Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/Ie7xPZ8cqn3gkYTMLdYuWr16HHI.roa
File: Ie7xPZ8cqn3gkYTMLdYuWr16HHI.roa (raw, json)
Hash identifier: IocLMyq//e8AxBnvkHh+fYfOG9bVh4B19nGNVfDdl7M=
Subject key identifier: 21:EE:F1:3D:9F:1C:AA:7D:E0:91:84:CC:2D:D6:2E:5A:BD:7A:1C:72
Certificate issuer: /CN=ee9f79ab1d59847ff1f2e961218c159af264d835
Certificate serial: B10E0E
Authority key identifier: EE:9F:79:AB:1D:59:84:7F:F1:F2:E9:61:21:8C:15:9A:F2:64:D8:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7p95qx1ZhH_x8ulhIYwVmvJk2DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/Ie7xPZ8cqn3gkYTMLdYuWr16HHI.roa
Signing time: Sat 01 Jan 2022 07:59:34 +0000
ROA not before: Sat 01 Jan 2022 07:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210660
IP address blocks: 2001:678:cdc::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11603470 (0xb10e0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee9f79ab1d59847ff1f2e961218c159af264d835
Validity
Not Before: Jan 1 07:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21eef13d9f1caa7de09184cc2dd62e5abd7a1c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:17:81:c2:c8:59:a6:77:87:3e:a1:11:e9:
e9:f7:a2:d6:39:ff:2f:78:a9:17:67:fa:ce:c5:8c:
4e:52:99:e1:98:d4:86:01:d3:7c:7d:30:4e:33:79:
01:a1:b4:06:38:f8:63:be:de:c0:7d:e8:66:a9:2b:
df:c2:8b:63:4a:bd:92:bb:d0:58:1f:43:3f:9a:52:
0d:f8:5c:8b:87:66:46:e6:40:86:13:fc:32:5b:8e:
14:cf:33:38:56:9b:47:0b:6c:87:d4:9d:34:72:d6:
8e:de:f0:fa:1d:99:5c:a1:e4:72:0f:ef:c3:77:dc:
b3:cd:c1:0d:ae:e2:11:04:79:2a:bf:dc:87:d2:f3:
e6:65:ea:55:de:80:2a:c1:67:8b:c7:c0:53:fa:a0:
3c:f8:fe:3b:0d:ea:84:95:af:90:ff:f7:0a:71:9c:
50:54:d3:1f:52:bc:c0:e3:a6:36:bc:15:7f:ed:3b:
71:b1:72:28:3d:5c:00:64:8f:93:b8:13:8b:fe:fa:
60:09:6e:3a:a8:07:95:e7:b8:ec:32:be:19:01:5f:
56:34:81:68:38:d1:2e:32:71:65:0b:46:4c:32:66:
58:5a:97:3e:37:2f:b1:85:e5:39:81:72:db:b6:ed:
f1:a0:f3:24:8b:f6:2b:cb:cb:d4:92:e6:b7:2f:27:
47:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EE:F1:3D:9F:1C:AA:7D:E0:91:84:CC:2D:D6:2E:5A:BD:7A:1C:72
X509v3 Authority Key Identifier:
keyid:EE:9F:79:AB:1D:59:84:7F:F1:F2:E9:61:21:8C:15:9A:F2:64:D8:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7p95qx1ZhH_x8ulhIYwVmvJk2DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/Ie7xPZ8cqn3gkYTMLdYuWr16HHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/7p95qx1ZhH_x8ulhIYwVmvJk2DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cdc::/48
Signature Algorithm: sha256WithRSAEncryption
