Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/8QLztvNy5x1OFEX4BaZUuTUaPBQ.roa
File: 8QLztvNy5x1OFEX4BaZUuTUaPBQ.roa (raw, json)
Hash identifier: t72Y6KUJIZBpgELLuebkhWxoyraydShkXMsLAxf4GbU=
Subject key identifier: F1:02:F3:B6:F3:72:E7:1D:4E:14:45:F8:05:A6:54:B9:35:1A:3C:14
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 097ED63C
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/8QLztvNy5x1OFEX4BaZUuTUaPBQ.roa
Signing time: Sat 01 Jan 2022 09:04:08 +0000
ROA not before: Sat 01 Jan 2022 09:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211035
IP address blocks: 2a0e:aa07:e023::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159307324 (0x97ed63c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f102f3b6f372e71d4e1445f805a654b9351a3c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:6f:bd:52:be:eb:8e:64:76:ea:74:d5:cd:
bb:aa:b9:8a:53:c3:1e:57:2e:3d:fa:1b:80:8e:01:
65:b3:1f:04:37:d1:5b:58:07:fb:82:28:e2:4e:28:
bc:fb:17:aa:09:06:7e:4c:90:fd:f2:f5:8b:63:12:
f4:6e:35:ad:44:d7:2b:32:00:91:8a:bf:43:88:01:
35:6a:bc:04:1b:bb:45:76:d9:0b:72:16:51:f8:82:
00:48:37:04:cb:76:dd:0a:24:e6:a9:b4:fa:d9:23:
e3:60:ff:2e:b1:73:58:9f:63:5f:f7:a7:35:ac:8c:
d5:24:bf:f8:fc:31:5d:a2:a8:66:51:4b:2e:5d:37:
55:9e:9d:4b:16:2c:63:ea:93:24:1c:ca:cd:64:c3:
a8:32:72:8e:6c:10:2d:02:04:f4:44:f5:91:29:26:
15:a0:29:87:8e:f9:5d:45:35:ec:0e:33:5b:1a:d0:
8f:04:a2:7f:98:4d:64:1a:38:f8:30:29:39:c2:8d:
e7:c7:93:cb:93:dc:e8:ba:fe:d4:c4:c4:41:d2:cf:
b1:ca:49:a8:d8:e2:d3:ea:21:ef:61:31:e6:ea:6d:
a3:43:10:b3:fc:e5:3c:b5:c2:d5:5e:41:79:25:02:
46:c9:2b:9a:58:a6:54:06:9f:c1:fe:0a:64:a2:2d:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:02:F3:B6:F3:72:E7:1D:4E:14:45:F8:05:A6:54:B9:35:1A:3C:14
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/8QLztvNy5x1OFEX4BaZUuTUaPBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e023::/48
Signature Algorithm: sha256WithRSAEncryption
65:72:03:19:71:cc:da:9c:43:80:92:8f:4d:74:cb:f3:97:cc:
8d:80:a8:3a:30:ed:90:26:87:9e:e5:f6:f3:77:0f:30:2a:dc:
7c:ea:76:e1:eb:4e:ea:00:67:47:be:e3:18:bd:2b:78:30:10:
ab:34:e5:4e:4d:20:93:a4:ca:ce:04:0d:ef:49:25:08:42:87:
3b:51:8f:af:65:1b:10:38:19:73:8f:a0:e6:d1:a7:78:ba:38:
d7:33:80:9e:ad:a2:16:61:9c:d0:fe:ce:84:7e:29:e4:2f:7c:
5a:22:73:21:7b:7d:9c:95:49:58:da:0a:b4:6f:71:78:d3:93:
95:79:0e:6c:2b:3a:40:d8:41:79:29:17:cb:cf:5f:2b:a4:58:
fc:60:fe:7c:b1:04:2f:16:e0:ff:ec:ac:6e:5e:5e:59:a9:c0:
19:2a:ee:aa:78:a8:5e:24:3a:f3:6f:69:34:2a:e8:55:0a:02:
19:ce:51:62:4d:9c:ab:e2:c8:b8:79:4c:59:f9:47:c6:77:b4:
23:2b:eb:ee:5e:a8:22:12:83:ef:cf:31:87:6b:46:aa:5c:89:
3b:6c:f7:4e:85:20:94:33:76:c4:9f:71:3a:81:d2:fd:53:4b:
0f:01:bb:d5:33:ef:dd:d9:c4:87:25:82:b3:62:c3:00:b0:30:
93:1b:b5:86
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECX7WPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjEwMmYzYjZmMzcy
ZTcxZDRlMTQ0NWY4MDVhNjU0YjkzNTFhM2MxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPyb71SvuuOZHbqdNXNu6q5ilPDHlcuPfobgI4BZbMfBDfR
W1gH+4Io4k4ovPsXqgkGfkyQ/fL1i2MS9G41rUTXKzIAkYq/Q4gBNWq8BBu7RXbZ
C3IWUfiCAEg3BMt23Qok5qm0+tkj42D/LrFzWJ9jX/enNayM1SS/+PwxXaKoZlFL
Ll03VZ6dSxYsY+qTJBzKzWTDqDJyjmwQLQIE9ET1kSkmFaAph475XUU17A4zWxrQ
jwSif5hNZBo4+DApOcKN58eTy5Pc6Lr+1MTEQdLPscpJqNji0+oh72Ex5upto0MQ
s/zlPLXC1V5BeSUCRskrmlimVAafwf4KZKItpAECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTxAvO283LnHU4URfgFplS5NRo8FDAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
LzhRTHp0dk55NXgxT0ZFWDRCYVpVdVRVYVBCUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOqgfgIzANBgkqhkiG9w0BAQsF
AAOCAQEAZXIDGXHM2pxDgJKPTXTL85fMjYCoOjDtkCaHnuX283cPMCrcfOp24etO
6gBnR77jGL0reDAQqzTlTk0gk6TKzgQN70klCEKHO1GPr2UbEDgZc4+g5tGneLo4
1zOAnq2iFmGc0P7OhH4p5C98WiJzIXt9nJVJWNoKtG9xeNOTlXkObCs6QNhBeSkX
y89fK6RY/GD+fLEELxbg/+ysbl5eWanAGSruqnioXiQ6829pNCroVQoCGc5RYk2c
q+LIuHlMWflHxne0Iyvr7l6oIhKD788xh2tGqlyJO2z3ToUglDN2xJ9xOoHS/VNL
DwG71TPv3dnEhyWCs2LDALAwkxu1hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org