Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/bbhCpXmu_yKc0TJnUp60oqHotDE.roa
File: bbhCpXmu_yKc0TJnUp60oqHotDE.roa (raw, json)
Hash identifier: 6YoJShJrX7h0MnF85HqNAbGQI7HArG/fXfgWidny1T0=
Subject key identifier: 6D:B8:42:A5:79:AE:FF:22:9C:D1:32:67:52:9E:B4:A2:A1:E8:B4:31
Certificate issuer: /CN=5708661c6aeecacd9b71176a72de96c9b4509439
Certificate serial: BA325C
Authority key identifier: 57:08:66:1C:6A:EE:CA:CD:9B:71:17:6A:72:DE:96:C9:B4:50:94:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwhmHGruys2bcRdqct6WybRQlDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/bbhCpXmu_yKc0TJnUp60oqHotDE.roa
Signing time: Sat 01 Jan 2022 12:57:47 +0000
ROA not before: Sat 01 Jan 2022 12:57:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25182
IP address blocks: 2a02:458::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12202588 (0xba325c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5708661c6aeecacd9b71176a72de96c9b4509439
Validity
Not Before: Jan 1 12:57:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6db842a579aeff229cd13267529eb4a2a1e8b431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:dd:8e:13:1c:a4:ab:f6:02:24:e9:9c:2c:
ba:5c:b4:52:4c:84:13:e5:09:13:0a:03:f3:39:3a:
77:e0:37:5a:5c:25:eb:20:f8:9c:bf:6c:c8:12:3d:
57:23:c6:fb:5e:d5:30:ea:b9:1e:4f:02:79:56:79:
2e:f7:8e:ce:36:b2:ba:1f:47:3d:dc:3d:12:e9:05:
77:42:8b:4e:eb:6d:3e:1e:41:e3:03:7b:34:c8:58:
42:1f:02:32:3d:26:87:e5:5e:e8:10:1a:83:60:80:
17:21:ab:18:48:2a:6c:7c:4b:6f:7b:45:63:6a:97:
e0:2e:fe:59:71:75:55:7f:60:34:da:93:3f:b7:33:
79:b9:4f:36:6f:4b:3e:c7:7f:8f:58:cd:7e:40:64:
cd:e8:68:49:94:a1:b5:2a:09:be:0d:85:72:1f:10:
03:dd:ff:5a:65:a5:5f:40:ab:61:85:df:78:4f:97:
08:42:9e:e9:fd:74:03:00:59:35:6c:03:ea:8d:0c:
dd:9c:cd:79:c4:db:d1:ff:15:b5:83:6f:28:34:14:
65:7e:69:bf:df:5f:47:92:26:77:fa:ee:8e:87:5b:
ac:26:48:db:5d:47:c8:81:74:b3:26:ec:8b:21:09:
e2:33:e9:df:9c:04:23:82:6c:48:e6:96:41:d1:19:
fb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B8:42:A5:79:AE:FF:22:9C:D1:32:67:52:9E:B4:A2:A1:E8:B4:31
X509v3 Authority Key Identifier:
keyid:57:08:66:1C:6A:EE:CA:CD:9B:71:17:6A:72:DE:96:C9:B4:50:94:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwhmHGruys2bcRdqct6WybRQlDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/bbhCpXmu_yKc0TJnUp60oqHotDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/647a4a-d2fd-43e0-8f3b-44108162e492/1/VwhmHGruys2bcRdqct6WybRQlDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:458::/32
Signature Algorithm: sha256WithRSAEncryption
