Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa
File: CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa (raw, json)
Hash identifier: JURrJDiUmvzlceSRljEDwlaZuv3StQly9wOFCP1rEYU=
Subject key identifier: 09:6B:31:58:DA:70:DD:69:30:C9:EC:AA:CA:E7:D8:D8:12:A8:F1:38
Certificate issuer: /CN=96429851d86633cbe2983aaf94ba8415ca232aa1
Certificate serial: 526FE3
Authority key identifier: 96:42:98:51:D8:66:33:CB:E2:98:3A:AF:94:BA:84:15:CA:23:2A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkKYUdhmM8vimDqvlLqEFcojKqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa
Signing time: Sat 01 Jan 2022 02:58:58 +0000
ROA not before: Sat 01 Jan 2022 02:58:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:57c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5402595 (0x526fe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96429851d86633cbe2983aaf94ba8415ca232aa1
Validity
Not Before: Jan 1 02:58:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=096b3158da70dd6930c9ecaacae7d8d812a8f138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:96:2c:49:50:cb:aa:6d:92:7b:b7:18:30:19:
dc:f5:d1:4b:20:0c:69:6c:71:5b:07:69:24:2f:49:
6c:ba:a4:5f:30:93:90:f5:65:bb:05:c3:9b:ec:de:
d9:30:e2:f7:e4:00:f2:bf:c6:d8:6a:87:ec:0d:97:
74:51:4a:f4:e8:6c:66:28:97:44:d6:13:cb:ab:55:
9c:90:34:b5:f1:cd:95:58:93:56:33:70:46:96:c4:
f5:24:2c:bb:b8:ed:a6:99:f1:1d:f4:d5:36:e0:a2:
f1:43:74:2d:71:99:a9:e9:39:45:3c:10:73:10:44:
8d:2c:62:80:64:73:d8:4e:39:1a:23:07:9b:d9:dd:
dd:4d:07:89:3d:f5:ea:65:bd:3f:13:be:c6:5b:ce:
28:62:4f:85:a1:fc:fa:66:3a:25:92:2f:f8:01:26:
f6:96:9b:50:dd:1b:0b:71:de:9c:87:cc:88:34:70:
f8:e5:e1:d3:18:5b:08:6f:2c:8f:75:97:27:d2:ca:
b3:83:b2:0c:81:3b:fe:cc:1e:5f:d3:f7:d6:70:cf:
89:cd:d8:4b:08:e3:e1:fd:5b:eb:42:75:14:80:6f:
d8:bc:4e:2b:e8:e9:72:5c:67:40:ed:f2:4e:50:44:
30:83:46:04:9e:25:9a:21:ab:63:d3:99:59:33:55:
e4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6B:31:58:DA:70:DD:69:30:C9:EC:AA:CA:E7:D8:D8:12:A8:F1:38
X509v3 Authority Key Identifier:
keyid:96:42:98:51:D8:66:33:CB:E2:98:3A:AF:94:BA:84:15:CA:23:2A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkKYUdhmM8vimDqvlLqEFcojKqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/CWsxWNpw3WkwyeyqyufY2BKo8Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/92857b-f106-466e-9c4b-c1114a9dad19/1/lkKYUdhmM8vimDqvlLqEFcojKqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:57c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:6c:76:bd:7f:1f:38:69:63:87:87:84:f3:0d:7b:19:8a:b3:
