Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/j-lAhcbveJZELDT8dRE6ZA3vzBI.roa
File: j-lAhcbveJZELDT8dRE6ZA3vzBI.roa (raw, json)
Hash identifier: VPjURf+layxD+HHm/DtdQI+MLfoA5uYrHyrYn1Gn4z4=
Subject key identifier: 8F:E9:40:85:C6:EF:78:96:44:2C:34:FC:75:11:3A:64:0D:EF:CC:12
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 0184C55878A7FC669AFE0D16793160FB4B69
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/j-lAhcbveJZELDT8dRE6ZA3vzBI.roa
Signing time: Tue 29 Nov 2022 21:43:40 +0000
ROA not before: Tue 29 Nov 2022 21:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201110
IP address blocks: 2a05:6740:40c6::/48 maxlen: 48
2a05:6740:40c4::/48 maxlen: 48
2a05:6740:40c5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c5:58:78:a7:fc:66:9a:fe:0d:16:79:31:60:fb:4b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Nov 29 21:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fe94085c6ef7896442c34fc75113a640defcc12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:22:0c:51:c3:19:10:6d:54:e5:2f:9a:51:3e:
ac:11:40:31:49:3d:2e:2a:d8:37:b9:6e:ef:51:c0:
c1:f7:d8:59:91:3a:7a:ea:bf:39:00:60:3c:5a:7c:
71:b0:67:ba:3d:85:9a:df:f1:12:77:dc:8a:fe:7c:
f9:dc:ee:bd:a8:33:b5:e8:18:06:1b:ea:09:85:68:
52:b3:02:8e:4f:2c:b0:46:a7:26:44:2a:71:66:ce:
6f:f1:d8:cd:d1:5a:0e:12:25:16:3f:e3:7a:66:5a:
46:1f:1a:06:5d:c4:6f:e3:0a:0c:52:eb:f1:46:eb:
86:9a:30:31:e5:97:36:34:1b:76:02:f7:b8:0a:d0:
5b:2f:fe:73:7c:91:bd:d5:a4:1c:3e:8f:04:84:07:
30:f9:43:90:6a:4c:c4:65:57:bd:fa:85:af:36:b4:
8c:a0:ba:64:78:9d:ea:3c:c3:e6:68:84:a7:7d:d3:
c4:4e:22:a2:02:8d:bf:b0:72:ce:6f:6a:b1:cd:21:
e4:79:31:c1:d1:ea:5e:72:9a:6a:4b:47:d2:ae:e4:
34:4d:f0:cd:35:c5:fb:35:86:3e:f7:d6:c5:99:73:
4e:5b:a1:44:e2:08:e0:26:1c:7f:95:bb:71:50:3c:
e8:a8:44:c9:7a:f0:06:9f:3a:7c:74:8c:25:5d:61:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E9:40:85:C6:EF:78:96:44:2C:34:FC:75:11:3A:64:0D:EF:CC:12
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/j-lAhcbveJZELDT8dRE6ZA3vzBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6740:40c4::-2a05:6740:40c6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
83:63:99:3c:a0:bc:37:14:0a:f2:25:c5:36:80:17:e2:eb:b7:
72:e5:a6:e8:83:e8:8c:15:fd:f4:ae:dd:0f:6d:d7:77:e6:2f:
17:c1:59:89:c1:23:c6:92:af:b5:16:10:fa:4a:5f:ad:f8:8d:
e6:0e:31:e5:64:ef:12:ec:95:6b:8b:05:35:71:45:fd:3c:28:
ac:2a:34:c6:b8:e2:db:58:b7:83:66:5f:85:3d:1e:af:6e:a9:
03:9f:4f:be:a2:b1:89:eb:04:34:04:00:9e:72:5f:d1:e8:72:
75:33:ce:20:52:fe:73:9f:4b:b4:d4:fb:fd:a2:aa:f1:06:2a:
d8:d2:64:cf:08:4e:51:c3:d3:b5:dc:09:7a:df:b4:0d:2f:b6:
f4:4c:ca:79:bf:b8:1f:04:6d:e7:00:72:26:69:33:f2:81:fc:
0e:52:36:f6:d5:de:8e:0d:13:78:81:bb:45:08:45:08:d0:39:
79:7f:60:8b:10:ef:b8:08:14:cc:84:42:e3:c6:bc:4e:97:48:
ae:6b:db:fb:65:65:66:05:bd:d3:e9:5e:d1:ff:48:dc:a8:e3:
7c:32:09:79:01:b5:4d:20:eb:0b:05:e1:51:24:65:33:38:d9:
c7:ed:b2:fe:68:b3:f3:6a:6c:56:71:4c:f6:7d:70:ea:d6:ad:
b7:0b:58:8c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYTFWHin/Gaa/g0WeTFg+0tpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjIxMTI5MjE0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU5NDA4NWM2ZWY3ODk2NDQyYzM0ZmM3NTExM2E2NDBkZWZjYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSIMUcMZEG1U5S+aUT6sEUAxST0u
Ktg3uW7vUcDB99hZkTp66r85AGA8WnxxsGe6PYWa3/ESd9yK/nz53O69qDO16BgG
G+oJhWhSswKOTyywRqcmRCpxZs5v8djN0VoOEiUWP+N6ZlpGHxoGXcRv4woMUuvx
RuuGmjAx5Zc2NBt2Ave4CtBbL/5zfJG91aQcPo8EhAcw+UOQakzEZVe9+oWvNrSM
oLpkeJ3qPMPmaISnfdPETiKiAo2/sHLOb2qxzSHkeTHB0epecppqS0fSruQ0TfDN
NcX7NYY+99bFmXNOW6FE4gjgJhx/lbtxUDzoqETJevAGnzp8dIwlXWEqZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI/pQIXG73iWRCw0/HUROmQN78wSMB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEvai1sQWhjYnZlSlpFTERUOGRSRTZaQTN2ekJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwIqBWdA
QMQDBwAqBWdAQMYwDQYJKoZIhvcNAQELBQADggEBAINjmTygvDcUCvIlxTaAF+Lr
t3LlpuiD6IwV/fSu3Q9t13fmLxfBWYnBI8aSr7UWEPpKX634jeYOMeVk7xLslWuL
BTVxRf08KKwqNMa44ttYt4NmX4U9Hq9uqQOfT76isYnrBDQEAJ5yX9HocnUzziBS
/nOfS7TU+/2iqvEGKtjSZM8ITlHD07XcCXrftA0vtvRMynm/uB8EbecAciZpM/KB
/A5SNvbV3o4NE3iBu0UIRQjQOXl/YIsQ77gIFMyEQuPGvE6XSK5r2/tlZWYFvdPp
XtH/SNyo43wyCXkBtU0g6wsF4VEkZTM42cftsv5os/NqbFZxTPZ9cOrWrbcLWIw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org