Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9a7dda-0f68-4088-a075-e7fdf7741a65/1/9wlTE2fosWbUBFtNV_wTelMV2tM.roa
File: 9wlTE2fosWbUBFtNV_wTelMV2tM.roa (raw, json)
Hash identifier: 4s87pYr7ORFjfbX6j0CBcXqfIZ4BCmkYZc6jLFUVliY=
Subject key identifier: F7:09:53:13:67:E8:B1:66:D4:04:5B:4D:57:FC:13:7A:53:15:DA:D3
Certificate issuer: /CN=09a8ed97abe8b8014dd31c2c244f9f28f5f97a21
Certificate serial: 0185586E4C1A67425B61B649CBE9768EA2B0
Authority key identifier: 09:A8:ED:97:AB:E8:B8:01:4D:D3:1C:2C:24:4F:9F:28:F5:F9:7A:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cajtl6vouAFN0xwsJE-fKPX5eiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9a7dda-0f68-4088-a075-e7fdf7741a65/1/9wlTE2fosWbUBFtNV_wTelMV2tM.roa
Signing time: Wed 28 Dec 2022 11:11:41 +0000
ROA not before: Wed 28 Dec 2022 11:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208663
IP address blocks: 2a0e:840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:6e:4c:1a:67:42:5b:61:b6:49:cb:e9:76:8e:a2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a8ed97abe8b8014dd31c2c244f9f28f5f97a21
Validity
Not Before: Dec 28 11:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f709531367e8b166d4045b4d57fc137a5315dad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c3:a0:08:5f:fd:de:e6:da:16:25:ca:f4:90:
8b:43:5f:56:62:70:7d:ce:dd:6a:a2:b3:3d:6d:b6:
f5:8b:9b:64:f8:86:2f:97:9a:b9:65:84:1d:7a:4d:
15:09:d2:22:a2:bb:f7:4a:f2:e0:7f:22:fc:27:91:
7a:00:f3:96:80:cf:95:c4:a1:ce:b3:d9:fa:08:27:
4e:b9:55:0b:16:ff:0e:b7:9a:07:0e:84:d1:e4:bf:
9d:d3:79:64:82:74:26:37:e3:b1:7f:fc:b0:69:63:
50:8b:1d:dc:a7:48:f1:30:0a:89:1d:77:55:09:12:
21:b5:c2:a7:4c:2c:86:78:fb:7d:ab:0c:7a:2e:26:
67:4a:cf:f7:39:91:2d:32:9c:b1:89:a3:cb:62:88:
09:a3:4f:3b:d4:a2:28:d8:cb:57:c7:c3:5c:81:3a:
57:43:b9:38:0c:53:84:9c:4e:21:a7:5e:c9:6f:36:
63:f8:c9:ea:ee:00:65:13:97:1f:f8:ac:12:43:91:
4c:bf:51:63:13:76:da:76:c5:d2:07:cc:53:cc:f7:
25:77:64:2d:bb:d0:9f:c2:39:45:c8:e7:6f:fe:69:
9a:2f:f1:44:5f:b3:2c:53:f1:bd:be:62:71:7e:66:
f3:f5:fd:ec:28:0f:23:1d:b2:4e:75:d1:bf:fb:f9:
ae:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:53:13:67:E8:B1:66:D4:04:5B:4D:57:FC:13:7A:53:15:DA:D3
X509v3 Authority Key Identifier:
keyid:09:A8:ED:97:AB:E8:B8:01:4D:D3:1C:2C:24:4F:9F:28:F5:F9:7A:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cajtl6vouAFN0xwsJE-fKPX5eiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9a7dda-0f68-4088-a075-e7fdf7741a65/1/9wlTE2fosWbUBFtNV_wTelMV2tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9a7dda-0f68-4088-a075-e7fdf7741a65/1/Cajtl6vouAFN0xwsJE-fKPX5eiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:840::/29
