Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/0sCS95oOvvc1WVpfBif6jQHRaMs.roa
File: 0sCS95oOvvc1WVpfBif6jQHRaMs.roa (raw, json)
Hash identifier: ub2m9tMOuJ+ki2smmE8MFOI8MgClbzywRDgJThjfWmY=
Subject key identifier: D2:C0:92:F7:9A:0E:BE:F7:35:59:5A:5F:06:27:FA:8D:01:D1:68:CB
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0183889DD61DC8BC7CEB2513CAC889AF905C
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/0sCS95oOvvc1WVpfBif6jQHRaMs.roa
Signing time: Thu 29 Sep 2022 09:39:48 +0000
ROA not before: Thu 29 Sep 2022 09:39:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12859
IP address blocks: 2a0b:8f80:201::/48 maxlen: 48
2a0b:8f80:301::/48 maxlen: 48
2a05:1500:fe00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:9d:d6:1d:c8:bc:7c:eb:25:13:ca:c8:89:af:90:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 29 09:39:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2c092f79a0ebef735595a5f0627fa8d01d168cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:20:7c:7b:7e:c7:57:f5:67:8a:37:84:c9:9b:
1f:dc:84:be:f2:39:1f:cb:8d:a8:1a:a9:4e:28:cf:
80:95:fb:70:27:f7:b1:a0:52:19:8b:44:6f:d5:bd:
27:3b:52:72:09:a0:81:90:02:f8:25:63:be:b9:05:
b4:61:2a:24:eb:b3:e9:c7:0f:a9:2f:6e:9c:fe:c2:
68:f1:99:9a:fa:55:9b:df:63:b6:30:00:2a:f2:01:
15:6b:19:ec:c7:05:a1:ee:e7:d1:d5:c3:94:4b:24:
97:ff:0b:84:4f:54:a2:5c:c5:5e:fe:34:55:00:7f:
46:93:d9:32:af:0c:61:05:b7:ad:00:76:33:57:e1:
d6:99:f9:b9:78:9d:3b:82:9d:ea:e0:ff:ec:72:b2:
94:2a:6c:bd:13:21:f6:7d:be:43:02:be:58:76:28:
d5:43:24:6d:df:41:e3:7a:47:92:da:ef:69:2c:d3:
1d:66:ed:0c:f1:6c:65:0a:54:2d:74:18:36:d6:6a:
c1:30:3e:24:fb:f9:ba:6d:cc:29:4d:41:9b:c6:e7:
3a:54:e6:95:4c:e2:7c:25:72:50:b1:00:a5:4e:ea:
24:1c:8f:d1:b8:06:62:cd:ce:69:de:c3:6b:35:4f:
d7:6c:3b:4a:db:4d:3b:ec:96:09:ed:b6:96:e5:47:
15:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C0:92:F7:9A:0E:BE:F7:35:59:5A:5F:06:27:FA:8D:01:D1:68:CB
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/0sCS95oOvvc1WVpfBif6jQHRaMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1500:fe00::/40
2a0b:8f80:201::/48
2a0b:8f80:301::/48
Signature Algorithm: sha256WithRSAEncryption
2f:79:c6:c5:6c:6e:75:10:e5:53:fe:cd:df:a6:de:c6:40:16:
08:8d:3d:17:6c:90:e9:00:9d:a5:c2:fc:bf:83:9a:f1:bc:64:
04:79:68:99:1d:6b:80:13:47:25:79:ec:e1:f6:34:8b:ba:50:
48:eb:01:e4:1f:bc:4d:45:fd:f8:9c:6f:11:5d:c0:5e:f3:32:
95:b4:b6:f5:e4:d9:6f:99:21:44:ca:36:2e:28:fe:37:4b:aa:
2c:b6:11:5f:f1:42:34:cb:08:00:29:7b:ba:ca:b3:3c:af:ac:
0a:d3:05:6b:03:93:6d:f6:34:5a:8f:92:c5:95:17:f3:65:e4:
f7:22:de:07:44:31:b2:4c:79:05:20:4d:15:c2:c6:e0:db:be:
ad:91:06:6a:88:eb:39:1c:23:dd:eb:0c:e4:86:76:c9:28:39:
a7:6e:53:e3:95:f6:bf:94:55:2c:5f:bc:2b:0c:8f:01:0c:a1:
f7:68:f7:9a:d8:a7:5d:9b:86:89:5b:ea:d3:13:d8:63:f1:e4:
8b:d9:e1:5b:02:cf:f7:32:e0:17:84:14:69:7c:11:bb:50:85:
57:49:6e:1b:86:19:f9:22:06:e1:22:ed:6f:ef:54:b0:61:d9:
ef:aa:d9:e7:24:d6:89:29:f1:01:37:e4:c9:8e:3f:b0:4b:c7:
04:f5:e5:b9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYOIndYdyLx86yUTysiJr5BcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTI5MDkzOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmMwOTJmNzlhMGViZWY3MzU1OTVhNWYwNjI3ZmE4ZDAxZDE2OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSB8e37HV/VnijeEyZsf3IS+8jkf
y42oGqlOKM+AlftwJ/exoFIZi0Rv1b0nO1JyCaCBkAL4JWO+uQW0YSok67Ppxw+p
L26c/sJo8Zma+lWb32O2MAAq8gEVaxnsxwWh7ufR1cOUSySX/wuET1SiXMVe/jRV
AH9Gk9kyrwxhBbetAHYzV+HWmfm5eJ07gp3q4P/scrKUKmy9EyH2fb5DAr5YdijV
QyRt30HjekeS2u9pLNMdZu0M8WxlClQtdBg21mrBMD4k+/m6bcwpTUGbxuc6VOaV
TOJ8JXJQsQClTuokHI/RuAZizc5p3sNrNU/XbDtK20077JYJ7baW5UcV4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNLAkveaDr73NVlaXwYn+o0B0WjLMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvMHNDUzk1b092dmMxV1ZwZkJpZjZqUUhSYU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKgUVAP4D
BwAqC4+AAgEDBwAqC4+AAwEwDQYJKoZIhvcNAQELBQADggEBAC95xsVsbnUQ5VP+
zd+m3sZAFgiNPRdskOkAnaXC/L+DmvG8ZAR5aJkda4ATRyV57OH2NIu6UEjrAeQf
vE1F/ficbxFdwF7zMpW0tvXk2W+ZIUTKNi4o/jdLqiy2EV/xQjTLCAApe7rKszyv
rArTBWsDk232NFqPksWVF/Nl5Pci3gdEMbJMeQUgTRXCxuDbvq2RBmqI6zkcI93r
DOSGdskoOaduU+OV9r+UVSxfvCsMjwEMofdo95rYp12bholb6tMT2GPx5IvZ4VsC
z/cy4BeEFGl8EbtQhVdJbhuGGfkiBuEi7W/vVLBh2e+q2eck1okp8QE35MmOP7BL
xwT15bk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org