Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/2iv5rryT9J-URWum9fOe0ODClt4.roa
File: 2iv5rryT9J-URWum9fOe0ODClt4.roa (raw, json)
Hash identifier: 9KwJ1iBaX4rS1oIBUE8bb0a/9ETGjVJkzL116Hr+pdc=
Subject key identifier: DA:2B:F9:AE:BC:93:F4:9F:94:45:6B:A6:F5:F3:9E:D0:E0:C2:96:DE
Certificate issuer: /CN=8f4ebe6064aab03f269e22815acd4949a6fb7265
Certificate serial: 0EA49516
Authority key identifier: 8F:4E:BE:60:64:AA:B0:3F:26:9E:22:81:5A:CD:49:49:A6:FB:72:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j06-YGSqsD8mniKBWs1JSab7cmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/2iv5rryT9J-URWum9fOe0ODClt4.roa
Signing time: Wed 13 Apr 2022 13:05:04 +0000
ROA not before: Wed 13 Apr 2022 13:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12676
IP address blocks: 2a0b:f440:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245667094 (0xea49516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ebe6064aab03f269e22815acd4949a6fb7265
Validity
Not Before: Apr 13 13:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da2bf9aebc93f49f94456ba6f5f39ed0e0c296de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:56:ef:b3:41:31:f4:16:1f:3e:b0:b9:55:
3a:b6:8b:e9:86:60:59:00:48:8b:17:a8:75:4e:99:
73:79:a8:07:d5:23:89:ee:c6:e5:90:e6:8f:42:43:
56:f9:2c:79:ec:a4:a7:5f:2a:c5:c7:92:b7:2f:34:
44:f9:98:28:eb:c2:6d:25:cd:b6:56:4b:ed:22:8f:
69:57:bc:52:b4:8a:fe:ea:02:bb:3f:76:30:cc:4c:
44:09:10:a5:65:e6:05:2e:87:e4:6b:73:ca:cf:6f:
3c:71:84:48:51:d6:62:46:8a:be:56:79:58:6d:13:
1b:52:5d:b6:be:5e:d2:1f:b3:b3:a8:0a:55:09:1d:
c8:90:db:a3:5d:58:13:b1:46:95:09:9c:13:93:54:
dd:d4:51:66:cc:39:05:a9:a1:c4:31:f0:dd:8f:56:
56:ce:bc:3d:31:b9:db:b8:62:9d:4e:d1:83:c0:2f:
d4:38:4b:33:01:ae:f9:0f:25:e1:9b:cb:e8:e0:87:
27:63:b5:94:a3:30:d2:85:0f:3c:77:2f:9d:53:f9:
22:55:e6:8d:4d:4e:20:02:76:eb:e5:59:2e:67:1f:
5e:14:30:4a:31:10:9e:1b:98:d4:e4:74:2c:b0:f6:
ad:7d:a6:6d:5e:d4:ac:e3:74:8f:89:b9:bb:a3:c3:
fe:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2B:F9:AE:BC:93:F4:9F:94:45:6B:A6:F5:F3:9E:D0:E0:C2:96:DE
X509v3 Authority Key Identifier:
keyid:8F:4E:BE:60:64:AA:B0:3F:26:9E:22:81:5A:CD:49:49:A6:FB:72:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j06-YGSqsD8mniKBWs1JSab7cmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/2iv5rryT9J-URWum9fOe0ODClt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/j06-YGSqsD8mniKBWs1JSab7cmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:f440:11::/48
Signature Algorithm: sha256WithRSAEncryption
