Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/9BYgD2mPAbQyl78hvIa6y1mZMl8.roa
File: 9BYgD2mPAbQyl78hvIa6y1mZMl8.roa (raw, json)
Hash identifier: UcuWKjWqcCAL8O6bDOecVHfqEFJsq13YeNx4fOFMsHk=
Subject key identifier: F4:16:20:0F:69:8F:01:B4:32:97:BF:21:BC:86:BA:CB:59:99:32:5F
Certificate issuer: /CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Certificate serial: 0792ADE0
Authority key identifier: D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/9BYgD2mPAbQyl78hvIa6y1mZMl8.roa
Signing time: Sun 23 Jan 2022 15:47:50 +0000
ROA not before: Sun 23 Jan 2022 15:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52042
IP address blocks: 2a0f:a302:300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127053280 (0x792ade0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b39fc8a53be1dc674b6da755e86110952174e4
Validity
Not Before: Jan 23 15:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f416200f698f01b43297bf21bc86bacb5999325f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a7:ce:62:53:15:cf:82:8e:22:2b:3a:0e:ca:
eb:ef:71:88:cc:c4:3e:59:2d:5f:52:4e:39:ff:b3:
31:94:6b:8d:1d:de:ba:f7:71:1e:e5:33:04:95:77:
e5:37:00:be:65:f6:5a:19:9c:89:61:e2:a5:7e:2f:
1f:2b:1d:5f:06:73:a5:cd:9d:af:f2:b5:71:93:4c:
81:81:4d:87:9b:10:10:96:dc:d1:10:0c:b5:fa:18:
5c:62:b7:7f:a5:00:69:81:ec:40:51:90:a6:b0:3f:
19:dc:a0:09:ec:18:fe:f2:8c:7e:70:07:80:c0:45:
e3:11:b9:32:93:c0:a6:c5:03:53:66:66:b9:0d:9b:
f7:19:7f:f5:b6:7c:d9:62:c2:de:4b:ca:6a:4d:bc:
69:6a:69:dd:df:b5:86:06:b5:5d:04:bc:a2:fb:3b:
50:de:45:ce:47:4a:cf:c0:3b:ba:8f:82:63:1f:c8:
38:cf:42:ae:97:49:3e:59:b8:d5:e0:87:b0:fc:b8:
54:35:23:71:d2:d3:46:98:fa:32:82:4f:28:0e:b5:
61:30:85:fb:b8:43:7f:34:e6:94:e8:e3:04:f9:16:
7f:37:cf:5e:e1:f1:e4:5d:99:07:27:9b:8d:ee:93:
b7:26:46:76:9d:13:c9:d3:34:36:e1:86:44:24:64:
65:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:16:20:0F:69:8F:01:B4:32:97:BF:21:BC:86:BA:CB:59:99:32:5F
X509v3 Authority Key Identifier:
keyid:D4:B3:9F:C8:A5:3B:E1:DC:67:4B:6D:A7:55:E8:61:10:95:21:74:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LOfyKU74dxnS22nVehhEJUhdOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/9BYgD2mPAbQyl78hvIa6y1mZMl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6bbf55-4d87-4e42-ba5e-e2f93533d6e4/1/1LOfyKU74dxnS22nVehhEJUhdOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a302:300::/40
Signature Algorithm: sha256WithRSAEncryption
67:e8:3b:b8:58:f6:90:39:81:35:af:e9:7f:a9:8a:3b:14:c3:
65:e9:fe:71:86:98:4f:75:60:6f:c6:b3:32:51:01:8f:36:b0:
fe:c6:ce:2c:11:50:15:75:9c:1e:bb:54:4b:90:fc:e1:9f:9e:
3e:dd:2b:fe:67:c0:fb:5c:2c:8f:9d:6b:63:38:06:dd:7a:e8:
49:e5:1d:c3:60:e4:c9:ea:f3:af:32:63:61:43:79:0b:7a:ca:
71:06:a9:d2:1e:c4:df:7c:11:19:39:e8:f7:8f:c0:e9:e6:7d:
76:b5:42:c2:6d:d5:77:47:b0:76:a9:b6:ba:7f:63:60:ad:f6:
85:02:d5:73:1c:c2:c4:57:6a:15:d2:78:c6:75:b5:74:c8:fb:
ba:73:bb:7f:25:f7:c4:a3:d9:50:10:65:65:32:c9:ac:01:80:
5c:00:25:46:53:97:8e:2f:44:52:a1:b0:52:d3:35:c4:a2:7e:
84:58:0d:c3:ec:43:5e:59:57:ec:0d:91:63:52:86:2b:52:81:
f6:61:98:59:c8:8a:7a:be:eb:52:60:5a:14:26:6a:a8:c3:16:
a1:71:a7:da:1d:f3:0f:2e:25:04:14:18:90:93:a1:53:95:fd:
d0:90:90:3f:83:fc:f1:40:4a:ad:4f:24:6b:dd:8d:7e:e7:7e:
3b:1c:bb:54
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB5Kt4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGIzOWZjOGE1M2JlMWRjNjc0YjZkYTc1NWU4NjExMDk1MjE3NGU0MB4XDTIyMDEy
MzE1NDc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQxNjIwMGY2OThm
MDFiNDMyOTdiZjIxYmM4NmJhY2I1OTk5MzI1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmnzmJTFc+CjiIrOg7K6+9xiMzEPlktX1JOOf+zMZRrjR3e
uvdxHuUzBJV35TcAvmX2WhmciWHipX4vHysdXwZzpc2dr/K1cZNMgYFNh5sQEJbc
0RAMtfoYXGK3f6UAaYHsQFGQprA/GdygCewY/vKMfnAHgMBF4xG5MpPApsUDU2Zm
uQ2b9xl/9bZ82WLC3kvKak28aWpp3d+1hga1XQS8ovs7UN5FzkdKz8A7uo+CYx/I
OM9CrpdJPlm41eCHsPy4VDUjcdLTRpj6MoJPKA61YTCF+7hDfzTmlOjjBPkWfzfP
XuHx5F2ZByebje6TtyZGdp0TydM0NuGGRCRkZc8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT0FiAPaY8BtDKXvyG8hrrLWZkyXzAfBgNVHSMEGDAWgBTUs5/IpTvh3GdL
badV6GEQlSF05DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFMT2Z5S1U3NGR4blMyMm5WZWhoRUpVaGRPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8x
LzlCWWdEMm1QQWJReWw3OGh2SWE2eTFtWk1sOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NmJiZjU1LTRkODctNGU0Mi1iYTVlLWUyZjkzNTMzZDZlNC8xLzFMT2Z5S1U3NGR4
blMyMm5WZWhoRUpVaGRPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoPowIDMA0GCSqGSIb3DQEBCwUA
A4IBAQBn6Du4WPaQOYE1r+l/qYo7FMNl6f5xhphPdWBvxrMyUQGPNrD+xs4sEVAV
dZweu1RLkPzhn54+3Sv+Z8D7XCyPnWtjOAbdeuhJ5R3DYOTJ6vOvMmNhQ3kLespx
BqnSHsTffBEZOej3j8Dp5n12tULCbdV3R7B2qba6f2NgrfaFAtVzHMLEV2oV0njG
dbV0yPu6c7t/JffEo9lQEGVlMsmsAYBcACVGU5eOL0RSobBS0zXEon6EWA3D7ENe
WVfsDZFjUoYrUoH2YZhZyIp6vutSYFoUJmqowxahcafaHfMPLiUEFBiQk6FTlf3Q
kJA/g/zxQEqtTyRr3Y1+5347HLtU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:34 2023 by rpki-client on console-ams.rpki-client.org