Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/7GpnnFeRcqjrBTQktgqgJlveKrw.roa
File: 7GpnnFeRcqjrBTQktgqgJlveKrw.roa (raw, json)
Hash identifier: rML9e0OSuAFUYSRc260cTvZv4kSgVmu8s4a+Bp8BDt4=
Subject key identifier: EC:6A:67:9C:57:91:72:A8:EB:05:34:24:B6:0A:A0:26:5B:DE:2A:BC
Certificate issuer: /CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Certificate serial: 075B0E59
Authority key identifier: D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/7GpnnFeRcqjrBTQktgqgJlveKrw.roa
Signing time: Sat 01 Jan 2022 12:07:05 +0000
ROA not before: Sat 01 Jan 2022 12:07:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49585
IP address blocks: 2a0f:a302:400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123407961 (0x75b0e59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Validity
Not Before: Jan 1 12:07:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec6a679c579172a8eb053424b60aa0265bde2abc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:63:fd:85:4e:b3:6e:2c:aa:4b:81:0b:5a:
e1:21:05:d1:b7:26:c5:fb:f7:67:7e:05:03:74:f3:
69:b7:12:db:a0:e5:f2:b7:2d:09:19:c2:69:1d:f3:
7b:6e:e4:66:b0:af:84:93:bd:8e:cc:d6:c8:93:42:
80:fc:e4:a6:24:a9:30:4a:0d:a4:f4:f2:2d:35:af:
7b:cf:c5:63:0b:c4:ba:a7:fa:36:f5:e3:06:38:a4:
60:d7:bc:30:ab:06:fd:42:ac:13:d3:71:7d:81:ab:
5b:33:92:3e:42:6a:26:48:da:23:fd:d1:96:51:55:
32:f8:0d:f0:b8:bc:e6:15:df:59:08:ba:0c:1f:eb:
4f:80:1e:f9:22:7c:87:5b:7f:58:26:c6:ce:06:82:
90:99:57:4c:67:d5:e1:44:2f:45:49:d0:fc:90:c7:
ea:b1:9f:1f:33:de:b1:c4:f2:8e:f6:94:36:3e:e8:
25:46:3d:47:ad:63:86:8d:7f:c1:ca:c6:ff:f7:f5:
d3:ed:55:34:38:22:f2:45:e6:39:55:ce:fa:34:d7:
f0:12:8b:d6:02:00:fe:cc:d5:45:51:2f:4d:ad:f4:
25:33:b1:7f:d6:2c:65:e3:0e:bd:48:a7:ce:5d:a1:
16:04:cb:a2:20:3e:2c:cb:48:d2:34:5c:5f:2a:e3:
ce:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6A:67:9C:57:91:72:A8:EB:05:34:24:B6:0A:A0:26:5B:DE:2A:BC
X509v3 Authority Key Identifier:
keyid:D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/7GpnnFeRcqjrBTQktgqgJlveKrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/1LOfyKU74dxnS22nVehhEJUhdOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a302:400::/40
Signature Algorithm: sha256WithRSAEncryption
67:76:8a:36:25:f6:14:13:82:21:8c:87:a6:80:ee:cc:26:14:
02:1e:24:86:3d:84:50:42:be:d4:be:51:8f:3b:15:13:03:75:
07:cb:61:d6:c5:77:34:f0:a1:af:0c:7e:2e:82:40:78:e6:ce:
60:54:20:1e:06:32:a4:ff:66:23:4e:d1:0f:b1:24:c1:fc:e0:
dc:24:c2:0f:61:cb:13:17:e9:3e:21:e3:1a:db:36:54:27:30:
2d:30:90:ce:86:85:92:a0:e4:02:0c:dc:0f:69:ea:54:05:c4:
ea:40:85:86:4a:7e:b4:2a:8c:12:91:35:44:03:18:74:07:c6:
a6:a2:b0:30:6b:a3:8a:e9:22:c2:b1:9c:b6:b7:29:fa:c0:ca:
ff:ee:ef:82:01:5f:56:77:fd:f7:a4:c5:10:2c:65:00:25:cd:
66:54:c3:5b:df:5c:ef:84:e0:6e:4d:22:bd:5d:78:49:cb:ce:
68:3b:f0:ac:25:b5:47:2e:fe:5e:41:30:83:4d:56:b5:90:14:
09:bc:ec:15:05:7f:1b:8d:8c:2d:a9:cd:53:0f:af:f0:ac:c7:
49:65:27:47:35:91:10:1d:70:45:bb:8d:c6:da:b8:98:e0:29:
8c:4f:bd:d4:1b:8c:7e:31:d2:cf:58:10:dd:59:32:5e:d9:65:
6d:99:e1:33
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB1sOWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGIzOWZjOGE1M2JlMWRjNjc0YjZkYTc1NWU4NjExMDk1MjE3NGU0MB4XDTIyMDEw
MTEyMDcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM2YTY3OWM1Nzkx
NzJhOGViMDUzNDI0YjYwYWEwMjY1YmRlMmFiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRaY/2FTrNuLKpLgQta4SEF0bcmxfv3Z34FA3TzabcS26Dl
8rctCRnCaR3ze27kZrCvhJO9jszWyJNCgPzkpiSpMEoNpPTyLTWve8/FYwvEuqf6
NvXjBjikYNe8MKsG/UKsE9NxfYGrWzOSPkJqJkjaI/3RllFVMvgN8Li85hXfWQi6
DB/rT4Ae+SJ8h1t/WCbGzgaCkJlXTGfV4UQvRUnQ/JDH6rGfHzPescTyjvaUNj7o
JUY9R61jho1/wcrG//f10+1VNDgi8kXmOVXO+jTX8BKL1gIA/szVRVEvTa30JTOx
f9YsZeMOvUinzl2hFgTLoiA+LMtI0jRcXyrjzlECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTsamecV5FyqOsFNCS2CqAmW94qvDAfBgNVHSMEGDAWgBTUs5/IpTvh3GdL
badV6GEQlSF05DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFMT2Z5S1U3NGR4blMyMm5WZWhoRUpVaGRPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8x
LzdHcG5uRmVSY3FqckJUUWt0Z3FnSmx2ZUtydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8xLzFMT2Z5S1U3NGR4
blMyMm5WZWhoRUpVaGRPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoPowIEMA0GCSqGSIb3DQEBCwUA
A4IBAQBndoo2JfYUE4IhjIemgO7MJhQCHiSGPYRQQr7UvlGPOxUTA3UHy2HWxXc0
8KGvDH4ugkB45s5gVCAeBjKk/2YjTtEPsSTB/ODcJMIPYcsTF+k+IeMa2zZUJzAt
MJDOhoWSoOQCDNwPaepUBcTqQIWGSn60KowSkTVEAxh0B8amorAwa6OK6SLCsZy2
tyn6wMr/7u+CAV9Wd/33pMUQLGUAJc1mVMNb31zvhOBuTSK9XXhJy85oO/CsJbVH
Lv5eQTCDTVa1kBQJvOwVBX8bjYwtqc1TD6/wrMdJZSdHNZEQHXBFu43G2riY4CmM
T73UG4x+MdLPWBDdWTJe2WVtmeEz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:50 2023 by rpki-client on console-fra.rpki-client.org