Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/GmTMzpGmfVNIFQ-laWEysgPvXIM.roa
File: GmTMzpGmfVNIFQ-laWEysgPvXIM.roa (raw, json)
Hash identifier: sbV3ozHawUkZnC6kLhqRZsb3zgmyg1I5IY/17AAYoh4=
Subject key identifier: 1A:64:CC:CE:91:A6:7D:53:48:15:0F:A5:69:61:32:B2:03:EF:5C:83
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 080EDD0D
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/GmTMzpGmfVNIFQ-laWEysgPvXIM.roa
Signing time: Sat 01 Jan 2022 13:01:19 +0000
ROA not before: Sat 01 Jan 2022 13:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29588
IP address blocks: 2a00:f440:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135191821 (0x80edd0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 13:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a64ccce91a67d5348150fa5696132b203ef5c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3c:3a:a0:ce:84:63:41:12:a1:24:f4:53:e1:
24:b8:ec:98:ca:74:02:b3:a9:f7:5f:bd:a3:ed:71:
78:89:df:49:0b:7c:42:1b:bc:9f:08:0b:7a:71:dd:
33:54:c4:63:57:08:a6:fe:58:7d:0d:fc:ac:1a:95:
c5:1d:64:cc:21:14:89:73:08:66:27:33:ac:0c:d1:
cd:76:1f:cb:4c:68:de:4b:d4:f1:3c:ee:e3:01:e1:
7b:88:01:98:cf:32:30:6e:ab:0b:4f:3e:31:ed:0c:
65:36:eb:f9:44:c2:26:bc:2f:40:4a:21:e8:ca:93:
a3:52:e7:c5:73:20:98:b8:ee:62:f6:f4:ce:0e:ce:
50:77:b8:ac:6b:d1:c0:3b:4e:60:39:61:73:5c:f7:
af:ac:f9:03:3f:e6:6f:a5:cf:b2:67:6f:81:8e:70:
6e:89:b1:24:a0:47:99:49:f0:e1:49:4a:82:2c:30:
4a:73:53:23:a2:a8:e3:6c:d4:50:7d:8d:4d:87:a5:
8b:44:61:3b:e9:f9:8b:cf:95:75:a0:7b:d8:23:35:
93:a7:37:ad:96:d0:c6:a2:48:3f:93:9a:9f:2f:b8:
5f:6f:12:8e:c0:ae:98:34:bb:d8:98:73:42:ad:d2:
c2:62:01:3d:88:3a:28:48:e4:12:0d:d0:66:23:ea:
93:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:64:CC:CE:91:A6:7D:53:48:15:0F:A5:69:61:32:B2:03:EF:5C:83
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/GmTMzpGmfVNIFQ-laWEysgPvXIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f440:a::/48
Signature Algorithm: sha256WithRSAEncryption
ad:fa:f0:28:42:2e:02:cb:29:19:28:f5:f5:ed:e7:57:4e:d7:
12:9d:9d:51:eb:f5:7f:51:c3:70:cf:ee:5a:3d:d4:d9:89:06:
9a:f0:90:e9:fb:b8:44:29:14:c2:71:b4:89:22:6f:a3:33:3a:
1f:dd:60:9c:c0:1f:4e:f8:1e:4f:1d:60:b6:46:7c:01:d3:19:
89:ba:5d:7e:03:11:7a:94:90:53:54:34:e7:f7:03:52:24:ff:
da:0c:be:f9:8d:51:94:fd:35:e9:00:79:28:dd:e5:b5:d4:74:
27:d0:bf:d5:8f:c0:da:7e:2a:2e:a8:28:a2:51:cb:9b:21:67:
5a:bb:4f:74:77:ec:0c:45:de:ee:8f:c4:80:e1:49:fd:de:b4:
f6:71:f4:6a:1b:37:da:fa:e7:00:72:90:7f:78:f9:6b:70:87:
5b:fa:80:bc:b9:53:a9:4b:c6:3b:c5:e4:9a:fd:45:99:56:84:
56:8d:eb:c7:09:84:77:08:a1:be:73:d4:2e:68:ef:cd:0b:19:
17:df:0e:12:4f:1b:47:08:b4:b6:a5:52:fc:58:16:c3:2e:3b:
79:ea:a3:f7:6b:d4:e5:07:76:7e:76:34:65:ad:b8:29:2e:c0:
37:e6:85:e3:8c:a1:07:ab:b3:a3:74:d5:20:9e:43:26:79:f2:
9c:da:fd:80
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECA7dDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODkxYzQ0ODg2OTllNmQwMjRlMzljYzRkNjFlZWVhYmQzODAxMGZhMB4XDTIyMDEw
MTEzMDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE2NGNjY2U5MWE2
N2Q1MzQ4MTUwZmE1Njk2MTMyYjIwM2VmNWM4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALg8OqDOhGNBEqEk9FPhJLjsmMp0ArOp91+9o+1xeInfSQt8
Qhu8nwgLenHdM1TEY1cIpv5YfQ38rBqVxR1kzCEUiXMIZiczrAzRzXYfy0xo3kvU
8Tzu4wHhe4gBmM8yMG6rC08+Me0MZTbr+UTCJrwvQEoh6MqTo1LnxXMgmLjuYvb0
zg7OUHe4rGvRwDtOYDlhc1z3r6z5Az/mb6XPsmdvgY5wbomxJKBHmUnw4UlKgiww
SnNTI6Ko42zUUH2NTYeli0RhO+n5i8+VdaB72CM1k6c3rZbQxqJIP5Oany+4X28S
jsCumDS72JhzQq3SwmIBPYg6KEjkEg3QZiPqk3sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQaZMzOkaZ9U0gVD6VpYTKyA+9cgzAfBgNVHSMEGDAWgBSYkcRIhpnm0CTj
nMTWHu6r04AQ+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21KSEVTSWFaNXRBazQ1ekUxaDd1cTlPQUVQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8x
L0dtVE16cEdtZlZOSUZRLWxhV0V5c2dQdlhJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8xL21KSEVTSWFaNXRB
azQ1ekUxaDd1cTlPQUVQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA9EAACjANBgkqhkiG9w0BAQsF
AAOCAQEArfrwKEIuAsspGSj19e3nV07XEp2dUev1f1HDcM/uWj3U2YkGmvCQ6fu4
RCkUwnG0iSJvozM6H91gnMAfTvgeTx1gtkZ8AdMZibpdfgMRepSQU1Q05/cDUiT/
2gy++Y1RlP016QB5KN3ltdR0J9C/1Y/A2n4qLqgoolHLmyFnWrtPdHfsDEXe7o/E
gOFJ/d609nH0ahs32vrnAHKQf3j5a3CHW/qAvLlTqUvGO8Xkmv1FmVaEVo3rxwmE
dwihvnPULmjvzQsZF98OEk8bRwi0tqVS/FgWwy47eeqj92vU5Qd2fnY0Za24KS7A
N+aF44yhB6uzo3TVIJ5DJnnynNr9gA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org