Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/gySgrJdFgoDjkyYZNwLtoDM68sk.roa
File: gySgrJdFgoDjkyYZNwLtoDM68sk.roa (raw, json)
Hash identifier: MqhdoNHwEMaXKi2NeFhLsqPDi7deyKfwBP9fm4sAAM8=
Subject key identifier: 83:24:A0:AC:97:45:82:80:E3:93:26:19:37:02:ED:A0:33:3A:F2:C9
Certificate issuer: /CN=70ad353cc1a0d16d5e8e14a37575a6f3d60563f8
Certificate serial: 44B688B4
Authority key identifier: 70:AD:35:3C:C1:A0:D1:6D:5E:8E:14:A3:75:75:A6:F3:D6:05:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cK01PMGg0W1ejhSjdXWm89YFY_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/gySgrJdFgoDjkyYZNwLtoDM68sk.roa
Signing time: Sat 01 Jan 2022 11:57:16 +0000
ROA not before: Sat 01 Jan 2022 11:57:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51134
IP address blocks: 2a01:430:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1152813236 (0x44b688b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70ad353cc1a0d16d5e8e14a37575a6f3d60563f8
Validity
Not Before: Jan 1 11:57:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8324a0ac97458280e39326193702eda0333af2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f2:22:14:7e:5c:b4:99:23:e8:43:c3:e0:e3:
a8:91:22:ff:5b:0b:ed:30:5b:79:da:77:77:ce:ed:
df:7f:16:b0:3f:b6:d1:c9:c2:d3:91:73:bc:de:53:
2a:9f:d8:2d:88:7e:23:0a:d0:b8:48:74:ed:07:1e:
6c:6c:d1:a0:99:e8:3b:49:4a:cc:1d:6e:26:2a:31:
96:54:ef:65:9d:76:4a:f8:be:54:e9:e4:e6:ab:f8:
c9:c7:7a:a2:c7:16:f0:c0:e1:de:48:00:65:29:88:
29:d0:9c:db:32:7b:05:8f:93:69:ff:50:d5:34:f0:
4a:78:04:0b:b9:f8:7d:38:27:09:9d:bf:48:7a:02:
76:9e:06:9e:f1:97:f7:e6:ad:ff:b8:35:99:b8:ae:
98:10:13:c4:1f:cf:34:f6:0d:ea:ef:79:90:43:b3:
32:f6:a5:32:b2:69:f5:6f:f8:eb:d9:98:1e:cf:10:
1c:c4:ea:73:c1:dd:53:cb:f2:45:a8:2b:be:0f:f6:
c3:90:23:b9:7b:91:a4:1f:35:98:a3:bf:50:79:96:
7b:99:a3:4d:00:f1:9c:a6:56:a2:d8:1b:19:26:3b:
b8:7e:98:e0:21:d4:41:71:6c:13:ea:eb:64:f8:2f:
b4:a8:b7:01:67:f4:f0:b1:79:7a:da:ea:3b:90:d4:
2f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:24:A0:AC:97:45:82:80:E3:93:26:19:37:02:ED:A0:33:3A:F2:C9
X509v3 Authority Key Identifier:
keyid:70:AD:35:3C:C1:A0:D1:6D:5E:8E:14:A3:75:75:A6:F3:D6:05:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cK01PMGg0W1ejhSjdXWm89YFY_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/gySgrJdFgoDjkyYZNwLtoDM68sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/cK01PMGg0W1ejhSjdXWm89YFY_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:430:11::/48
Signature Algorithm: sha256WithRSAEncryption
