOCAQEAea/R2bSQEPGhAqRkU/7mG9qjPxSYP2X+ugmhYC0L2u6BB48cXN+0BPK9
Fq77dzJcch1RNuia4xHzvIClkpUuX2UenVWCGi+thnGUHJjZZOYsK0JTE3mBrRpa
4fbsRXqWRul64D/Gh6pJI8wUc3pxl7d8eFthepiBuuedZgaDQdo7y9AuhQBiz9gt
1HbYcqrnRFeKe1w3CIWKFWWUc0GCVTHjRCCjfvzMZ0TH71LIGH6AX1HdSPW0JQw0
iTHryCNvK/7Mk/VVWvdq641WPUG+hiD8s2oQTyqcCCmsuePxqwhXYmTUgBb0c3t2
d8OwIohXTaPYaTcrPDL4axr+T72Jsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org