Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/Mj24XnV1ciFHqZ88ZltTj0wdrdQ.roa
File: Mj24XnV1ciFHqZ88ZltTj0wdrdQ.roa (raw, json)
Hash identifier: c2k+KBmkRyhViYEO7b0L7+jDfiim6K40RlQTHDnlSzs=
Subject key identifier: 32:3D:B8:5E:75:75:72:21:47:A9:9F:3C:66:5B:53:8F:4C:1D:AD:D4
Certificate issuer: /CN=c4232bd5238dc4010d1c52929ddea4f23c042574
Certificate serial: 0183130E8ABBAF6A30C7CF9808A1C3030660
Authority key identifier: C4:23:2B:D5:23:8D:C4:01:0D:1C:52:92:9D:DE:A4:F2:3C:04:25:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCMr1SONxAENHFKSnd6k8jwEJXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/Mj24XnV1ciFHqZ88ZltTj0wdrdQ.roa
Signing time: Tue 06 Sep 2022 13:47:43 +0000
ROA not before: Tue 06 Sep 2022 13:47:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:b300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:0e:8a:bb:af:6a:30:c7:cf:98:08:a1:c3:03:06:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4232bd5238dc4010d1c52929ddea4f23c042574
Validity
Not Before: Sep 6 13:47:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=323db85e7575722147a99f3c665b538f4c1dadd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:72:e1:97:86:e2:db:e3:0b:3c:e4:12:e0:
24:08:c5:e0:b8:78:16:ef:cf:71:71:07:e6:81:ad:
f7:b0:cb:d7:1c:13:78:d7:b3:b1:95:94:bc:c5:ee:
11:cd:1e:54:8a:95:ba:09:3c:57:0c:71:de:78:fd:
60:1d:48:84:12:d8:8e:20:8c:4f:2d:bb:41:95:2d:
dc:82:65:78:5d:5c:db:55:82:93:ca:e1:e5:b2:23:
b6:a3:f6:9d:01:49:76:2f:ad:09:0a:99:21:b0:34:
59:7b:2b:e1:2e:09:a1:8d:7c:fe:0f:83:2e:36:8a:
d8:cb:33:7d:79:d8:13:dd:77:07:9d:86:07:5e:e8:
c1:d7:bc:5b:21:b5:95:18:1b:d4:1e:4c:d5:37:17:
f9:33:05:ae:68:8f:b6:9d:da:1e:e9:b0:91:30:a5:
39:67:0d:07:bc:be:c4:db:36:93:43:a7:21:f5:18:
bb:a6:65:0f:9b:5d:24:d9:ff:c1:74:33:8b:60:f2:
e8:b2:de:16:f2:d2:d7:15:71:12:74:cb:92:5d:93:
59:a7:51:80:6c:cc:b5:8f:4b:66:3a:6a:23:62:fa:
90:53:43:4c:6e:f4:9c:87:00:9a:fd:07:7c:3f:60:
0c:9b:3f:da:21:97:d1:45:6b:f5:77:7e:cd:fa:72:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3D:B8:5E:75:75:72:21:47:A9:9F:3C:66:5B:53:8F:4C:1D:AD:D4
X509v3 Authority Key Identifier:
keyid:C4:23:2B:D5:23:8D:C4:01:0D:1C:52:92:9D:DE:A4:F2:3C:04:25:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCMr1SONxAENHFKSnd6k8jwEJXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/Mj24XnV1ciFHqZ88ZltTj0wdrdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/xCMr1SONxAENHFKSnd6k8jwEJXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b300::/29
Signature Algorithm: sha256WithRSAEncryption