Signature Algorithm: sha256WithRSAEncryption
66:bd:10:a8:5d:fd:b2:37:59:18:f5:b1:e2:41:18:c2:41:13:
98:04:11:7a:cb:48:13:d5:dd:0b:74:f9:d2:ef:c6:0c:73:71:
10:38:b1:34:81:1e:aa:1e:76:22:36:1c:a0:2c:31:21:e7:71:
54:21:68:93:39:79:bf:98:c2:cb:3a:ab:33:a2:01:85:6f:b3:
75:21:fc:1e:0b:43:87:b2:38:7a:8f:c8:9c:68:45:fe:b4:76:
b8:17:91:54:87:a1:84:40:ad:c9:4c:cb:94:e4:37:39:04:fd:
2e:99:96:14:40:28:4c:1e:32:dc:9a:5f:56:8a:a9:18:b2:0d:
43:c1:e4:4f:d5:94:06:ab:ba:d2:30:ad:1a:c7:9e:d7:c0:81:
0b:6f:ec:d8:5c:87:df:e2:d1:ad:0f:78:63:37:84:d5:20:9f:
55:5b:22:92:28:60:b0:a9:ea:46:37:4c:ff:0b:48:ac:fd:b3:
e8:1a:5d:cc:b1:e7:f0:4d:db:4b:c0:e3:da:6d:8d:d1:30:8b:
8e:8e:75:1b:e5:70:7b:12:40:d4:09:8a:b3:7c:37:f2:34:cf:
f1:ab:08:97:31:77:8d:35:84:9c:32:d6:3c:a7:53:03:90:2d:
44:06:f9:50:3d:8f:11:6a:0d:e9:2c:fa:2f:9c:e5:fa:e2:f2:
08:7a:a1:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVYbkwaZ0JbYbZJy+l2jqKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YThlZDk3YWJlOGI4MDE0ZGQzMWMyYzI0NGY5ZjI4ZjVm
OTdhMjEwHhcNMjIxMjI4MTExMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA5NTMxMzY3ZThiMTY2ZDQwNDViNGQ1N2ZjMTM3YTUzMTVkYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMOgCF/93ubaFiXK9JCLQ19WYnB9
zt1qorM9bbb1i5tk+IYvl5q5ZYQdek0VCdIiorv3SvLgfyL8J5F6APOWgM+VxKHO
s9n6CCdOuVULFv8Ot5oHDoTR5L+d03lkgnQmN+Oxf/ywaWNQix3cp0jxMAqJHXdV
CRIhtcKnTCyGePt9qwx6LiZnSs/3OZEtMpyxiaPLYogJo0871KIo2MtXx8NcgTpX
Q7k4DFOEnE4hp17JbzZj+Mnq7gBlE5cf+KwSQ5FMv1FjE3badsXSB8xTzPcld2Qt
u9CfwjlFyOdv/mmaL/FEX7MsU/G9vmJxfmbz9f3sKA8jHbJOddG/+/muoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPcJUxNn6LFm1ARbTVf8E3pTFdrTMB8GA1UdIwQY
MBaAFAmo7Zer6LgBTdMcLCRPnyj1+XohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FqdGw2dm91QUZOMHh3c0pFLWZLUFg1ZWlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85YTdkZGEtMGY2OC00MDg4LWEwNzUt
ZTdmZGY3NzQxYTY1LzEvOXdsVEUyZm9zV2JVQkZ0TlZfd1RlbE1WMnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85YTdkZGEtMGY2OC00MDg4LWEwNzUtZTdmZGY3NzQxYTY1
LzEvQ2FqdGw2dm91QUZOMHh3c0pFLWZLUFg1ZWlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4IQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZr0QqF39sjdZGPWx4kEYwkETmAQRestIE9XdC3T5
0u/GDHNxEDixNIEeqh52IjYcoCwxIedxVCFokzl5v5jCyzqrM6IBhW+zdSH8HgtD
h7I4eo/InGhF/rR2uBeRVIehhECtyUzLlOQ3OQT9LpmWFEAoTB4y3JpfVoqpGLIN
Q8HkT9WUBqu60jCtGsee18CBC2/s2FyH3+LRrQ94YzeE1SCfVVsikihgsKnqRjdM
/wtIrP2z6BpdzLHn8E3bS8Dj2m2N0TCLjo51G+VwexJA1AmKs3w38jTP8asIlzF3
jTWEnDLWPKdTA5AtRAb5UD2PEWoN6Sz6L5zl+uLyCHqh9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:33 2023 by rpki-client on console-ams.rpki-client.org