64:d7:7c:de:c8:2f:fe:af:dd:3c:8b:9b:df:38:66:f9:34:14:
8b:c2:87:d9:44:a1:82:a2:61:c7:07:89:43:98:80:35:2a:b4:
87:13:fc:96:8f:97:ae:e4:1a:70:fe:a4:1a:97:2f:79:11:2a:
ae:f8:7c:2b:01:4b:5f:65:d8:67:09:af:fc:60:ad:6c:3e:83:
ca:05:d7:77:53:31:cc:8c:45:5f:0d:20:02:42:74:c4:59:6d:
ee:c8:a3:15:0f:27:84:5d:3f:01:f6:5b:32:8d:71:25:0a:18:
21:b3:6c:aa:03:7e:43:fc:0e:7b:31:57:c1:8d:81:66:98:4f:
65:bc:20:5b:27:2f:ac:82:a9:22:eb:b2:9c:f8:58:a1:48:8d:
ec:99:e4:99:52:3c:a2:e7:54:14:ec:45:2f:b2:38:ab:6f:c1:
25:77:8f:3f:d4:71:5f:41:8b:a3:04:ed:f0:99:57:3c:21:03:
36:c3:e8:2f:38:3d:c4:a1:a8:2a:13:01:1e:dd:a9:70:71:8c:
f7:ef:8f:78:1f:da:f2:8c:0d:d3:59:64:06:59:c4:6f:5d:c6:
9d:73:f2:9f:a5:47:10:e6:28:ab:cd:12:94:ef:95:6c:03:6d:
d5:ff:3d:cb:08:fb:6c:9d:e9:d2:c3:8c:8b:df:02:1e:96:21:
20:a4:6f:91
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEALoyXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzA4NjYxYzZhZWVjYWNkOWI3MTE3NmE3MmRlOTZjOWI0NTA5NDM5MB4XDTIyMDEw
MTEyNTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRiODQyYTU3OWFl
ZmYyMjljZDEzMjY3NTI5ZWI0YTJhMWU4YjQzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbF3Y4THKSr9gIk6Zwsuly0UkyEE+UJEwoD8zk6d+A3Wlwl
6yD4nL9syBI9VyPG+17VMOq5Hk8CeVZ5LveOzjayuh9HPdw9EukFd0KLTuttPh5B
4wN7NMhYQh8CMj0mh+Ve6BAag2CAFyGrGEgqbHxLb3tFY2qX4C7+WXF1VX9gNNqT
P7czeblPNm9LPsd/j1jNfkBkzehoSZShtSoJvg2Fch8QA93/WmWlX0CrYYXfeE+X
CEKe6f10AwBZNWwD6o0M3ZzNecTb0f8VtYNvKDQUZX5pv99fR5Imd/rujodbrCZI
211HyIF0sybsiyEJ4jPp35wEI4JsSOaWQdEZ+3MCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRtuEKlea7/IpzRMmdSnrSioei0MTAfBgNVHSMEGDAWgBRXCGYcau7KzZtx
F2py3pbJtFCUOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z3aG1IR3J1eXMyYmNSZHFjdDZXeWJSUWxEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvNjQ3YTRhLWQyZmQtNDNlMC04ZjNiLTQ0MTA4MTYyZTQ5Mi8x
L2JiaENwWG11X3lLYzBUSm5VcDYwb3FIb3RERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
NjQ3YTRhLWQyZmQtNDNlMC04ZjNiLTQ0MTA4MTYyZTQ5Mi8xL1Z3aG1IR3J1eXMy
YmNSZHFjdDZXeWJSUWxEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoCBFgwDQYJKoZIhvcNAQELBQAD
ggEBAGTXfN7IL/6v3TyLm984Zvk0FIvCh9lEoYKiYccHiUOYgDUqtIcT/JaPl67k
GnD+pBqXL3kRKq74fCsBS19l2GcJr/xgrWw+g8oF13dTMcyMRV8NIAJCdMRZbe7I
oxUPJ4RdPwH2WzKNcSUKGCGzbKoDfkP8DnsxV8GNgWaYT2W8IFsnL6yCqSLrspz4
WKFIjeyZ5JlSPKLnVBTsRS+yOKtvwSV3jz/UcV9Bi6ME7fCZVzwhAzbD6C84PcSh
qCoTAR7dqXBxjPfvj3gf2vKMDdNZZAZZxG9dxp1z8p+lRxDmKKvNEpTvlWwDbdX/
PcsI+2yd6dLDjIvfAh6WISCkb5E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:58 2023 by rpki-client on console-ams.rpki-client.org