5e:03:a0:69:eb:97:10:44:d8:e5:80:b4:59:ae:d0:ed:08:40:
b9:9f:8b:3d:4e:35:4c:3c:31:d3:b3:c9:31:c8:8c:1f:60:f0:
bf:0b:2c:f0:d7:b3:61:80:1d:4c:2b:e3:11:3e:5b:27:d8:4a:
73:55:e2:a9:6a:ac:d8:ee:bf:0d:86:f9:78:ea:54:fd:a9:1f:
91:8c:79:60:84:3f:8e:af:f4:5b:93:6a:6d:c3:fc:d7:61:f2:
b9:07:8a:e5:2b:94:1e:af:25:4b:81:37:ae:8e:16:cc:79:c5:
c3:82:53:94:db:94:16:25:2f:4f:4c:a0:9a:e4:12:e3:4a:15:
7b:83:79:ad:c8:64:f3:fb:5a:2d:f2:38:59:54:43:85:aa:38:
12:0a:6d:ff:8c:58:7e:81:33:5b:57:92:48:0c:a0:00:08:6a:
55:a4:d2:d3:cf:22:10:33:3b:83:c9:14:f6:1c:c9:49:29:1e:
92:fd:63:02:4a:eb:ce:aa:89:1d:e8:b1:df:bf:0d:07:73:2c:
d7:3a:7b:03:50:d9:ae:2f:07:29:5a:2e:a2:00:2e:6a:7d:ac:
8b:a7:8e:f4:71:bb:b4:e5:83:12:5f:11:ea:51:f3:f4:69:2f:
b1:fe:1b:b2:63:f0:d9:82:2e:06:0f:6f:e6:bb:97:e6:1a:18:
58:0c:08:b7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMTDoq7r2owx8+YCKHDAwZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjMyYmQ1MjM4ZGM0MDEwZDFjNTI5MjlkZGVhNGYyM2Mw
NDI1NzQwHhcNMjIwOTA2MTM0NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjNkYjg1ZTc1NzU3MjIxNDdhOTlmM2M2NjViNTM4ZjRjMWRhZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk9y4ZeG4tvjCzzkEuAkCMXguHgW
789xcQfmga33sMvXHBN417OxlZS8xe4RzR5UipW6CTxXDHHeeP1gHUiEEtiOIIxP
LbtBlS3cgmV4XVzbVYKTyuHlsiO2o/adAUl2L60JCpkhsDRZeyvhLgmhjXz+D4Mu
NorYyzN9edgT3XcHnYYHXujB17xbIbWVGBvUHkzVNxf5MwWuaI+2ndoe6bCRMKU5
Zw0HvL7E2zaTQ6ch9Ri7pmUPm10k2f/BdDOLYPLost4W8tLXFXESdMuSXZNZp1GA
bMy1j0tmOmojYvqQU0NMbvSchwCa/Qd8P2AMmz/aIZfRRWv1d37N+nKEcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDI9uF51dXIhR6mfPGZbU49MHa3UMB8GA1UdIwQY
MBaAFMQjK9UjjcQBDRxSkp3epPI8BCV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENNcjFTT054QUVOSEZLU25kNms4andFSlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jNDJhZTctNWY2NC00MDM5LWEwNTEt
NDAzYjg1N2JmOGI3LzEvTWoyNFhuVjFjaUZIcVo4OFpsdFRqMHdkcmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jNDJhZTctNWY2NC00MDM5LWEwNTEtNDAzYjg1N2JmOGI3
LzEveENNcjFTT054QUVOSEZLU25kNms4andFSlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGzADAN
BgkqhkiG9w0BAQsFAAOCAQEAXgOgaeuXEETY5YC0Wa7Q7QhAuZ+LPU41TDwx07PJ
MciMH2Dwvwss8NezYYAdTCvjET5bJ9hKc1XiqWqs2O6/DYb5eOpU/akfkYx5YIQ/
jq/0W5NqbcP812HyuQeK5SuUHq8lS4E3ro4WzHnFw4JTlNuUFiUvT0ygmuQS40oV
e4N5rchk8/taLfI4WVRDhao4Egpt/4xYfoEzW1eSSAygAAhqVaTS088iEDM7g8kU
9hzJSSkekv1jAkrrzqqJHeix378NB3Ms1zp7A1DZri8HKVouogAuan2si6eO9HG7
tOWDEl8R6lHz9Gkvsf4bsmPw2YIuBg9v5ruX5hoYWAwItw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:27 2023 by rpki-client on console-fra.rpki-client.org