Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-h1wrxBAZNjWeO0GjxdoGRBY1T4.roa
File: 1-h1wrxBAZNjWeO0GjxdoGRBY1T4.roa (raw, json)
Hash identifier: 72geN9EE1vHrIHfPGyIhdU6VdOMsrsw8ycpQxFxdCzQ=
Subject key identifier: FA:1D:70:AF:10:40:64:D8:D6:78:ED:06:8F:17:68:19:10:58:D5:3E
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0B413572
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-h1wrxBAZNjWeO0GjxdoGRBY1T4.roa
Signing time: Sat 01 Jan 2022 13:04:55 +0000
ROA not before: Sat 01 Jan 2022 13:04:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33823
IP address blocks: 2a05:b680::/48 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188822898 (0xb413572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 13:04:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa1d70af104064d8d678ed068f1768191058d53e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:a7:8c:4c:a8:b8:72:92:97:24:e1:15:c4:
15:8c:11:a9:84:08:84:1e:fe:ba:80:30:a3:22:2c:
69:5b:a8:b3:b8:34:a3:bf:93:fe:f7:c4:c4:0d:12:
a0:a4:83:79:df:7f:11:50:c0:14:66:74:40:ee:7b:
6e:1a:7e:07:15:e5:91:97:94:3b:20:5e:20:f5:71:
d4:ab:7a:64:81:f3:95:72:93:c9:f1:29:e2:ff:f0:
60:2e:a2:8d:e1:02:36:8d:6e:8f:b6:46:96:8b:47:
e4:34:75:1f:c7:24:79:cf:c1:bc:25:36:28:8c:b7:
c3:6b:ad:7a:2b:8e:7d:d2:c5:8d:2f:f7:87:c5:19:
cc:ff:45:70:ab:c1:f9:42:88:ef:0c:d9:0e:52:92:
0b:81:1c:a2:27:cb:80:54:22:62:38:18:62:aa:ca:
8e:bd:26:6e:30:1e:e2:aa:a8:43:ab:89:12:81:30:
5f:70:c2:97:19:c7:80:97:49:71:e4:25:a6:74:5e:
1e:57:05:b8:6e:49:8f:d7:36:7d:7a:94:f2:06:af:
82:4c:df:51:e1:7f:4a:c9:fc:8f:b8:7e:a0:ed:80:
2a:b5:91:46:b8:b3:61:a0:07:40:6a:47:85:95:1b:
cf:50:dd:75:32:64:2a:78:fc:31:1f:70:3c:70:3c:
a1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1D:70:AF:10:40:64:D8:D6:78:ED:06:8F:17:68:19:10:58:D5:3E
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-h1wrxBAZNjWeO0GjxdoGRBY1T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b680::/48
Signature Algorithm: sha256WithRSAEncryption
18:3b:9d:ff:2b:0f:f6:bf:5d:b1:1b:2a:5b:2b:cb:d1:0b:1f:
86:92:52:c0:1e:51:46:52:d3:d9:a2:fa:60:be:6e:65:03:6d:
16:1c:32:5b:c4:5f:66:4c:22:3e:2d:88:6f:0c:53:09:da:62:
ba:5d:29:1f:c9:47:65:31:7c:dc:6c:dd:75:d4:03:8b:47:d8:
df:6d:19:5b:e7:93:3a:91:63:18:69:48:e2:30:0e:b1:bc:b8:
cd:e5:aa:8f:a0:75:11:44:b5:c8:5c:17:1f:7b:f8:62:85:5d:
e9:00:d5:28:a8:d2:b1:48:97:f8:57:58:33:d3:8b:eb:9f:21:
b0:5d:56:79:21:3d:1d:43:44:26:cd:1b:05:e5:b7:df:4c:a0:
88:07:81:9e:83:1b:82:d7:90:26:cd:60:07:6c:a8:e6:49:e2:
44:9c:42:87:58:a6:60:58:28:6f:93:56:18:59:c1:2b:e0:20:
47:ee:40:c2:09:7c:44:75:4e:69:84:f9:df:0f:b4:e4:91:d4:
4e:e6:2f:ff:fc:30:10:dd:d4:76:25:73:9f:10:cb:7b:56:91:
71:58:f3:ed:63:6e:69:7d:9f:9a:6c:73:0d:94:0a:94:1f:72:
83:e7:7e:85:77:b6:6a:2f:9b:3f:89:c1:8b:3d:b0:a0:96:b9:
74:f9:1d:ef
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEC0E1cjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEw
MTEzMDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmExZDcwYWYxMDQw
NjRkOGQ2NzhlZDA2OGYxNzY4MTkxMDU4ZDUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJump4xMqLhykpck4RXEFYwRqYQIhB7+uoAwoyIsaVuos7g0
o7+T/vfExA0SoKSDed9/EVDAFGZ0QO57bhp+BxXlkZeUOyBeIPVx1Kt6ZIHzlXKT
yfEp4v/wYC6ijeECNo1uj7ZGlotH5DR1H8ckec/BvCU2KIy3w2uteiuOfdLFjS/3
h8UZzP9FcKvB+UKI7wzZDlKSC4EcoifLgFQiYjgYYqrKjr0mbjAe4qqoQ6uJEoEw
X3DClxnHgJdJceQlpnReHlcFuG5Jj9c2fXqU8gavgkzfUeF/Ssn8j7h+oO2AKrWR
RrizYaAHQGpHhZUbz1DddTJkKnj8MR9wPHA8odsCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT6HXCvEEBk2NZ47QaPF2gZEFjVPjAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
LzEtaDF3cnhCQVpOaldlTzBHanhkb0dSQlkxVDQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMw
L2IyNmFhOC1hY2U3LTRmYTYtOWU4ZS01ZDQ4YjY1Y2U1NzMvMS9fbGlWTFRrNU5m
RFR2T2dVX1pGNDBFYVRycmsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBbaAAAAwDQYJKoZIhvcNAQEL
BQADggEBABg7nf8rD/a/XbEbKlsry9ELH4aSUsAeUUZS09mi+mC+bmUDbRYcMlvE
X2ZMIj4tiG8MUwnaYrpdKR/JR2UxfNxs3XXUA4tH2N9tGVvnkzqRYxhpSOIwDrG8
uM3lqo+gdRFEtchcFx97+GKFXekA1Sio0rFIl/hXWDPTi+ufIbBdVnkhPR1DRCbN
GwXlt99MoIgHgZ6DG4LXkCbNYAdsqOZJ4kScQodYpmBYKG+TVhhZwSvgIEfuQMIJ
fER1TmmE+d8PtOSR1E7mL//8MBDd1HYlc58Qy3tWkXFY8+1jbml9n5pscw2UCpQf
coPnfoV3tmovmz+JwYs9sKCWuXT5He8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org