Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/d1tLQ01vIlu1FirWx1TKsZIquZ0.roa
File: d1tLQ01vIlu1FirWx1TKsZIquZ0.roa (raw, json)
Hash identifier: 3FKiOXrSiU0A1xoVLZK+m/g53AH4e/qiu0fG78UCq1I=
Subject key identifier: 77:5B:4B:43:4D:6F:22:5B:B5:16:2A:D6:C7:54:CA:B1:92:2A:B9:9D
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 12DCF079
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/d1tLQ01vIlu1FirWx1TKsZIquZ0.roa
Signing time: Sat 01 Jan 2022 13:06:09 +0000
ROA not before: Sat 01 Jan 2022 13:06:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213341
IP address blocks: 2a0a:4587:2000::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316469369 (0x12dcf079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 13:06:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=775b4b434d6f225bb5162ad6c754cab1922ab99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:35:da:9e:01:42:8a:52:80:0b:56:81:d2:
5a:d1:7c:40:ca:9b:9a:02:61:9f:39:29:c6:0f:91:
81:89:52:b5:d8:dd:cb:dd:f8:af:41:8f:ad:32:2d:
d0:28:7f:c9:42:42:bb:7d:69:d8:cc:7e:9c:e4:f2:
c6:3d:41:1a:08:85:32:0d:4d:ef:45:7d:fa:3f:7f:
79:18:fd:8a:ce:8d:61:81:1d:77:4d:b2:22:e6:6c:
30:18:1a:df:1e:33:6a:54:c0:cf:46:e7:1d:fe:35:
b6:f9:11:2c:60:3b:89:76:f6:2a:88:9c:09:62:52:
d4:9a:90:ab:42:d3:2f:03:83:02:e9:56:19:3f:79:
b4:48:c7:aa:97:c2:46:15:77:05:50:5a:50:bc:1c:
cf:8a:ac:e9:15:87:dc:0e:72:8d:f7:53:e1:46:b5:
33:59:dd:99:60:e9:3e:d7:41:9d:89:4a:51:03:47:
cc:e2:e0:5e:44:b4:40:84:b1:a6:20:34:d8:0d:b8:
c0:1d:d0:5f:0e:57:65:9c:5b:2d:e6:80:ee:c2:5b:
3a:67:e4:87:a9:e5:ba:85:d5:20:fa:5e:79:c6:bd:
dc:4e:81:36:92:71:41:d1:75:fb:2a:47:ff:ad:7c:
ff:e1:2b:e6:c7:b3:a6:5c:ee:4d:cb:08:60:cd:d5:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5B:4B:43:4D:6F:22:5B:B5:16:2A:D6:C7:54:CA:B1:92:2A:B9:9D
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/d1tLQ01vIlu1FirWx1TKsZIquZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4587:2000::/44
Signature Algorithm: sha256WithRSAEncryption
22:16:2b:ae:34:7f:2f:69:a1:0b:d7:da:b8:ec:4e:70:65:11:
bf:99:1a:23:c5:6a:33:3d:bc:4a:f5:ba:0f:48:ae:23:e1:59:
58:0e:09:62:ac:7e:7a:c9:6b:97:31:b9:57:e1:b0:61:37:a3:
5a:22:c4:66:c1:fe:5e:38:73:c7:af:b9:1f:eb:dd:ff:e1:dd:
62:0a:8c:69:b0:bb:80:31:dd:f9:39:3c:d0:02:58:d4:9b:04:
93:85:ce:b2:5e:79:17:78:58:a2:59:4a:6a:2b:7b:7a:11:36:
0b:1c:ad:12:cf:ee:7e:8a:10:a2:38:13:63:b4:77:cc:6c:f9:
ed:3c:06:92:ff:9a:2c:1f:92:10:f0:12:77:c0:b5:44:40:bd:
19:a9:a7:50:54:8e:77:08:4b:ba:ca:ec:c9:e5:28:dc:32:ae:
01:e2:ee:49:94:4e:d1:5e:36:a4:f2:ff:85:7e:a4:86:97:74:
6f:cf:cb:35:4b:bc:06:40:82:b9:cc:6d:43:08:64:20:3d:45:
11:80:66:0a:a9:d3:a6:c6:92:de:4a:0d:05:77:af:16:c4:65:
68:8a:9a:e7:03:fd:81:95:4e:47:3a:94:00:a4:6f:b8:bd:d4:
51:eb:06:08:65:78:a3:11:06:58:5d:5a:43:e1:b9:55:14:5f:
5b:c1:77:3e
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEEtzweTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGE5NjY2NjRlYzk2ZWRiZDEyZThlODJlOTQwYmZiOWZhZWMxMDVlMB4XDTIyMDEw
MTEzMDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc1YjRiNDM0ZDZm
MjI1YmI1MTYyYWQ2Yzc1NGNhYjE5MjJhYjk5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrgNdqeAUKKUoALVoHSWtF8QMqbmgJhnzkpxg+RgYlStdjd
y934r0GPrTIt0Ch/yUJCu31p2Mx+nOTyxj1BGgiFMg1N70V9+j9/eRj9is6NYYEd
d02yIuZsMBga3x4zalTAz0bnHf41tvkRLGA7iXb2KoicCWJS1JqQq0LTLwODAulW
GT95tEjHqpfCRhV3BVBaULwcz4qs6RWH3A5yjfdT4Ua1M1ndmWDpPtdBnYlKUQNH
zOLgXkS0QISxpiA02A24wB3QXw5XZZxbLeaA7sJbOmfkh6nluoXVIPpeeca93E6B
NpJxQdF1+ypH/618/+Er5sezplzuTcsIYM3VKdECAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBR3W0tDTW8iW7UWKtbHVMqxkiq5nTAfBgNVHSMEGDAWgBT4qWZmTslu29Eu
joLpQL+5+uwQXjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ1LzY0YWI5OS00OWFhLTRhYWUtOGRkNS0zODIzNTVmYzJmZjEv
MS9kMXRMUTAxdklsdTFGaXJXeDFUS3NaSXF1WjAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1
LzY0YWI5OS00OWFhLTRhYWUtOGRkNS0zODIzNTVmYzJmZjEvMS8xLUtsbVprN0pi
dHZSTG82QzZVQ191ZnJzRUY0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgpFhyAAMA0GCSqGSIb3DQEB
CwUAA4IBAQAiFiuuNH8vaaEL19q47E5wZRG/mRojxWozPbxK9boPSK4j4VlYDgli
rH56yWuXMblX4bBhN6NaIsRmwf5eOHPHr7kf693/4d1iCoxpsLuAMd35OTzQAljU
mwSThc6yXnkXeFiiWUpqK3t6ETYLHK0Sz+5+ihCiOBNjtHfMbPntPAaS/5osH5IQ
8BJ3wLVEQL0ZqadQVI53CEu6yuzJ5SjcMq4B4u5JlE7RXjak8v+FfqSGl3Rvz8s1
S7wGQIK5zG1DCGQgPUURgGYKqdOmxpLeSg0Fd68WxGVoiprnA/2BlU5HOpQApG+4
vdRR6wYIZXijEQZYXVpD4blVFF9bwXc+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org