Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/mEFNg0zWjxWtQtmw7skOayb0rtM.roa
File: mEFNg0zWjxWtQtmw7skOayb0rtM.roa (raw, json)
Hash identifier: 5VshdF7c4xZttv6voo1ioKN28O825zMig9Q57Uwd0kw=
Subject key identifier: 98:41:4D:83:4C:D6:8F:15:AD:42:D9:B0:EE:C9:0E:6B:26:F4:AE:D3
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018318AB02A34A51768193359B64D8824586
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/mEFNg0zWjxWtQtmw7skOayb0rtM.roa
Signing time: Wed 07 Sep 2022 15:56:43 +0000
ROA not before: Wed 07 Sep 2022 15:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202952
IP address blocks: 2a0e:8f02:f04d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:ab:02:a3:4a:51:76:81:93:35:9b:64:d8:82:45:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Sep 7 15:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98414d834cd68f15ad42d9b0eec90e6b26f4aed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3a:fd:4e:fa:79:45:02:f8:e3:ac:dc:ea:9d:
53:f0:d7:c1:2e:5e:ea:67:dc:4a:27:5e:9f:4b:3d:
e9:db:fb:32:40:93:04:8c:d2:01:2a:75:96:95:26:
f4:44:70:b0:59:7d:08:8c:ea:b6:ff:31:31:08:45:
b1:d6:80:b2:4a:4b:7d:26:57:21:d6:9c:dd:68:2c:
4a:97:5d:db:cc:74:a1:ee:5b:af:ce:b8:d4:2e:88:
f0:af:59:b0:34:f6:a8:b6:68:cc:cc:2c:87:70:da:
05:34:8b:6a:46:87:c8:eb:a8:6c:6b:35:8d:59:4b:
7e:bd:57:54:e7:ff:e1:cf:5a:e5:21:cb:81:97:ac:
58:81:ad:0c:63:39:0f:bd:f5:ad:c8:2c:93:8d:b3:
da:9f:d1:c3:80:84:d3:3b:93:3c:77:7d:22:46:15:
02:15:5a:cf:bc:95:af:3e:c0:9e:09:b3:4f:65:cd:
d3:7d:b0:22:74:c4:cf:2d:0f:40:68:4b:6f:c6:07:
a7:3a:38:42:08:0e:6a:b9:7a:ed:24:d1:c7:e5:71:
ca:89:61:ee:67:16:6d:b8:e1:72:c6:88:ca:da:af:
ba:aa:42:48:c7:c2:47:3c:71:b3:bb:94:33:2d:bc:
f6:f0:00:3b:ef:7c:ae:ec:61:fc:d2:55:da:29:7b:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:41:4D:83:4C:D6:8F:15:AD:42:D9:B0:EE:C9:0E:6B:26:F4:AE:D3
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/mEFNg0zWjxWtQtmw7skOayb0rtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f04d::/48
Signature Algorithm: sha256WithRSAEncryption
2b:84:6e:4d:50:de:bf:93:d3:6a:fa:1e:72:8f:b8:14:79:df:
e7:c4:19:6f:12:08:94:6e:1a:97:1e:a4:c9:20:fa:e4:5d:81:
28:3a:90:b9:35:88:79:29:7a:09:b2:a7:3a:dc:73:33:b3:48:
c0:dd:75:5a:7a:81:88:fc:f6:89:34:64:4f:ad:61:00:2c:60:
56:0a:0c:22:1f:6f:c8:14:7c:88:5d:78:b2:17:d3:d3:b2:f0:
5d:ce:0c:52:01:a1:80:e8:01:4e:ce:8f:32:08:27:14:21:3c:
ee:04:2a:d7:44:01:8d:60:e0:c0:4b:56:da:c3:22:e3:6e:3a:
11:c0:30:91:ac:02:24:70:6d:79:bc:88:4d:c4:6a:6c:41:24:
fb:f6:2b:83:b0:2d:e5:99:f8:78:c4:79:e8:74:6a:c2:e7:ff:
c1:87:6f:3c:bd:60:79:d1:6a:5a:6c:32:18:5c:12:2a:81:cd:
32:1a:4b:90:dd:7e:55:fb:bb:ae:dd:4e:1b:3a:ec:e3:9d:8d:
bb:73:09:ca:d2:d4:d7:63:1e:f9:81:21:4b:82:02:f1:e8:22:
9c:25:7d:9d:5e:e5:d4:ea:72:75:09:fc:ca:48:ac:1d:0b:b8:
46:d5:0d:32:98:fd:a4:5a:34:e2:01:4f:67:8f:ec:73:3a:37:
c3:1e:ab:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMYqwKjSlF2gZM1m2TYgkWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjIwOTA3MTU1NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQxNGQ4MzRjZDY4ZjE1YWQ0MmQ5YjBlZWM5MGU2YjI2ZjRhZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjr9Tvp5RQL446zc6p1T8NfBLl7q
Z9xKJ16fSz3p2/syQJMEjNIBKnWWlSb0RHCwWX0IjOq2/zExCEWx1oCySkt9Jlch
1pzdaCxKl13bzHSh7luvzrjULojwr1mwNPaotmjMzCyHcNoFNItqRofI66hsazWN
WUt+vVdU5//hz1rlIcuBl6xYga0MYzkPvfWtyCyTjbPan9HDgITTO5M8d30iRhUC
FVrPvJWvPsCeCbNPZc3TfbAidMTPLQ9AaEtvxgenOjhCCA5quXrtJNHH5XHKiWHu
ZxZtuOFyxojK2q+6qkJIx8JHPHGzu5QzLbz28AA773yu7GH80lXaKXsHSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJhBTYNM1o8VrULZsO7JDmsm9K7TMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvbUVGTmcweldqeFd0UXRtdzdza09heWIwcnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBN
MA0GCSqGSIb3DQEBCwUAA4IBAQArhG5NUN6/k9Nq+h5yj7gUed/nxBlvEgiUbhqX
HqTJIPrkXYEoOpC5NYh5KXoJsqc63HMzs0jA3XVaeoGI/PaJNGRPrWEALGBWCgwi
H2/IFHyIXXiyF9PTsvBdzgxSAaGA6AFOzo8yCCcUITzuBCrXRAGNYODAS1bawyLj
bjoRwDCRrAIkcG15vIhNxGpsQST79iuDsC3lmfh4xHnodGrC5//Bh288vWB50Wpa
bDIYXBIqgc0yGkuQ3X5V+7uu3U4bOuzjnY27cwnK0tTXYx75gSFLggLx6CKcJX2d
XuXU6nJ1CfzKSKwdC7hG1Q0ymP2kWjTiAU9nj+xzOjfDHquE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org