38:b3:a9:09:6e:12:72:6a:52:fd:91:6f:d9:b4:a1:6d:37:40:
66:d5:c9:6d:f0:98:fd:cd:2f:82:87:54:4b:e3:5a:1d:17:d8:
bd:7e:59:52:0f:2c:87:65:38:5f:2f:55:b0:aa:4e:ed:a3:fa:
8b:5c:9e:35:dd:da:87:e9:81:c4:fd:f4:0e:2b:be:fb:3c:8d:
87:23:3d:9e:31:2d:37:db:fe:38:b1:70:47:b8:fd:8d:1d:e4:
e5:81:6e:b0:dc:fa:bb:e4:8b:f8:c2:76:36:bf:c6:ef:c4:c4:
a9:c7:51:65:1d:ab:c3:4a:e5:53:ca:c4:a3:8c:21:71:18:47:
81:44:62:30:52:8d:a5:74:eb:18:67:56:ed:1e:40:9a:2e:a7:
7c:4f:e2:70:8e:d1:6b:57:a2:41:54:ce:ae:e9:cb:18:aa:40:
d6:96:14:07:76:1f:6f:2d:9a:47:70:f3:0b:95:c0:3e:7b:93:
0f:f3:fd:40:a2:f5:bf:69:b5:03:89:5b:e3:c0:b9:d7:1b:34:
81:03:00:91:09:dc:40:da:33:77:fd:75:21:8f:14:3f:7f:65:
29:d2:f8:6c:23:51:8a:eb:2f:21:af:c3:ba:7b:aa:22:94:2d:
96:ab:00:60:e6:e4:4d:f1:d1:b1:7a:01:e6:33:0e:94:1e:65:
c2:d8:27:e1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIERLaItDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGFkMzUzY2MxYTBkMTZkNWU4ZTE0YTM3NTc1YTZmM2Q2MDU2M2Y4MB4XDTIyMDEw
MTExNTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMyNGEwYWM5NzQ1
ODI4MGUzOTMyNjE5MzcwMmVkYTAzMzNhZjJjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvyIhR+XLSZI+hDw+DjqJEi/1sL7TBbedp3d87t338WsD+2
0cnC05FzvN5TKp/YLYh+IwrQuEh07QcebGzRoJnoO0lKzB1uJioxllTvZZ12Svi+
VOnk5qv4ycd6oscW8MDh3kgAZSmIKdCc2zJ7BY+Taf9Q1TTwSngEC7n4fTgnCZ2/
SHoCdp4GnvGX9+at/7g1mbiumBATxB/PNPYN6u95kEOzMvalMrJp9W/469mYHs8Q
HMTqc8HdU8vyRagrvg/2w5AjuXuRpB81mKO/UHmWe5mjTQDxnKZWotgbGSY7uH6Y
4CHUQXFsE+rrZPgvtKi3AWf08LF5etrqO5DUL1sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSDJKCsl0WCgOOTJhk3Au2gMzryyTAfBgNVHSMEGDAWgBRwrTU8waDRbV6O
FKN1dabz1gVj+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NLMDFQTUdnMFcxZWpoU2pkWFdtODlZRllfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvZTI2ZDljLWQ4NTEtNGE2OS05NWY5LTE1MDRlYTUzZTI1NS8x
L2d5U2dySmRGZ29Eamt5WVpOd0x0b0RNNjhzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
ZTI2ZDljLWQ4NTEtNGE2OS05NWY5LTE1MDRlYTUzZTI1NS8xL2NLMDFQTUdnMFcx
ZWpoU2pkWFdtODlZRllfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBDAAETANBgkqhkiG9w0BAQsF
AAOCAQEAOLOpCW4ScmpS/ZFv2bShbTdAZtXJbfCY/c0vgodUS+NaHRfYvX5ZUg8s
h2U4Xy9VsKpO7aP6i1yeNd3ah+mBxP30Diu++zyNhyM9njEtN9v+OLFwR7j9jR3k
5YFusNz6u+SL+MJ2Nr/G78TEqcdRZR2rw0rlU8rEo4whcRhHgURiMFKNpXTrGGdW
7R5Ami6nfE/icI7Ra1eiQVTOrunLGKpA1pYUB3Yfby2aR3DzC5XAPnuTD/P9QKL1
v2m1A4lb48C51xs0gQMAkQncQNozd/11IY8UP39lKdL4bCNRiusvIa/DunuqIpQt
lqsAYObkTfHRsXoB5jMOlB5lwtgn4Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:34 2023 by rpki-client on console-ams.rpki-client.org