Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/6a294Gz9Oy9Y4vXohxTXj7TcWkQ.roa
File: 6a294Gz9Oy9Y4vXohxTXj7TcWkQ.roa (raw, json)
Hash identifier: KE9CvolYRFtFxr00mvMgTTWMy2fCU+wT4MFl5uaFLr0=
Subject key identifier: E9:AD:BD:E0:6C:FD:3B:2F:58:E2:F5:E8:87:14:D7:8F:B4:DC:5A:44
Certificate issuer: /CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Certificate serial: 0183C8052E7C503706C802E6FEA05FCCFE1D
Authority key identifier: B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/6a294Gz9Oy9Y4vXohxTXj7TcWkQ.roa
Signing time: Tue 11 Oct 2022 17:08:46 +0000
ROA not before: Tue 11 Oct 2022 17:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64484
IP address blocks: 2a0e:1e40:1::/48 maxlen: 48
2a0e:1e40:c::/48 maxlen: 48
2a0e:1e40::/29 maxlen: 29
2a0e:1e40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c8:05:2e:7c:50:37:06:c8:02:e6:fe:a0:5f:cc:fe:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Validity
Not Before: Oct 11 17:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9adbde06cfd3b2f58e2f5e88714d78fb4dc5a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a2:30:ae:14:d7:cb:c3:fc:41:3b:dc:0a:b5:
a5:11:6e:f0:e5:7d:42:21:86:ba:11:a7:cf:46:fd:
14:29:60:ae:9d:b6:0e:21:8f:31:48:f1:8a:57:98:
3b:f5:5e:a8:a0:9b:db:7d:90:79:aa:95:c1:4a:34:
67:bf:35:f7:02:98:99:e7:5c:8d:83:d3:2e:ed:a5:
d3:69:97:8f:38:18:b8:cb:c2:50:57:e7:21:08:bf:
34:78:56:20:58:28:50:bf:72:a4:69:66:bb:02:d4:
c9:b3:5b:1a:bd:a3:e3:b5:89:f0:9b:42:8b:16:01:
27:c6:74:f6:e9:5c:f0:3e:0a:b1:f2:09:07:a1:5b:
49:f6:c5:ae:dd:5c:6d:25:a0:a8:46:1a:8a:f7:2e:
80:77:af:a2:25:87:dd:2f:4f:13:29:fa:cd:f2:f4:
fc:56:f1:f8:58:df:eb:09:1e:e2:39:aa:33:39:07:
e1:96:ee:5f:9f:5f:43:6f:a6:69:c1:fe:ea:58:c9:
f2:b2:48:85:a6:3f:a4:dd:dc:57:a2:a7:86:17:f0:
18:45:82:db:fc:21:ce:44:9d:57:8b:94:c3:70:33:
63:14:2f:fb:31:9c:c9:f1:8e:64:bb:87:73:0e:bb:
f0:39:cc:32:73:dd:96:2f:fa:a6:a9:4a:59:08:15:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AD:BD:E0:6C:FD:3B:2F:58:E2:F5:E8:87:14:D7:8F:B4:DC:5A:44
X509v3 Authority Key Identifier:
keyid:B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/6a294Gz9Oy9Y4vXohxTXj7TcWkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/uBcWKHfan0Awu8uf6KwUPmqyhxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
70:79:5c:c4:6c:60:49:d7:43:cf:df:21:ba:af:93:71:06:3c:
7b:9f:2a:13:22:88:77:ff:d4:e7:6c:75:ee:26:06:6c:6c:97:
75:dd:22:6a:d4:21:48:bf:90:73:7f:75:37:77:2d:a2:fa:34:
28:ab:bd:bc:2d:85:89:55:8d:78:e1:9d:61:83:f6:49:c5:cb:
fb:06:80:19:6c:c1:55:d2:3f:04:34:a5:75:a6:78:63:97:f7:
86:a8:ca:ac:ab:ae:1a:2b:e9:f9:db:36:18:d4:81:80:82:9d:
6a:73:6f:05:2a:92:e6:00:92:3c:16:8d:1b:91:3b:97:f1:96:
a4:a2:f4:fd:e7:21:e3:14:35:d6:08:7c:48:65:5b:39:c1:e9:
0b:c3:12:ba:ec:2e:b7:04:1b:8b:04:5e:81:39:8a:a4:84:50:
7f:23:4e:96:fd:18:d2:8a:39:5a:0f:02:ba:c4:6a:dc:03:1d:
8b:9a:b4:9d:27:cc:66:ae:70:9b:c7:55:36:36:ae:f0:80:ad:
18:0c:0b:3c:ff:03:48:a1:6a:ed:8f:c1:c5:4e:90:fc:5b:ee:
4c:6a:44:f7:85:a1:bf:72:e4:8a:b0:9a:c1:a1:79:8f:19:74:
e7:7a:dc:fc:21:1d:59:88:56:9e:b8:a5:33:84:e6:eb:a0:6b:
89:ca:0d:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPIBS58UDcGyALm/qBfzP4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTcxNjI4NzdkYTlmNDAzMGJiY2I5ZmU4YWMxNDNlNmFi
Mjg3MWIwHhcNMjIxMDExMTcwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFkYmRlMDZjZmQzYjJmNThlMmY1ZTg4NzE0ZDc4ZmI0ZGM1YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaIwrhTXy8P8QTvcCrWlEW7w5X1C
IYa6EafPRv0UKWCunbYOIY8xSPGKV5g79V6ooJvbfZB5qpXBSjRnvzX3ApiZ51yN
g9Mu7aXTaZePOBi4y8JQV+chCL80eFYgWChQv3KkaWa7AtTJs1savaPjtYnwm0KL
FgEnxnT26VzwPgqx8gkHoVtJ9sWu3VxtJaCoRhqK9y6Ad6+iJYfdL08TKfrN8vT8
VvH4WN/rCR7iOaozOQfhlu5fn19Db6Zpwf7qWMnyskiFpj+k3dxXoqeGF/AYRYLb
/CHORJ1Xi5TDcDNjFC/7MZzJ8Y5ku4dzDrvwOcwyc92WL/qmqUpZCBVYvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmtveBs/TsvWOL16IcU14+03FpEMB8GA1UdIwQY
MBaAFLgXFih32p9AMLvLn+isFD5qsocbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQt
YjI3Y2EyOTFiZDc3LzEvNmEyOTRHejlPeTlZNHZYb2h4VFhqN1RjV2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQtYjI3Y2EyOTFiZDc3
LzEvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4eQDAN
BgkqhkiG9w0BAQsFAAOCAQEAcHlcxGxgSddDz98huq+TcQY8e58qEyKId//U52x1
7iYGbGyXdd0iatQhSL+Qc391N3ctovo0KKu9vC2FiVWNeOGdYYP2ScXL+waAGWzB
VdI/BDSldaZ4Y5f3hqjKrKuuGivp+ds2GNSBgIKdanNvBSqS5gCSPBaNG5E7l/GW
pKL0/ech4xQ11gh8SGVbOcHpC8MSuuwutwQbiwRegTmKpIRQfyNOlv0Y0oo5Wg8C
usRq3AMdi5q0nSfMZq5wm8dVNjau8ICtGAwLPP8DSKFq7Y/BxU6Q/FvuTGpE94Wh
v3LkirCawaF5jxl053rc/CEdWYhWnrilM4Tm66BricoNBA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:18 2023 by rpki-client on console-ams.rpki-client.org