Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/IKOhbOxQKerwZ1NszCXkEauyjt4.roa
File: IKOhbOxQKerwZ1NszCXkEauyjt4.roa (raw, json)
Hash identifier: cGjzsEtXO7qKw4FGiUvxzYQ5PvsOEji0btFSRJgHRGo=
Subject key identifier: 20:A3:A1:6C:EC:50:29:EA:F0:67:53:6C:CC:25:E4:11:AB:B2:8E:DE
Certificate issuer: /CN=d24f497d157847005336b777361b1d20905c5213
Certificate serial: 07DD766C
Authority key identifier: D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/IKOhbOxQKerwZ1NszCXkEauyjt4.roa
Signing time: Sat 01 Jan 2022 15:57:10 +0000
ROA not before: Sat 01 Jan 2022 15:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213342
IP address blocks: 2a0e:9b42::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131954284 (0x7dd766c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24f497d157847005336b777361b1d20905c5213
Validity
Not Before: Jan 1 15:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20a3a16cec5029eaf067536ccc25e411abb28ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:17:77:72:54:bd:95:c7:34:45:f6:eb:a0:ff:
8f:92:62:9d:8c:f1:3a:2e:30:5f:17:03:7a:44:1b:
6e:46:7d:e5:df:bd:7c:20:28:87:f1:8c:c5:a9:93:
bf:27:8c:e6:26:1b:75:ed:51:a9:72:47:0b:fa:80:
b2:57:98:3c:da:3d:f7:7b:57:13:98:5f:6a:2f:fb:
51:52:8e:6e:39:e7:7b:23:38:50:fe:13:3b:7a:ba:
c3:e6:91:5d:18:f1:52:54:fe:98:02:61:7e:33:6d:
79:67:85:ba:d8:5b:25:4f:b9:5b:8e:c2:9b:2d:ef:
29:9e:a8:0f:a8:bb:4d:e7:52:f5:6b:50:00:6c:10:
56:5c:2d:8a:59:0b:f0:07:f2:5d:a9:9f:d5:63:71:
e0:30:59:54:68:64:dd:e0:e2:2b:47:3c:f4:59:98:
27:14:9d:34:ef:fc:b4:a5:8d:1b:46:88:c9:36:e8:
10:d5:71:2b:ca:40:d7:99:d3:b6:fa:27:5d:f3:2c:
cf:86:e5:b3:2b:cb:f4:6e:aa:f7:46:9d:61:82:e7:
d3:48:04:00:19:a3:71:3b:6d:56:95:b8:20:e8:a6:
b9:fa:9c:27:05:74:75:2c:7b:d0:7d:c4:07:b6:0a:
ee:51:27:19:28:8d:ed:46:fe:48:c6:6f:31:43:17:
67:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A3:A1:6C:EC:50:29:EA:F0:67:53:6C:CC:25:E4:11:AB:B2:8E:DE
X509v3 Authority Key Identifier:
keyid:D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/IKOhbOxQKerwZ1NszCXkEauyjt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/0k9JfRV4RwBTNrd3NhsdIJBcUhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b42::/32
Signature Algorithm: sha256WithRSAEncryption
24:97:60:ab:38:43:10:e2:05:72:50:0d:fb:92:c6:c8:0c:f8:
2e:73:88:7f:c3:0f:52:7e:07:df:61:f2:b6:c6:11:1d:89:80:
59:a5:a2:de:48:31:95:21:bd:bd:dd:db:7a:92:5d:87:7a:e1:
5c:a5:0f:3c:f0:03:ae:d1:00:d3:0b:5f:11:15:fc:c9:f7:53:
8d:17:09:21:dd:3b:be:1e:46:0d:89:22:55:61:29:29:db:3a:
70:0a:d7:51:24:8e:0c:f8:14:bb:1a:91:82:70:15:4f:00:e4:
87:f8:5c:e8:1c:bd:1f:21:4d:56:4d:b4:78:4f:62:66:54:ae:
3b:3b:f8:f8:b5:46:1a:81:74:04:5e:05:08:3a:7e:35:26:fa:
d8:59:a7:56:6a:10:fd:44:bb:ab:bc:15:98:bc:97:31:e6:b9:
67:91:0e:e6:69:2f:3f:b1:8d:15:d7:42:23:42:b7:d3:5e:ff:
95:98:6d:7c:b3:16:10:88:87:c7:81:76:8d:46:2d:2f:7f:ba:
3f:84:b5:27:0a:50:67:1c:7f:c1:c7:57:d0:85:89:d0:6a:e6:
f5:7b:4c:68:3a:ff:e1:eb:56:d5:5d:12:d2:de:80:02:ee:01:
74:3e:c8:01:c9:ea:c2:60:22:0f:95:05:62:b7:5f:8c:4e:ea:
ab:dd:c9:f9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB912bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjRmNDk3ZDE1Nzg0NzAwNTMzNmI3NzczNjFiMWQyMDkwNWM1MjEzMB4XDTIyMDEw
MTE1NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBhM2ExNmNlYzUw
MjllYWYwNjc1MzZjY2MyNWU0MTFhYmIyOGVkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAXd3JUvZXHNEX266D/j5JinYzxOi4wXxcDekQbbkZ95d+9
fCAoh/GMxamTvyeM5iYbde1RqXJHC/qAsleYPNo993tXE5hfai/7UVKObjnneyM4
UP4TO3q6w+aRXRjxUlT+mAJhfjNteWeFuthbJU+5W47Cmy3vKZ6oD6i7TedS9WtQ
AGwQVlwtilkL8AfyXamf1WNx4DBZVGhk3eDiK0c89FmYJxSdNO/8tKWNG0aIyTbo
ENVxK8pA15nTtvonXfMsz4blsyvL9G6q90adYYLn00gEABmjcTttVpW4IOimufqc
JwV0dSx70H3EB7YK7lEnGSiN7Ub+SMZvMUMXZ8kCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQgo6Fs7FAp6vBnU2zMJeQRq7KO3jAfBgNVHSMEGDAWgBTST0l9FXhHAFM2
t3c2Gx0gkFxSEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBrOUpmUlY0UndCVE5yZDNOaHNkSUpCY1VoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvY2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8x
L0lLT2hiT3hRS2Vyd1oxTnN6Q1hrRWF1eWp0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
Y2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8xLzBrOUpmUlY0UndC
VE5yZDNOaHNkSUpCY1VoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoOm0IwDQYJKoZIhvcNAQELBQAD
ggEBACSXYKs4QxDiBXJQDfuSxsgM+C5ziH/DD1J+B99h8rbGER2JgFmlot5IMZUh
vb3d23qSXYd64VylDzzwA67RANMLXxEV/Mn3U40XCSHdO74eRg2JIlVhKSnbOnAK
11Ekjgz4FLsakYJwFU8A5If4XOgcvR8hTVZNtHhPYmZUrjs7+Pi1RhqBdAReBQg6
fjUm+thZp1ZqEP1Eu6u8FZi8lzHmuWeRDuZpLz+xjRXXQiNCt9Ne/5WYbXyzFhCI
h8eBdo1GLS9/uj+EtScKUGccf8HHV9CFidBq5vV7TGg6/+HrVtVdEtLegALuAXQ+
yAHJ6sJgIg+VBWK3X4xO6qvdyfk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:23 2023 by rpki-client on console-ams.rpki-client.org