Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/oSbnirTC0MWeOUvpRfKmwrVhBVM.roa
File: oSbnirTC0MWeOUvpRfKmwrVhBVM.roa (raw, json)
Hash identifier: H20gBAt3N/n8QgFrAEdWW7Tf01R1qXg5dUOxjkd+Sd0=
Subject key identifier: A1:26:E7:8A:B4:C2:D0:C5:9E:39:4B:E9:45:F2:A6:C2:B5:61:05:53
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 097296DB
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/oSbnirTC0MWeOUvpRfKmwrVhBVM.roa
Signing time: Sat 01 Jan 2022 09:04:01 +0000
ROA not before: Sat 01 Jan 2022 09:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209215
IP address blocks: 2a0e:aa06:460::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158504667 (0x97296db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a126e78ab4c2d0c59e394be945f2a6c2b5610553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f0:28:4b:e6:c2:da:a8:6e:cc:45:ee:b5:31:
f1:1d:8c:f2:55:e8:d8:62:24:9c:df:15:c7:46:f7:
52:9d:5f:47:ee:1f:8e:ea:ab:d1:39:76:24:c2:6a:
7a:1f:2a:0f:89:2e:cb:0b:5f:af:e2:4b:7a:86:fb:
c0:50:e0:89:8c:23:86:e4:10:7b:73:44:4a:45:43:
0b:55:b7:01:c8:c0:de:45:be:9b:54:e3:e0:24:80:
9a:9d:6e:df:7c:62:62:0f:e6:b4:af:c4:c2:44:9f:
d3:a5:0e:a1:33:8e:3f:52:ef:72:7f:73:d3:48:6d:
7c:90:ee:3b:2b:10:4e:ab:d5:6c:00:d0:28:48:60:
5c:06:db:3a:48:36:99:f9:b1:bb:c8:0e:5e:6f:c6:
f4:a6:4b:88:93:20:ab:12:3a:82:57:3f:09:cd:b7:
5c:ef:35:6e:e7:0b:94:a9:11:b9:5f:9d:b5:bf:ce:
50:b5:36:9b:b9:3b:1b:90:bf:2e:cf:14:15:51:80:
b0:ee:64:f1:e5:ee:90:b0:0e:68:d7:5d:c3:f3:48:
91:2f:9b:49:e4:91:a4:42:b3:70:45:7a:d2:0f:9c:
ea:19:e6:22:74:cb:7b:f4:fa:8c:6d:a9:85:a1:c2:
ff:6e:30:52:d6:4b:88:a3:9b:58:bb:ac:08:95:68:
6c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:26:E7:8A:B4:C2:D0:C5:9E:39:4B:E9:45:F2:A6:C2:B5:61:05:53
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/oSbnirTC0MWeOUvpRfKmwrVhBVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa06:460::/44
Signature Algorithm: sha256WithRSAEncryption
c1:80:bd:56:7c:97:26:e0:3e:bb:3d:90:30:7f:f0:91:74:ee:
23:58:e2:b3:e5:44:7f:4e:5f:66:d3:86:4a:a5:f5:7c:75:1e:
98:33:a9:69:07:5d:30:5e:7e:85:aa:d6:a8:81:b2:e6:66:ea:
ea:0c:68:d7:2f:81:2c:31:1d:ca:e3:a0:5f:a5:04:b1:9b:2e:
25:5c:f1:71:3f:f4:bb:1c:7c:0a:da:38:da:5d:e8:b7:89:32:
76:33:96:24:54:f1:3a:d9:65:90:24:26:09:7c:7f:e7:d6:2b:
81:08:e8:1a:01:0c:d2:8a:35:38:24:d2:dd:4b:4c:af:5f:f4:
e4:41:ae:34:c6:aa:7b:1f:f5:99:07:73:ef:f0:07:30:cf:45:
e8:cf:00:fd:11:e6:4e:7e:3a:d8:80:bc:70:b7:1e:44:4e:5c:
c7:b4:22:ee:1d:03:79:e2:3a:0d:c8:0a:7a:b6:a7:fe:ce:a2:
46:9b:2c:3c:45:db:36:1e:64:d6:3c:43:37:11:41:6a:12:7b:
d1:5d:31:e4:58:e5:65:3b:0b:35:7b:fd:67:42:2c:64:43:91:
a1:f1:5b:e5:c8:97:7e:66:34:99:22:17:22:9d:21:1e:40:72:
16:7b:4d:d8:67:eb:0a:b8:8c:3f:e1:ed:db:dd:ef:16:92:2c:
a9:39:18:f4
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECXKW2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEyNmU3OGFiNGMy
ZDBjNTllMzk0YmU5NDVmMmE2YzJiNTYxMDU1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObwKEvmwtqobsxF7rUx8R2M8lXo2GIknN8Vx0b3Up1fR+4f
juqr0Tl2JMJqeh8qD4kuywtfr+JLeob7wFDgiYwjhuQQe3NESkVDC1W3AcjA3kW+
m1Tj4CSAmp1u33xiYg/mtK/EwkSf06UOoTOOP1Lvcn9z00htfJDuOysQTqvVbADQ
KEhgXAbbOkg2mfmxu8gOXm/G9KZLiJMgqxI6glc/Cc23XO81bucLlKkRuV+dtb/O
ULU2m7k7G5C/Ls8UFVGAsO5k8eXukLAOaNddw/NIkS+bSeSRpEKzcEV60g+c6hnm
InTLe/T6jG2phaHC/24wUtZLiKObWLusCJVobBMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBShJueKtMLQxZ45S+lF8qbCtWEFUzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L29TYm5pclRDME1XZU9VdnBSZkttd3JWaEJWTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOqgYEYDANBgkqhkiG9w0BAQsF
AAOCAQEAwYC9VnyXJuA+uz2QMH/wkXTuI1jis+VEf05fZtOGSqX1fHUemDOpaQdd
MF5+harWqIGy5mbq6gxo1y+BLDEdyuOgX6UEsZsuJVzxcT/0uxx8Cto42l3ot4ky
djOWJFTxOtllkCQmCXx/59YrgQjoGgEM0oo1OCTS3UtMr1/05EGuNMaqex/1mQdz
7/AHMM9F6M8A/RHmTn462IC8cLceRE5cx7Qi7h0DeeI6DcgKeran/s6iRpssPEXb
Nh5k1jxDNxFBahJ70V0x5FjlZTsLNXv9Z0IsZEORofFb5ciXfmY0mSIXIp0hHkBy
FntN2GfrCriMP+Ht293vFpIsqTkY9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-ams.rpki-client.org