Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/zYgSlEXKDIOgSG7A6E9xPo0LyWQ.roa
File: zYgSlEXKDIOgSG7A6E9xPo0LyWQ.roa (raw, json)
Hash identifier: n7jtlghzgCZb8jApqd1WdCbs7E1K52UDWvvWpbVIyQ0=
Subject key identifier: CD:88:12:94:45:CA:0C:83:A0:48:6E:C0:E8:4F:71:3E:8D:0B:C9:64
Certificate issuer: /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Certificate serial: 0A55EE00
Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/zYgSlEXKDIOgSG7A6E9xPo0LyWQ.roa
Signing time: Tue 10 May 2022 15:09:58 +0000
ROA not before: Tue 10 May 2022 15:09:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31898
IP address blocks: 2a09:a447:ac1f::/48 maxlen: 64
2a09:a447:ac1e::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173403648 (0xa55ee00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Validity
Not Before: May 10 15:09:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd88129445ca0c83a0486ec0e84f713e8d0bc964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:46:cb:84:22:94:a9:bd:36:ea:f3:f1:27:36:
54:15:b1:41:3e:72:c4:83:b4:bc:37:ec:d9:42:03:
66:38:ef:aa:92:7c:8b:3b:07:63:27:46:6f:d0:06:
60:cc:7b:ff:6c:f6:1b:98:68:98:69:e8:29:9b:ef:
5f:88:00:0c:64:b4:c1:dc:dd:94:d6:48:8b:8b:4a:
92:82:f0:f4:c8:e1:c0:97:9c:c8:cf:1b:94:1c:9a:
10:46:ce:4c:11:65:74:b9:0a:9c:0f:37:bf:0d:7a:
f3:92:8a:36:cc:0b:3c:d3:4f:e7:c5:e6:99:8d:da:
8b:93:62:72:0e:fa:94:e7:c8:70:24:a0:90:b8:21:
2b:a4:dc:79:32:77:b7:ac:1b:53:3b:91:1b:c0:4c:
50:d8:4a:77:11:ea:77:36:b9:f4:c8:46:9f:a0:b3:
08:36:04:a3:5c:b3:76:d6:e9:87:67:ba:eb:30:32:
7a:b5:d5:9f:f0:55:39:ae:02:39:83:29:29:83:6b:
ea:ef:a8:dd:d1:db:9d:ab:45:59:2a:0b:a3:15:d8:
20:7d:19:28:21:6f:df:5b:9e:11:9d:64:1a:d2:04:
5c:4c:34:a1:3a:9d:72:06:91:24:11:94:33:aa:5f:
4a:2b:66:70:08:b8:b7:12:ef:11:91:5b:f9:4d:92:
f9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:88:12:94:45:CA:0C:83:A0:48:6E:C0:E8:4F:71:3E:8D:0B:C9:64
X509v3 Authority Key Identifier:
keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/zYgSlEXKDIOgSG7A6E9xPo0LyWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a447:ac1e::/47
Signature Algorithm: sha256WithRSAEncryption
50:e7:57:9f:e9:20:d9:b7:78:52:f6:fb:c2:91:6b:56:cc:87:
9c:1d:8a:c2:61:14:8f:7b:2b:2f:e3:a1:9b:c5:26:12:3d:66:
fe:cb:bd:22:b5:f1:07:1a:9e:af:cf:93:b1:5c:65:57:c0:94:
fc:a5:62:14:6b:15:04:8b:bd:52:8a:2d:12:86:82:f4:c9:da:
d3:f8:86:4e:e6:b9:fb:61:44:c3:e4:15:c9:d4:1a:72:21:87:
bf:24:3a:0a:7e:aa:9c:98:b8:1b:da:34:82:79:d0:84:4d:ed:
a9:e2:11:d8:87:f2:17:e8:70:f8:43:e9:f1:65:c6:9e:ae:7c:
fc:ec:1d:f1:fd:cd:ed:d5:7b:44:0f:22:ca:ed:93:20:9d:ad:
95:0e:14:d9:af:d1:72:15:76:e4:af:ff:d0:b3:a4:45:d9:89:
e7:b6:14:33:5e:4f:0f:7d:88:c9:c9:64:f4:c7:3f:23:ee:da:
84:c2:9f:e9:72:2c:f7:b2:6b:a6:d0:88:f9:95:5a:33:be:ce:
c5:41:be:f8:bf:8c:51:a2:ef:83:02:a8:e3:26:62:1d:02:05:
22:cf:b3:38:87:df:84:77:91:59:4c:4f:4e:25:20:11:3f:87:
db:d4:a2:ba:7b:28:07:18:0b:25:0e:10:04:97:89:d0:24:85:
08:39:d8:f1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEClXuADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzEwODljOTQyYjY4MDMzNjgzYjRkZDUwNmMwYzM2Zjc0YmUwZWEzMB4XDTIyMDUx
MDE1MDk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q4ODEyOTQ0NWNh
MGM4M2EwNDg2ZWMwZTg0ZjcxM2U4ZDBiYzk2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNGy4QilKm9Nurz8Sc2VBWxQT5yxIO0vDfs2UIDZjjvqpJ8
izsHYydGb9AGYMx7/2z2G5homGnoKZvvX4gADGS0wdzdlNZIi4tKkoLw9MjhwJec
yM8blByaEEbOTBFldLkKnA83vw1685KKNswLPNNP58XmmY3ai5Nicg76lOfIcCSg
kLghK6TceTJ3t6wbUzuRG8BMUNhKdxHqdza59MhGn6CzCDYEo1yzdtbph2e66zAy
erXVn/BVOa4COYMpKYNr6u+o3dHbnatFWSoLoxXYIH0ZKCFv31ueEZ1kGtIEXEw0
oTqdcgaRJBGUM6pfSitmcAi4txLvEZFb+U2S+akCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTNiBKURcoMg6BIbsDoT3E+jQvJZDAfBgNVHSMEGDAWgBTcEInJQraAM2g7
TdUGwMNvdL4OozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNCQ0p5VUsyZ0ROb08wM1ZCc0REYjNTLURxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvMjQxNDlkLWQxMTUtNDMzMC1iZDQ5LWNiNTZlZDNlYTdmYS8x
L3pZZ1NsRVhLRElPZ1NHN0E2RTl4UG8wTHlXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
MjQxNDlkLWQxMTUtNDMzMC1iZDQ5LWNiNTZlZDNlYTdmYS8xLzNCQ0p5VUsyZ0RO
b08wM1ZCc0REYjNTLURxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoJpEesHjANBgkqhkiG9w0BAQsF
AAOCAQEAUOdXn+kg2bd4Uvb7wpFrVsyHnB2KwmEUj3srL+Ohm8UmEj1m/su9IrXx
Bxqer8+TsVxlV8CU/KViFGsVBIu9UootEoaC9Mna0/iGTua5+2FEw+QVydQaciGH
vyQ6Cn6qnJi4G9o0gnnQhE3tqeIR2IfyF+hw+EPp8WXGnq58/Owd8f3N7dV7RA8i
yu2TIJ2tlQ4U2a/RchV25K//0LOkRdmJ57YUM15PD32Iyclk9Mc/I+7ahMKf6XIs
97JrptCI+ZVaM77OxUG++L+MUaLvgwKo4yZiHQIFIs+zOIffhHeRWUxPTiUgET+H
29SiunsoBxgLJQ4QBJeJ0CSFCDnY8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-fra.rpki-client.org