Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/i-nOIAv6Fa0VSH3-eB1f5l8yBcw.roa
File: i-nOIAv6Fa0VSH3-eB1f5l8yBcw.roa (raw, json)
Hash identifier: GkxUzpNyKlHDYmULRupWj0Rsjkm5Q1WSyWUn9pKCPuM=
Subject key identifier: 8B:E9:CE:20:0B:FA:15:AD:15:48:7D:FE:78:1D:5F:E6:5F:32:05:CC
Certificate issuer: /CN=535761913f575c411c992322ebb06cd2f37f02a2
Certificate serial: 3F9B1CEB
Authority key identifier: 53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/i-nOIAv6Fa0VSH3-eB1f5l8yBcw.roa
Signing time: Sat 01 Jan 2022 02:52:14 +0000
ROA not before: Sat 01 Jan 2022 02:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8422
IP address blocks: 2a00:a200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1067130091 (0x3f9b1ceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535761913f575c411c992322ebb06cd2f37f02a2
Validity
Not Before: Jan 1 02:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8be9ce200bfa15ad15487dfe781d5fe65f3205cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a9:2c:6d:21:14:41:08:38:73:52:f5:de:9f:
4b:99:43:d4:ef:19:d0:67:1d:1e:18:90:45:05:5f:
c2:05:8a:c8:a5:8c:88:9e:28:3b:14:f3:ec:3d:5c:
b9:ce:d7:22:6c:e6:2e:11:a9:3a:e0:ef:15:f0:16:
ef:18:7c:77:43:1e:78:34:d5:16:45:a6:45:10:89:
5f:45:79:b4:14:79:ee:e5:62:06:9d:2d:bb:d3:fc:
1d:27:ce:c8:6e:cd:dd:08:33:ad:3a:bd:0f:db:76:
6e:46:cd:98:11:17:02:9e:21:14:f5:c8:54:2e:a4:
c0:39:31:85:0f:ac:f9:5b:0d:a5:59:15:24:15:8c:
91:4b:05:ef:e8:3b:0e:6b:0d:c7:c4:a2:ec:ba:5b:
84:f2:8b:96:23:13:ef:18:69:bc:00:c5:41:3e:90:
67:d7:a5:c3:d7:54:f5:da:84:6b:03:24:c3:3f:b9:
34:2c:f2:26:d2:28:d8:1a:a6:11:0b:a3:f4:63:2b:
57:d6:d0:63:19:92:a5:60:ce:df:06:79:bc:9e:e5:
a7:87:ee:dd:fe:c6:f8:09:a7:17:a5:eb:85:af:7f:
cf:1e:dd:b2:65:59:2c:33:fc:70:a8:6d:6e:ff:66:
78:4e:76:b2:82:7c:82:31:9b:94:35:7a:f5:67:fa:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E9:CE:20:0B:FA:15:AD:15:48:7D:FE:78:1D:5F:E6:5F:32:05:CC
X509v3 Authority Key Identifier:
keyid:53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/i-nOIAv6Fa0VSH3-eB1f5l8yBcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:a200::/32
Signature Algorithm: sha256WithRSAEncryption
35:72:0b:1a:a8:ed:c7:01:8b:77:19:78:1a:de:c6:05:5c:2f:
69:eb:5c:b9:15:78:84:f1:58:67:29:3f:4a:1b:19:70:67:74:
9e:ea:17:8a:aa:3c:aa:8d:34:62:dc:fa:fb:14:dc:7c:83:21:
24:1a:9c:a2:10:f6:e4:a3:6c:d1:03:e6:dc:b5:57:29:77:03:
f4:5b:46:e3:77:f1:4f:c4:79:7a:14:d9:97:fb:f4:db:83:47:
db:36:62:77:88:c4:91:81:97:bd:10:ad:ad:3a:28:f4:c5:a1:
ae:67:4a:c2:00:c9:20:29:7d:80:e6:9c:8e:4f:15:4a:dc:3b:
5d:82:1f:db:1c:b4:72:ed:70:a1:5e:c6:32:eb:81:aa:17:b8:
d1:79:7d:91:aa:b6:d8:de:64:22:6a:37:bb:d5:5b:78:ea:e4:
de:98:c1:ea:82:b0:63:fe:97:32:34:8c:78:f0:63:2c:61:11:
c6:e9:8d:b5:f9:cf:79:cd:37:4f:ca:cb:93:be:e8:40:a4:35:
6a:f4:30:94:72:96:67:80:3e:2e:fd:86:ad:4a:bb:ac:4f:47:
e7:20:36:89:0a:63:fb:85:ff:e9:de:68:e2:f6:1f:2f:83:cb:
c8:4a:c2:48:5e:8c:6c:c6:e5:87:10:ac:bc:61:3c:51:11:30:
75:e3:04:a6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEP5sc6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzU3NjE5MTNmNTc1YzQxMWM5OTIzMjJlYmIwNmNkMmYzN2YwMmEyMB4XDTIyMDEw
MTAyNTIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJlOWNlMjAwYmZh
MTVhZDE1NDg3ZGZlNzgxZDVmZTY1ZjMyMDVjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMapLG0hFEEIOHNS9d6fS5lD1O8Z0GcdHhiQRQVfwgWKyKWM
iJ4oOxTz7D1cuc7XImzmLhGpOuDvFfAW7xh8d0MeeDTVFkWmRRCJX0V5tBR57uVi
Bp0tu9P8HSfOyG7N3QgzrTq9D9t2bkbNmBEXAp4hFPXIVC6kwDkxhQ+s+VsNpVkV
JBWMkUsF7+g7DmsNx8Si7LpbhPKLliMT7xhpvADFQT6QZ9elw9dU9dqEawMkwz+5
NCzyJtIo2BqmEQuj9GMrV9bQYxmSpWDO3wZ5vJ7lp4fu3f7G+AmnF6Xrha9/zx7d
smVZLDP8cKhtbv9meE52soJ8gjGblDV69Wf6PN8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSL6c4gC/oVrRVIff54HV/mXzIFzDAfBgNVHSMEGDAWgBRTV2GRP1dcQRyZ
IyLrsGzS838CojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UxZGhrVDlYWEVFY21TTWk2N0JzMHZOX0FxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvOWYwMGE5LWI2MGYtNGUzMi05MDM3LTA0ZGZjMzY2M2UzNS8x
L2ktbk9JQXY2RmEwVlNIMy1lQjFmNWw4eUJjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
OWYwMGE5LWI2MGYtNGUzMi05MDM3LTA0ZGZjMzY2M2UzNS8xL1UxZGhrVDlYWEVF
Y21TTWk2N0JzMHZOX0FxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAogAwDQYJKoZIhvcNAQELBQAD
ggEBADVyCxqo7ccBi3cZeBrexgVcL2nrXLkVeITxWGcpP0obGXBndJ7qF4qqPKqN
NGLc+vsU3HyDISQanKIQ9uSjbNED5ty1Vyl3A/RbRuN38U/EeXoU2Zf79NuDR9s2
YneIxJGBl70Qra06KPTFoa5nSsIAySApfYDmnI5PFUrcO12CH9sctHLtcKFexjLr
gaoXuNF5fZGqttjeZCJqN7vVW3jq5N6YweqCsGP+lzI0jHjwYyxhEcbpjbX5z3nN
N0/Ky5O+6ECkNWr0MJRylmeAPi79hq1Ku6xPR+cgNokKY/uF/+neaOL2Hy+Dy8hK
wkhejGzG5YcQrLxhPFERMHXjBKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:03 2024 by rpki-client on console-fra.rpki-client.org