Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/iXvJ_3YjpQkUtQuqc7I50W7gkWk.roa
File: iXvJ_3YjpQkUtQuqc7I50W7gkWk.roa (raw, json)
Hash identifier: C6agWu+xNJb6oZOJafSJ/N34YMzig83WhNWuIuUOnZg=
Subject key identifier: 89:7B:C9:FF:76:23:A5:09:14:B5:0B:AA:73:B2:39:D1:6E:E0:91:69
Certificate issuer: /CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Certificate serial: 0184AE910B754256E906FBF1AD37F828805C
Authority key identifier: 4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/iXvJ_3YjpQkUtQuqc7I50W7gkWk.roa
Signing time: Fri 25 Nov 2022 11:34:11 +0000
ROA not before: Fri 25 Nov 2022 11:34:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61211
IP address blocks: 2a13:16c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:91:0b:75:42:56:e9:06:fb:f1:ad:37:f8:28:80:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Validity
Not Before: Nov 25 11:34:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=897bc9ff7623a50914b50baa73b239d16ee09169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e5:c3:a3:55:2b:78:ab:2e:d8:f4:e9:84:1a:
31:65:5d:4d:d2:6b:f3:8c:25:8d:c1:0d:8e:80:3b:
74:78:05:9a:ee:4d:38:51:86:bf:a9:3b:ea:0e:6a:
36:65:7d:d1:12:64:cd:a6:75:c3:5d:ca:19:d5:8e:
e3:fc:79:43:6c:62:a4:6d:f4:5b:af:b2:ea:67:18:
ec:a4:bd:c8:eb:7e:16:62:9c:5e:b5:b7:6b:c4:49:
ca:c4:5c:cf:e7:1f:a9:94:1f:ab:cd:df:11:0d:4a:
a2:81:fc:72:8f:4b:42:b1:12:97:77:68:91:86:63:
9f:e0:46:8e:f5:d4:fb:5e:b9:3d:2c:0c:42:fd:ad:
02:2e:ac:79:a6:9d:3b:4d:3f:19:e7:1a:a8:b6:ed:
f6:9a:04:5c:c2:72:c7:35:a7:06:7b:46:c4:8b:38:
a0:26:ce:d3:e0:57:6f:c1:6e:6f:ec:b0:f3:43:03:
4b:27:c1:74:71:c0:ea:c1:7e:7c:b5:d7:7e:11:28:
b3:fa:84:2e:86:fe:62:82:08:84:bd:22:d7:12:bb:
cf:78:e4:ab:e4:94:8d:bf:7f:0e:af:ac:85:cf:38:
9c:4b:af:e0:c7:db:37:af:e0:9f:4f:34:66:de:71:
e4:f9:6d:64:6f:52:f7:4d:b1:d3:e6:69:c2:cf:78:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7B:C9:FF:76:23:A5:09:14:B5:0B:AA:73:B2:39:D1:6E:E0:91:69
X509v3 Authority Key Identifier:
keyid:4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/iXvJ_3YjpQkUtQuqc7I50W7gkWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:38:11:97:07:31:e2:33:43:9e:fa:99:6a:ef:df:20:bb:d4:
7f:94:fd:e9:a1:38:ca:6f:fc:57:d2:1a:9f:41:3d:2a:db:d9:
d7:6e:f1:c7:21:0a:ce:5f:5d:6b:14:ca:d6:e1:e2:78:29:b6:
c1:92:53:fa:a9:24:09:14:8c:a5:ec:30:41:72:06:54:ad:2e:
c1:f0:43:07:5f:a9:d3:1d:4b:21:27:c2:1b:2b:a5:30:4b:d1:
0b:d3:f8:2d:83:cd:e9:41:63:86:5c:12:6d:b1:35:cd:b2:ca:
d6:7d:78:87:08:9c:98:3e:1b:98:96:92:fd:0e:29:91:38:ec:
90:7c:1b:19:dd:1d:0a:0a:c9:21:9c:22:73:2a:eb:d9:bb:a8:
d2:85:28:f4:af:b6:56:e1:a0:86:c1:b0:b7:f7:05:d1:79:22:
d3:1e:2f:44:81:09:1e:27:d4:7c:27:a6:ae:18:02:75:55:51:
de:59:bf:d4:73:7f:95:84:e1:37:6c:a5:c7:bc:c3:5b:01:ef:
ef:07:21:85:fd:6a:9f:cf:c9:43:f9:c1:d8:c9:e2:15:b2:ff:
c1:f2:bc:80:5c:d3:63:d9:b5:85:9a:b9:4f:01:41:30:8f:9e:
65:0e:ea:8e:29:a8:7c:42:bd:3b:08:69:e4:e4:ae:42:2f:b7:
a3:87:02:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSukQt1QlbpBvvxrTf4KIBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNkYzY3NTNhOGNiZDc0Yjc0NDUyYzE1MzZmMzdkOWM0
ZGM3MGMwHhcNMjIxMTI1MTEzNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdiYzlmZjc2MjNhNTA5MTRiNTBiYWE3M2IyMzlkMTZlZTA5MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+XDo1UreKsu2PTphBoxZV1N0mvz
jCWNwQ2OgDt0eAWa7k04UYa/qTvqDmo2ZX3REmTNpnXDXcoZ1Y7j/HlDbGKkbfRb
r7LqZxjspL3I634WYpxetbdrxEnKxFzP5x+plB+rzd8RDUqigfxyj0tCsRKXd2iR
hmOf4EaO9dT7Xrk9LAxC/a0CLqx5pp07TT8Z5xqotu32mgRcwnLHNacGe0bEizig
Js7T4FdvwW5v7LDzQwNLJ8F0ccDqwX58tdd+ESiz+oQuhv5iggiEvSLXErvPeOSr
5JSNv38Or6yFzzicS6/gx9s3r+CfTzRm3nHk+W1kb1L3TbHT5mnCz3gPKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIl7yf92I6UJFLULqnOyOdFu4JFpMB8GA1UdIwQY
MBaAFEpj3GdTqMvXS3RFLBU2832cTccMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAt
ZTM0MWIwZjkxNWQzLzEvaVh2Sl8zWWpwUWtVdFF1cWM3STUwVzdna1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAtZTM0MWIwZjkxNWQz
LzEvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGzgRlwcx4jNDnvqZau/fILvUf5T96aE4ym/8V9Ia
n0E9KtvZ127xxyEKzl9daxTK1uHieCm2wZJT+qkkCRSMpewwQXIGVK0uwfBDB1+p
0x1LISfCGyulMEvRC9P4LYPN6UFjhlwSbbE1zbLK1n14hwicmD4bmJaS/Q4pkTjs
kHwbGd0dCgrJIZwicyrr2buo0oUo9K+2VuGghsGwt/cF0Xki0x4vRIEJHifUfCem
rhgCdVVR3lm/1HN/lYThN2ylx7zDWwHv7wchhf1qn8/JQ/nB2MniFbL/wfK8gFzT
Y9m1hZq5TwFBMI+eZQ7qjimofEK9Owhp5OSuQi+3o4cCpg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:04 2023 by rpki-client on console-fra.rpki-client.org