Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/SjrVgErvWXZxH9jOPmtvBZsRWdA.roa
File: SjrVgErvWXZxH9jOPmtvBZsRWdA.roa (raw, json)
Hash identifier: ew2r8trLgxYk6VwWaPhNoH0n5ky0K2eUlAgBsmeOGTA=
Subject key identifier: 4A:3A:D5:80:4A:EF:59:76:71:1F:D8:CE:3E:6B:6F:05:9B:11:59:D0
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 3864130E
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/SjrVgErvWXZxH9jOPmtvBZsRWdA.roa
Signing time: Sat 01 Jan 2022 06:06:32 +0000
ROA not before: Sat 01 Jan 2022 06:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200363
IP address blocks: 2a01:af::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 946082574 (0x3864130e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 1 06:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a3ad5804aef5976711fd8ce3e6b6f059b1159d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c9:8d:84:18:a2:54:12:5c:60:22:0e:21:f0:
46:c7:c3:ae:86:f5:6c:84:d3:d1:08:dc:3c:5d:82:
f4:10:89:6a:c8:4c:8e:77:88:b2:04:43:1d:47:dc:
0b:ba:69:ea:9b:3a:9c:5a:35:8a:d8:a1:b8:28:48:
90:4d:4d:f1:70:38:af:5d:01:49:e1:f0:62:26:2c:
12:02:79:72:57:87:51:d7:f8:71:fa:7b:1b:ab:32:
12:c9:16:97:8b:3b:a6:0d:78:5e:ce:8c:94:d7:65:
70:a4:ee:07:9a:5a:f0:f0:28:5f:3b:4c:8a:1a:d0:
77:4b:9b:45:bd:6c:3a:e0:73:07:16:30:a1:16:65:
ef:02:28:53:49:4a:d0:51:30:66:3b:84:b6:b4:d5:
07:dd:28:49:5d:cc:7b:22:16:88:29:31:92:80:07:
4c:00:35:cb:5b:13:2b:b0:0e:ee:1e:01:af:f1:7d:
8d:c6:6b:ed:9a:32:0a:4a:14:45:47:77:60:5a:3c:
c8:3c:d2:08:40:9a:cf:fb:30:b8:5c:b3:8d:a7:9c:
ee:3c:54:1a:b4:a5:1c:87:0a:31:29:46:6c:9a:92:
9a:cb:fd:c5:93:1a:1c:e7:e4:4d:4f:d1:4b:4d:76:
ea:99:ec:ab:7b:9b:90:c1:09:93:cd:1b:26:50:c4:
16:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3A:D5:80:4A:EF:59:76:71:1F:D8:CE:3E:6B:6F:05:9B:11:59:D0
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/SjrVgErvWXZxH9jOPmtvBZsRWdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:af::/32
Signature Algorithm: sha256WithRSAEncryption
2f:01:d8:2e:ae:89:98:08:9e:bc:5b:c4:d8:1e:36:bb:40:4c:
74:69:ca:99:60:43:16:28:96:a5:d0:4c:88:c4:ef:23:88:19:
6c:3f:d0:cb:4a:55:28:75:c8:2a:c8:e1:c9:ce:93:53:9e:ca:
d2:83:c9:cd:66:b1:fa:4e:e2:fc:b8:97:01:c8:08:20:77:5f:
b5:ed:2a:2e:45:7b:6d:f6:26:ff:fc:ba:18:dd:d4:a2:6b:06:
3e:a6:78:2b:49:77:09:6e:3c:bc:be:0b:70:55:d0:33:e4:fb:
a5:c1:11:33:57:86:28:ea:42:98:ad:27:4e:0b:90:af:4f:93:
ad:82:2e:b1:f9:10:4e:35:e0:ce:3b:f0:94:9e:ce:f7:42:df:
35:88:cc:3d:85:10:9d:e7:4f:3f:d5:f2:db:c7:52:a9:39:a9:
57:07:c1:cf:4f:d9:22:13:b1:e0:be:26:3d:c6:c3:2d:20:66:
0b:e2:31:cd:ac:be:3a:d6:48:49:41:75:94:32:26:67:6e:0f:
7d:27:b9:ca:76:b8:65:5a:90:92:0c:6d:0c:85:1f:37:12:a8:
c7:47:f3:5f:42:e3:e1:e4:cc:9a:b6:54:1a:51:08:d9:32:44:
ee:7d:a8:b7:77:5d:14:72:d0:d9:f2:a8:d0:37:17:ec:41:f6:
9d:fc:61:32
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEOGQTDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Njk2YWVhNmJhYjc5YzQ4ZjVkZGVlNGE0NmJmNGFiNjRkODYzMTYwMB4XDTIyMDEw
MTA2MDYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGEzYWQ1ODA0YWVm
NTk3NjcxMWZkOGNlM2U2YjZmMDU5YjExNTlkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/JjYQYolQSXGAiDiHwRsfDrob1bITT0QjcPF2C9BCJashM
jneIsgRDHUfcC7pp6ps6nFo1itihuChIkE1N8XA4r10BSeHwYiYsEgJ5cleHUdf4
cfp7G6syEskWl4s7pg14Xs6MlNdlcKTuB5pa8PAoXztMihrQd0ubRb1sOuBzBxYw
oRZl7wIoU0lK0FEwZjuEtrTVB90oSV3MeyIWiCkxkoAHTAA1y1sTK7AO7h4Br/F9
jcZr7ZoyCkoURUd3YFo8yDzSCECaz/swuFyzjaec7jxUGrSlHIcKMSlGbJqSmsv9
xZMaHOfkTU/RS0126pnsq3ubkMEJk80bJlDEFrkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRKOtWASu9ZdnEf2M4+a28FmxFZ0DAfBgNVHSMEGDAWgBRmlq6murecSPXd
7kpGv0q2TYYxYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pwYXVwcnEzbkVqMTNlNUtScjlLdGsyR01XQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvNDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8x
L1NqclZnRXJ2V1haeEg5ak9QbXR2QlpzUldkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
NDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8xL1pwYXVwcnEzbkVq
MTNlNUtScjlLdGsyR01XQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBAK8wDQYJKoZIhvcNAQELBQAD
ggEBAC8B2C6uiZgInrxbxNgeNrtATHRpyplgQxYolqXQTIjE7yOIGWw/0MtKVSh1
yCrI4cnOk1OeytKDyc1msfpO4vy4lwHICCB3X7XtKi5Fe232Jv/8uhjd1KJrBj6m
eCtJdwluPLy+C3BV0DPk+6XBETNXhijqQpitJ04LkK9Pk62CLrH5EE414M478JSe
zvdC3zWIzD2FEJ3nTz/V8tvHUqk5qVcHwc9P2SITseC+Jj3Gwy0gZgviMc2svjrW
SElBdZQyJmduD30nucp2uGVakJIMbQyFHzcSqMdH819C4+HkzJq2VBpRCNkyRO59
qLd3XRRy0NnyqNA3F+xB9p38YTI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:45 2023 by rpki-client on console-ams.rpki-client.org