94:02:62:0e:26:59:eb:52:15:14:6f:b4:2e:71:52:e9:f7:c5:
4a:b4:5c:e5:75:55:0c:07:d3:61:a2:a3:45:82:b4:3e:ad:1c:
d7:96:07:81:dc:e7:cc:bf:18:44:c2:4d:17:59:b4:c7:1c:e9:
f4:ad:3e:ef:2f:b4:cd:ee:32:92:4a:9f:88:67:be:d1:b1:10:
55:27:60:4a:8d:a8:53:a5:59:24:da:e1:55:4c:8e:12:9d:64:
87:07:79:2c:f8:e7:e0:2f:6d:c4:ce:17:bc:a9:ff:55:0f:60:
80:46:24:90:1c:c7:5e:92:1b:3e:f0:ac:0d:7e:d7:37:a4:ca:
84:fe:4f:10:7d:83:a1:9a:e2:9b:a9:d9:0e:8a:27:1b:e1:7c:
35:4c:13:1e:e8:96:d0:65:7f:67:33:0e:91:b9:3f:04:a7:a8:
d6:8e:e9:7c:71:f0:18:0b:b1:5f:b6:30:32:bd:64:ff:ee:b9:
e5:c1:6c:42:31:7b:74:63:cf:1b:89:44:56:39:88:e7:3a:44:
8c:70:77:23:22:6f:28:c5:ad:d9:4a:bf:e2:12:49:7d:08:b9:
fd:7e:8d:3c:24:f4:2a:03:9d:aa:4a:d2:26:27:c0:97:6a:b7:
ef:cd:5e:22:c5:f5:f5:57:b1:71:fc:dd:4e:2b:30:ab:7f:a4:
bb:cd:16:a0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEALEODjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTlmNzlhYjFkNTk4NDdmZjFmMmU5NjEyMThjMTU5YWYyNjRkODM1MB4XDTIyMDEw
MTA3NTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFlZWYxM2Q5ZjFj
YWE3ZGUwOTE4NGNjMmRkNjJlNWFiZDdhMWM3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+xF4HCyFmmd4c+oRHp6fei1jn/L3ipF2f6zsWMTlKZ4ZjU
hgHTfH0wTjN5AaG0Bjj4Y77ewH3oZqkr38KLY0q9krvQWB9DP5pSDfhci4dmRuZA
hhP8MluOFM8zOFabRwtsh9SdNHLWjt7w+h2ZXKHkcg/vw3fcs83BDa7iEQR5Kr/c
h9Lz5mXqVd6AKsFni8fAU/qgPPj+Ow3qhJWvkP/3CnGcUFTTH1K8wOOmNrwVf+07
cbFyKD1cAGSPk7gTi/76YAluOqgHlee47DK+GQFfVjSBaDjRLjJxZQtGTDJmWFqX
PjcvsYXlOYFy27bt8aDzJIv2K8vL1JLmty8nRz0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQh7vE9nxyqfeCRhMwt1i5avXoccjAfBgNVHSMEGDAWgBTun3mrHVmEf/Hy
6WEhjBWa8mTYNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdwOTVxeDFaaEhfeDh1bGhJWXdWbXZKazJEVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNTdjYTc2LTM0NTctNDZlZC05MzI0LWVhN2ExNzEyOGEwNS8x
L0llN3hQWjhjcW4zZ2tZVE1MZFl1V3IxNkhISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NTdjYTc2LTM0NTctNDZlZC05MzI0LWVhN2ExNzEyOGEwNS8xLzdwOTVxeDFaaEhf
eDh1bGhJWXdWbXZKazJEVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngM3DANBgkqhkiG9w0BAQsF
AAOCAQEAlAJiDiZZ61IVFG+0LnFS6ffFSrRc5XVVDAfTYaKjRYK0Pq0c15YHgdzn
zL8YRMJNF1m0xxzp9K0+7y+0ze4ykkqfiGe+0bEQVSdgSo2oU6VZJNrhVUyOEp1k
hwd5LPjn4C9txM4XvKn/VQ9ggEYkkBzHXpIbPvCsDX7XN6TKhP5PEH2DoZrim6nZ
DoonG+F8NUwTHuiW0GV/ZzMOkbk/BKeo1o7pfHHwGAuxX7YwMr1k/+655cFsQjF7
dGPPG4lEVjmI5zpEjHB3IyJvKMWt2Uq/4hJJfQi5/X6NPCT0KgOdqkrSJifAl2q3
781eIsX19VexcfzdTiswq3+ku80WoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:45 2023 by rpki-client on console-ams.rpki-client.org