8f:dd:3f:f8:e9:f8:61:34:bf:26:dd:0c:fb:77:57:f7:d0:31:
c6:d4:90:71:b4:3f:aa:da:cd:90:08:f3:3c:94:e0:92:02:8e:
0c:99:fe:17:05:12:83:ac:45:0b:d4:00:df:66:20:ca:f2:a1:
bd:c0:93:a0:77:98:66:25:93:7d:89:6a:58:26:37:7c:e0:8c:
55:21:4c:32:57:cd:4a:a3:bb:8c:1b:f8:cf:b3:d8:c0:19:82:
a8:71:58:87:4e:ce:5d:d2:cc:e0:eb:59:c3:3d:ae:dd:1d:13:
04:19:15:a9:61:ea:9d:3e:57:78:73:6e:44:f5:ee:cd:4f:54:
c4:c6:e7:a5:40:12:31:ec:41:41:ac:c1:92:18:fd:e2:df:7b:
01:b3:e2:0b:70:7e:ae:f5:cf:d8:2a:62:50:40:ed:7a:ae:1b:
47:78:a3:02:fd:f8:77:e3:87:f8:14:37:b8:e0:ec:48:07:e8:
da:41:81:55:cd:00:01:f2:b8:10:18:d0:fd:3a:50:12:28:ad:
ac:64:cb:96:2f:c0:fd:d6:17:11:8a:41:f9:7e:2a:a4:f0:bb:
a8:4d:9b:08:f3:3c:cd:b3:2c:26:7f:bf:85:40:60:d2:dd:cb:
52:e4:3f:35:b4:f9:3c:c7:30:97:5c:fa:79:88:ff:1e:03:2b:
c1:56:e1:d0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDqSVFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjRlYmU2MDY0YWFiMDNmMjY5ZTIyODE1YWNkNDk0OWE2ZmI3MjY1MB4XDTIyMDQx
MzEzMDUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEyYmY5YWViYzkz
ZjQ5Zjk0NDU2YmE2ZjVmMzllZDBlMGMyOTZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/RVu+zQTH0Fh8+sLlVOraL6YZgWQBIixeodU6Zc3moB9Uj
ie7G5ZDmj0JDVvkseeykp18qxceSty80RPmYKOvCbSXNtlZL7SKPaVe8UrSK/uoC
uz92MMxMRAkQpWXmBS6H5Gtzys9vPHGESFHWYkaKvlZ5WG0TG1Jdtr5e0h+zs6gK
VQkdyJDbo11YE7FGlQmcE5NU3dRRZsw5BamhxDHw3Y9WVs68PTG527hinU7Rg8Av
1DhLMwGu+Q8l4ZvL6OCHJ2O1lKMw0oUPPHcvnVP5IlXmjU1OIAJ26+VZLmcfXhQw
SjEQnhuY1OR0LLD2rX2mbV7UrON0j4m5u6PD/okCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTaK/muvJP0n5RFa6b1857Q4MKW3jAfBgNVHSMEGDAWgBSPTr5gZKqwPyae
IoFazUlJpvtyZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2owNi1ZR1Nxc0Q4bW5pS0JXczFKU2FiN2NtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvZDI5ODdkLTNkYjktNDBjZS05NTU0LTE2YzM1MGI3ZDc5ZC8x
LzJpdjVycnlUOUotVVJXdW05Zk9lME9EQ2x0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
ZDI5ODdkLTNkYjktNDBjZS05NTU0LTE2YzM1MGI3ZDc5ZC8xL2owNi1ZR1Nxc0Q4
bW5pS0JXczFKU2FiN2NtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoL9EAAETANBgkqhkiG9w0BAQsF
AAOCAQEAj90/+On4YTS/Jt0M+3dX99AxxtSQcbQ/qtrNkAjzPJTgkgKODJn+FwUS
g6xFC9QA32YgyvKhvcCToHeYZiWTfYlqWCY3fOCMVSFMMlfNSqO7jBv4z7PYwBmC
qHFYh07OXdLM4OtZwz2u3R0TBBkVqWHqnT5XeHNuRPXuzU9UxMbnpUASMexBQazB
khj94t97AbPiC3B+rvXP2CpiUEDteq4bR3ijAv34d+OH+BQ3uODsSAfo2kGBVc0A
AfK4EBjQ/TpQEiitrGTLli/A/dYXEYpB+X4qpPC7qE2bCPM8zbMsJn+/hUBg0t3L
UuQ/NbT5PMcwl1z6eYj/HgMrwVbh0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:05 2023 by rpki-client on console-fra.rpki-client.org