Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/I2xyg3f_lCBZWZPsecW05aMgpU0.roa
File: I2xyg3f_lCBZWZPsecW05aMgpU0.roa (raw, json)
Hash identifier: NO1x25s77tqtTlowfPmh/rqeCFzDaQ2ffkOaWIWraEs=
Subject key identifier: 23:6C:72:83:77:FF:94:20:59:59:93:EC:79:C5:B4:E5:A3:20:A5:4D
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0A70E49C
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/I2xyg3f_lCBZWZPsecW05aMgpU0.roa
Signing time: Fri 15 Apr 2022 02:15:46 +0000
ROA not before: Fri 15 Apr 2022 02:15:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205794
IP address blocks: 2a0e:aa07:e03a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175170716 (0xa70e49c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Apr 15 02:15:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=236c728377ff9420595993ec79c5b4e5a320a54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:9c:51:dd:36:19:b4:ba:ef:09:fe:76:83:
e8:ca:94:b8:60:8c:74:ca:d2:85:19:b4:fb:ab:01:
8e:9a:4f:50:48:72:fa:a5:fd:13:f6:b9:40:92:42:
8d:3c:98:28:2d:03:6f:8b:bd:37:95:e7:4a:d3:98:
80:34:da:2f:4b:a4:c1:6c:e3:d3:54:4b:4c:b0:c8:
1e:8e:41:1d:6d:99:54:52:04:3e:e6:9d:02:c0:51:
b8:97:07:22:48:64:e8:32:e1:06:37:ef:3d:e3:16:
bb:4d:3b:d0:3a:18:ee:ad:37:0d:53:8a:8b:96:2e:
76:8b:6c:61:44:12:9e:4f:99:0c:68:7d:c2:77:a7:
8b:71:9d:f3:23:28:46:82:e0:2d:60:52:83:30:f0:
47:23:07:7e:6b:8a:94:ee:a3:f2:29:7a:b5:d0:c8:
43:aa:57:3f:2c:9f:55:33:e3:41:f0:ed:92:b6:cb:
41:23:28:27:cb:ea:b8:72:68:9f:2f:a9:37:35:c3:
89:ea:30:0b:6f:1b:ca:d9:6a:d5:8e:59:b6:0c:2c:
d8:b0:ae:c8:9a:19:84:92:14:62:bd:4e:32:d9:99:
81:52:e4:15:72:a8:50:e0:1a:99:22:51:58:0a:79:
9b:05:f1:c2:60:a5:db:48:21:9f:c9:73:12:95:cc:
17:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6C:72:83:77:FF:94:20:59:59:93:EC:79:C5:B4:E5:A3:20:A5:4D
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/I2xyg3f_lCBZWZPsecW05aMgpU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e03a::/48
Signature Algorithm: sha256WithRSAEncryption
79:ad:d0:8e:f3:0f:a5:79:06:01:eb:49:a0:39:bf:e0:06:74:
36:e3:97:60:f1:f9:5a:bb:d0:a1:e6:16:f4:23:6d:d1:2b:1f:
bb:75:ba:46:01:09:d7:66:5e:ac:30:51:8d:ec:5b:52:40:0c:
aa:48:4d:4d:93:dd:64:79:c7:ac:32:7e:cc:a1:5e:26:f7:55:
56:55:2e:28:7f:db:6f:f4:cd:b6:5e:50:02:b2:f7:63:b1:c6:
7b:34:46:d1:cc:4f:7d:ff:4c:0c:1c:d3:ec:9d:f3:81:6e:1a:
ad:6c:84:95:4c:ec:17:73:1b:d7:fa:54:a7:65:f7:70:97:0a:
e1:0a:2a:42:19:82:1d:b0:30:a0:5d:ee:9b:e1:b9:80:bd:55:
b0:fd:07:6d:cd:90:96:b2:91:39:ed:9b:8b:66:e1:d1:56:1f:
63:4a:b8:99:4a:21:19:01:5c:48:11:11:5d:25:7f:89:2c:1a:
ae:f7:23:ef:d5:f2:32:74:cc:2c:0e:d5:95:d5:60:05:f4:2b:
08:a8:d7:5b:4a:5f:77:9f:8f:cb:77:2a:99:c7:8f:6e:43:77:
be:95:fc:91:bb:22:a5:44:2f:e9:ad:81:6f:4d:70:36:73:48:
54:9e:c1:24:4d:cf:c6:08:67:6f:be:70:e2:e2:1b:97:95:b4:
f6:2b:8d:67
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECnDknDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDQx
NTAyMTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM2YzcyODM3N2Zm
OTQyMDU5NTk5M2VjNzljNWI0ZTVhMzIwYTU0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/cnFHdNhm0uu8J/naD6MqUuGCMdMrShRm0+6sBjppPUEhy
+qX9E/a5QJJCjTyYKC0Db4u9N5XnStOYgDTaL0ukwWzj01RLTLDIHo5BHW2ZVFIE
PuadAsBRuJcHIkhk6DLhBjfvPeMWu0070DoY7q03DVOKi5YudotsYUQSnk+ZDGh9
wneni3Gd8yMoRoLgLWBSgzDwRyMHfmuKlO6j8il6tdDIQ6pXPyyfVTPjQfDtkrbL
QSMoJ8vquHJony+pNzXDieowC28bytlq1Y5Ztgws2LCuyJoZhJIUYr1OMtmZgVLk
FXKoUOAamSJRWAp5mwXxwmCl20ghn8lzEpXMF3ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQjbHKDd/+UIFlZk+x5xbTloyClTTAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L0kyeHlnM2ZfbENCWldaUHNlY1cwNWFNZ3BVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOqgfgOjANBgkqhkiG9w0BAQsF
AAOCAQEAea3QjvMPpXkGAetJoDm/4AZ0NuOXYPH5WrvQoeYW9CNt0Ssfu3W6RgEJ
12ZerDBRjexbUkAMqkhNTZPdZHnHrDJ+zKFeJvdVVlUuKH/bb/TNtl5QArL3Y7HG
ezRG0cxPff9MDBzT7J3zgW4arWyElUzsF3Mb1/pUp2X3cJcK4QoqQhmCHbAwoF3u
m+G5gL1VsP0Hbc2QlrKROe2bi2bh0VYfY0q4mUohGQFcSBERXSV/iSwarvcj79Xy
MnTMLA7VldVgBfQrCKjXW0pfd5+Py3cqmcePbkN3vpX8kbsipUQv6a2Bb01wNnNI
VJ7BJE3Pxghnb75w4uIbl5W09iuNZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org