Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iT7UHZO22XlZrzvFyb_eYKQ2duA.roa
File: iT7UHZO22XlZrzvFyb_eYKQ2duA.roa (raw, json)
Hash identifier: GPwDsWG2QdO5nlWeNaOlWGjHnRwGd0f1nzVaILWQxFQ=
Subject key identifier: 89:3E:D4:1D:93:B6:D9:79:59:AF:3B:C5:C9:BF:DE:60:A4:36:76:E0
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 096C173A
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iT7UHZO22XlZrzvFyb_eYKQ2duA.roa
Signing time: Sat 01 Jan 2022 09:03:58 +0000
ROA not before: Sat 01 Jan 2022 09:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208498
IP address blocks: 2a0e:aa01:ab10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158078778 (0x96c173a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=893ed41d93b6d97959af3bc5c9bfde60a43676e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:68:0b:ef:64:7b:bb:09:c2:dd:d0:9a:00:01:
e0:56:c3:5c:7b:6a:7c:3c:3f:79:7d:2f:b7:bc:40:
df:b6:6c:53:ab:c1:e9:9e:40:1e:93:cb:33:87:ab:
16:f0:42:a6:b3:cc:29:dd:bf:f9:73:49:7c:ae:42:
90:72:36:67:2f:e4:a1:f2:aa:35:ac:ff:14:c2:55:
13:bd:14:71:3f:fe:ef:84:a5:9b:c5:68:5d:d4:fe:
0c:86:d2:b8:97:6b:37:63:bd:63:e0:57:77:6b:95:
af:3c:c5:90:45:97:f7:a2:b2:f8:be:28:ec:bd:49:
6f:31:ab:ac:15:96:3f:bd:9e:a0:ba:ac:63:8d:8d:
8d:25:f9:8e:cf:51:39:0b:11:52:62:00:11:76:f9:
31:5b:32:9f:e2:cc:f6:7c:56:97:84:fb:75:d4:bd:
71:90:fe:3d:50:96:d7:47:d6:2b:5f:90:ff:e7:be:
7a:34:94:b4:73:55:80:5c:ce:bf:8f:7a:c2:1a:0f:
d9:b0:fc:4d:e6:3e:1d:3e:2e:46:89:47:1d:cd:f2:
bf:17:a5:8c:aa:e2:fb:3e:4a:35:8c:e9:4a:72:cc:
53:7a:6f:19:41:12:ee:96:87:9b:09:17:23:82:e5:
59:31:cd:11:db:65:fe:af:99:91:4f:25:2c:99:d5:
d0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3E:D4:1D:93:B6:D9:79:59:AF:3B:C5:C9:BF:DE:60:A4:36:76:E0
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/iT7UHZO22XlZrzvFyb_eYKQ2duA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01:ab10::/44
Signature Algorithm: sha256WithRSAEncryption
89:8a:d9:f2:f6:fa:ea:b7:76:ed:06:36:d7:1b:d3:d4:59:16:
57:94:e8:4a:67:68:9d:89:1c:47:27:57:de:d3:0f:21:4c:2b:
bf:5c:6d:b1:6f:95:19:fe:50:76:f7:07:8f:5f:a2:4e:36:ab:
f1:89:77:93:d7:1e:c2:2f:fc:ef:b8:cc:8b:99:7a:0e:c0:aa:
10:35:11:48:bd:59:fb:9b:d5:cf:14:1e:ec:32:8c:32:f9:95:
67:d3:9f:c6:ee:37:15:26:22:aa:58:80:03:da:67:a2:41:97:
b2:d3:95:67:be:03:e6:97:78:04:8c:5e:98:a1:02:c4:2f:64:
f1:73:a3:60:7d:ac:cc:97:2b:60:4b:ad:d4:e1:99:9f:17:e1:
5c:e9:7f:16:20:ff:d3:51:f6:5b:cb:9d:55:a4:d2:35:f0:45:
d0:b7:0b:d2:ac:7a:24:a2:d0:aa:c8:23:d1:fe:5b:48:81:20:
70:c3:80:05:bc:55:25:ef:f3:20:aa:0d:62:95:df:b2:1f:80:
c8:75:66:03:db:e1:fd:c0:40:4a:ca:eb:94:07:49:64:fd:76:
ea:b0:4e:48:d7:b1:7f:a7:0e:7b:cb:1a:5c:d4:c8:97:8e:42:
08:05:cc:ab:ff:48:9f:78:1b:4f:92:43:73:28:9a:f3:02:2f:
84:f5:2a:72
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWwXOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkzZWQ0MWQ5M2I2
ZDk3OTU5YWYzYmM1YzliZmRlNjBhNDM2NzZlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZoC+9ke7sJwt3QmgAB4FbDXHtqfDw/eX0vt7xA37ZsU6vB
6Z5AHpPLM4erFvBCprPMKd2/+XNJfK5CkHI2Zy/kofKqNaz/FMJVE70UcT/+74Sl
m8VoXdT+DIbSuJdrN2O9Y+BXd2uVrzzFkEWX96Ky+L4o7L1JbzGrrBWWP72eoLqs
Y42NjSX5js9ROQsRUmIAEXb5MVsyn+LM9nxWl4T7ddS9cZD+PVCW10fWK1+Q/+e+
ejSUtHNVgFzOv496whoP2bD8TeY+HT4uRolHHc3yvxeljKri+z5KNYzpSnLMU3pv
GUES7paHmwkXI4LlWTHNEdtl/q+ZkU8lLJnV0DECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSJPtQdk7bZeVmvO8XJv95gpDZ24DAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L2lUN1VIWk8yMlhsWnJ6dkZ5Yl9lWUtRMmR1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOqgGrEDANBgkqhkiG9w0BAQsF
AAOCAQEAiYrZ8vb66rd27QY21xvT1FkWV5ToSmdonYkcRydX3tMPIUwrv1xtsW+V
Gf5QdvcHj1+iTjar8Yl3k9cewi/877jMi5l6DsCqEDURSL1Z+5vVzxQe7DKMMvmV
Z9Ofxu43FSYiqliAA9pnokGXstOVZ74D5pd4BIxemKECxC9k8XOjYH2szJcrYEut
1OGZnxfhXOl/FiD/01H2W8udVaTSNfBF0LcL0qx6JKLQqsgj0f5bSIEgcMOABbxV
Je/zIKoNYpXfsh+AyHVmA9vh/cBASsrrlAdJZP126rBOSNexf6cOe8saXNTIl45C
CAXMq/9In3gbT5JDcyia8wIvhPUqcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org