Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/O9mCQBwYNp_SYhnLPk594EvCC2o.roa
File: O9mCQBwYNp_SYhnLPk594EvCC2o.roa (raw, json)
Hash identifier: NloQ5/00Y7byW87RW4Geegx7f5+8Bu6ddcMGR6S3A60=
Subject key identifier: 3B:D9:82:40:1C:18:36:9F:D2:62:19:CB:3E:4E:7D:E0:4B:C2:0B:6A
Certificate issuer: /CN=66259dea3e9cae6e819588c5c913f02d4410398b
Certificate serial: 01843CE2D7CFCB75C733152DD66E98179FD5
Authority key identifier: 66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/O9mCQBwYNp_SYhnLPk594EvCC2o.roa
Signing time: Thu 03 Nov 2022 09:46:50 +0000
ROA not before: Thu 03 Nov 2022 09:46:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42487
IP address blocks: 2a09:5180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:e2:d7:cf:cb:75:c7:33:15:2d:d6:6e:98:17:9f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66259dea3e9cae6e819588c5c913f02d4410398b
Validity
Not Before: Nov 3 09:46:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bd982401c18369fd26219cb3e4e7de04bc20b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6b:86:1a:4d:ea:d4:86:19:fc:88:c4:c3:73:
f1:70:4f:f2:9c:bf:2e:04:e3:48:45:16:fc:6b:d3:
6e:90:80:c5:5a:99:2e:e6:dc:81:02:08:3e:93:50:
2a:71:9d:b1:f8:df:ed:28:ed:cc:3e:6a:dc:e1:9e:
2d:2f:d4:56:b5:a9:84:21:bc:25:05:cb:43:43:ed:
bf:61:7f:9a:28:a4:e9:6c:98:e6:ad:8b:21:09:5d:
2c:c9:5f:bb:de:67:07:16:86:3f:c9:23:95:5b:ed:
4b:4d:9f:16:9f:a2:ef:3f:0f:4d:22:d6:ac:f9:07:
ef:c2:fe:03:df:8e:e7:41:61:78:2b:c2:97:f5:46:
02:c8:58:73:b7:4d:ca:2b:ad:c3:69:ce:4c:f9:d3:
28:10:ae:47:5d:f2:04:c4:69:19:66:fe:39:f4:ff:
0b:5e:bb:57:51:ed:63:77:66:b0:fc:3e:7e:50:18:
38:b7:df:d9:41:4d:3d:cf:dd:ad:f8:a1:1a:5a:29:
a1:44:55:98:a3:e6:85:0c:7c:ee:5e:15:05:cb:78:
63:b8:c3:4e:c3:53:b8:22:04:60:3f:2f:fc:f0:fd:
cc:1a:23:1f:4e:d0:13:3e:5f:30:ff:71:bd:92:d6:
9c:2d:c3:c6:7c:c2:79:e6:4d:8c:21:d1:83:72:4a:
02:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D9:82:40:1C:18:36:9F:D2:62:19:CB:3E:4E:7D:E0:4B:C2:0B:6A
X509v3 Authority Key Identifier:
keyid:66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/O9mCQBwYNp_SYhnLPk594EvCC2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:5180::/29
Signature Algorithm: sha256WithRSAEncryption
4d:a9:cd:fd:9b:e5:ac:ed:d7:56:8a:53:8a:d0:b6:b8:fd:27:
6b:59:82:3a:27:6c:b7:2a:45:dc:30:78:6f:3b:c7:5a:7e:44:
47:a2:12:79:a0:77:98:52:eb:14:c1:4d:8d:be:c5:23:da:69:
40:c8:49:fe:6b:5d:1f:d1:b6:a0:ce:50:7d:8b:a1:a6:ee:f3:
97:a2:f4:e8:6b:53:bd:03:67:80:45:4b:cc:50:e8:28:f6:c7:
06:94:98:40:ab:79:f3:54:91:46:b4:7b:94:62:13:6b:a7:e9:
73:a7:6e:eb:26:86:8b:b1:8f:a1:19:ca:6e:54:33:c2:a8:c5:
23:c8:cd:28:29:f0:61:3c:46:d2:7e:f7:dc:4f:4f:22:ee:68:
60:e2:34:3a:39:0c:c9:da:8e:f6:52:2e:6e:2c:27:16:d9:0b:
6a:d4:24:05:fc:9a:e9:2b:96:62:0c:f9:c4:73:0d:3b:e8:9a:
87:2b:e4:74:55:f8:b0:75:77:ab:51:dd:d5:b8:97:ae:f1:e9:
32:9d:98:44:34:89:5d:ef:03:a2:e2:50:7d:bb:e7:5d:ae:73:
7e:79:e6:b0:3a:95:89:c2:3b:b8:13:d8:20:1e:8d:27:58:44:
3b:c3:3e:84:1f:4d:00:05:e4:db:34:01:cc:cb:60:ee:b0:23:
c2:ee:5a:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQ84tfPy3XHMxUt1m6YF5/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MjU5ZGVhM2U5Y2FlNmU4MTk1ODhjNWM5MTNmMDJkNDQx
MDM5OGIwHhcNMjIxMTAzMDk0NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ5ODI0MDFjMTgzNjlmZDI2MjE5Y2IzZTRlN2RlMDRiYzIwYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2uGGk3q1IYZ/IjEw3PxcE/ynL8u
BONIRRb8a9NukIDFWpku5tyBAgg+k1AqcZ2x+N/tKO3MPmrc4Z4tL9RWtamEIbwl
BctDQ+2/YX+aKKTpbJjmrYshCV0syV+73mcHFoY/ySOVW+1LTZ8Wn6LvPw9NItas
+Qfvwv4D347nQWF4K8KX9UYCyFhzt03KK63Dac5M+dMoEK5HXfIExGkZZv459P8L
XrtXUe1jd2aw/D5+UBg4t9/ZQU09z92t+KEaWimhRFWYo+aFDHzuXhUFy3hjuMNO
w1O4IgRgPy/88P3MGiMfTtATPl8w/3G9ktacLcPGfMJ55k2MIdGDckoCQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDvZgkAcGDaf0mIZyz5OfeBLwgtqMB8GA1UdIwQY
MBaAFGYlneo+nK5ugZWIxckT8C1EEDmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQt
Y2JiZTMyNDJjMmJkLzEvTzltQ1FCd1lOcF9TWWhuTFBrNTk0RXZDQzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQtY2JiZTMyNDJjMmJk
LzEvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKglRgDAN
BgkqhkiG9w0BAQsFAAOCAQEATanN/ZvlrO3XVopTitC2uP0na1mCOidstypF3DB4
bzvHWn5ER6ISeaB3mFLrFMFNjb7FI9ppQMhJ/mtdH9G2oM5QfYuhpu7zl6L06GtT
vQNngEVLzFDoKPbHBpSYQKt581SRRrR7lGITa6fpc6du6yaGi7GPoRnKblQzwqjF
I8jNKCnwYTxG0n733E9PIu5oYOI0OjkMydqO9lIubiwnFtkLatQkBfya6SuWYgz5
xHMNO+iahyvkdFX4sHV3q1Hd1biXrvHpMp2YRDSJXe8DouJQfbvnXa5zfnnmsDqV
icI7uBPYIB6NJ1hEO8M+hB9NAAXk2zQBzMtg7rAjwu5aAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:46 2024 by rpki-client on console-fra.rpki-client.org