45:cd:9b:a2:ca:3d:79:ec:13:7d:21:33:cf:a9:53:1d:6b:86:
a5:d9:38:c7:64:61:bf:95:07:2e:cf:ca:d7:23:7b:98:bf:62:
9d:43:32:eb:18:76:ad:fc:0f:b5:af:3c:35:95:1b:30:72:fc:
1e:dd:ec:4d:70:c0:11:fe:51:d8:21:07:79:bb:7d:52:62:da:
72:0f:75:1a:af:4e:a3:bd:8f:ec:2d:58:35:ec:44:dd:5e:b4:
ce:ef:44:3b:22:03:24:50:a7:06:b8:d0:a0:a8:22:1d:40:62:
e0:df:5e:f9:d3:93:41:38:4a:26:ba:57:27:db:2b:4a:8f:2d:
53:f0:4a:c6:29:c0:12:bf:95:24:a1:fd:fa:bb:ba:dd:be:bb:
13:ec:36:40:cb:ad:8e:29:bb:e9:09:92:ff:55:e4:3c:fb:16:
23:73:b8:9f:95:38:a6:34:2d:e7:d6:3c:fb:bb:4c:96:30:0a:
91:6b:79:72:21:4e:34:8f:6a:80:c3:27:47:a5:2c:84:15:26:
a4:21:b8:be:4f:48:f8:6d:4f:04:57:c5:33:c4:d8:2d:43:41:
2d:a1:33:f9:6c:b8:39:90:73:0e:3a:1f:33:e9:b4:80:66:f9:
e5:3a:72:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDUm/jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
NDI5ODUxZDg2NjMzY2JlMjk4M2FhZjk0YmE4NDE1Y2EyMzJhYTEwHhcNMjIwMTAx
MDI1ODU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOTZiMzE1OGRhNzBk
ZDY5MzBjOWVjYWFjYWU3ZDhkODEyYThmMTM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq5YsSVDLqm2Se7cYMBnc9dFLIAxpbHFbB2kkL0lsuqRfMJOQ
9WW7BcOb7N7ZMOL35ADyv8bYaofsDZd0UUr06GxmKJdE1hPLq1WckDS18c2VWJNW
M3BGlsT1JCy7uO2mmfEd9NU24KLxQ3QtcZmp6TlFPBBzEESNLGKAZHPYTjkaIweb
2d3dTQeJPfXqZb0/E77GW84oYk+Fofz6Zjolki/4ASb2lptQ3RsLcd6ch8yINHD4
5eHTGFsIbyyPdZcn0sqzg7IMgTv+zB5f0/fWcM+JzdhLCOPh/VvrQnUUgG/YvE4r
6OlyXGdA7fJOUEQwg0YEniWaIatj05lZM1XkjwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFAlrMVjacN1pMMnsqsrn2NgSqPE4MB8GA1UdIwQYMBaAFJZCmFHYZjPL4pg6
r5S6hBXKIyqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bGtLWVVkaG1NOHZpbURxdmxMcUVGY29qS3FFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy85Mjg1N2ItZjEwNi00NjZlLTljNGItYzExMTRhOWRhZDE5LzEv
Q1dzeFdOcHczV2t3eWV5cXl1ZlkyQktvOFRnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85
Mjg1N2ItZjEwNi00NjZlLTljNGItYzExMTRhOWRhZDE5LzEvbGtLWVVkaG1NOHZp
bURxdmxMcUVGY29qS3FFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFXwDANBgkqhkiG9w0BAQsFAAOC
AQEAcGx2vX8fOGljh4eE8w17GYqzRc2boso9eewTfSEzz6lTHWuGpdk4x2Rhv5UH
Ls/K1yN7mL9inUMy6xh2rfwPta88NZUbMHL8Ht3sTXDAEf5R2CEHebt9UmLacg91
Gq9Oo72P7C1YNexE3V60zu9EOyIDJFCnBrjQoKgiHUBi4N9e+dOTQThKJrpXJ9sr
So8tU/BKxinAEr+VJKH9+ru63b67E+w2QMutjim76QmS/1XkPPsWI3O4n5U4pjQt
59Y8+7tMljAKkWt5ciFONI9qgMMnR6UshBUmpCG4vk9I+G1PBFfFM8TYLUNBLaEz
+Wy4OZBzDjofM+m0gGb55TpyVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:36 2023 by rpki-client on console-ams.rpki-client.org