Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/s4CfUZ0OXbjbcsvvXUN12xnLf88.roa
File: s4CfUZ0OXbjbcsvvXUN12xnLf88.roa (raw, json)
Hash identifier: MtpFVmRZb5DlmIYp9T18lI6ynMfKyqetf1urteMgRHU=
Subject key identifier: B3:80:9F:51:9D:0E:5D:B8:DB:72:CB:EF:5D:43:75:DB:19:CB:7F:CF
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 09685AB5
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/s4CfUZ0OXbjbcsvvXUN12xnLf88.roa
Signing time: Sat 01 Jan 2022 09:03:56 +0000
ROA not before: Sat 01 Jan 2022 09:03:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206499
IP address blocks: 2a0e:aa01::/32 maxlen: 32
2a0e:aa01:bad0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157833909 (0x9685ab5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:03:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3809f519d0e5db8db72cbef5d4375db19cb7fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fc:79:a1:50:fc:6e:59:02:2a:f2:07:6b:5b:
d7:f7:aa:9b:29:a9:61:34:43:d7:a5:85:5c:4b:81:
8e:7e:87:58:a5:b0:0b:c7:15:88:4e:46:b6:be:07:
f3:50:e7:f3:0b:64:4d:d3:94:d1:cc:04:07:80:8a:
d7:ce:fc:be:e4:f2:45:2f:e3:ba:98:4b:c9:10:88:
f8:fd:2b:67:93:d5:8e:5b:35:5d:b9:0c:1c:ea:d9:
40:33:83:5d:d5:d8:e6:14:f6:f0:db:71:b4:6b:58:
94:94:86:aa:3d:64:d4:ee:35:7a:2f:25:b9:b7:de:
49:33:fd:e1:28:c8:d1:7e:d6:ea:7a:3e:a8:83:fe:
62:4a:63:6a:cb:ab:bd:7c:bb:f3:67:43:14:c0:51:
9b:c9:f7:1a:a5:c2:51:6e:b8:22:a7:50:53:b1:06:
94:9d:d7:a3:af:96:f1:c3:ab:60:7f:fd:08:46:ea:
eb:c8:73:69:b6:38:77:59:e7:1a:e3:67:d2:bc:c2:
30:57:c5:83:f0:d7:47:6b:64:2f:cd:78:af:68:d9:
ec:e4:cc:9d:51:5c:4f:0c:78:ae:23:40:b8:e9:7e:
99:89:d8:66:5f:e5:9f:dc:e7:60:a3:2e:6b:7d:8e:
bc:7b:7e:19:44:c8:48:fa:b0:ea:b5:a2:79:f8:28:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:80:9F:51:9D:0E:5D:B8:DB:72:CB:EF:5D:43:75:DB:19:CB:7F:CF
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/s4CfUZ0OXbjbcsvvXUN12xnLf88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01::/32
Signature Algorithm: sha256WithRSAEncryption
2c:24:17:c2:4d:ab:d4:53:eb:10:df:bd:b0:f8:d4:4d:ed:a3:
7e:31:9d:1b:9b:f8:f1:c0:a8:30:42:09:59:45:cb:a4:87:c8:
40:f2:c3:8e:5c:31:d8:87:a8:46:46:26:75:91:3b:ba:c4:32:
24:35:e4:60:0d:ef:a8:4b:b2:9b:11:ee:a2:6f:9e:b8:ab:2f:
f3:90:a1:92:b5:1d:18:2e:77:3f:ec:eb:65:e8:50:e6:cd:84:
9c:a1:2d:f1:bb:63:02:78:44:5d:b6:e6:64:b3:3c:b0:06:59:
fe:1d:cc:44:cc:57:27:9c:58:08:a9:e5:5f:88:ba:dc:a3:a7:
8a:95:48:8d:2b:61:18:ef:29:f2:0e:0e:71:01:2a:0c:38:c0:
bd:87:74:3e:fe:6c:fe:f5:2b:fd:b0:3e:4f:f6:d3:5e:57:08:
af:02:9c:3b:11:ae:e7:9a:14:a2:5e:e7:05:8a:c1:6a:f8:bb:
40:84:35:19:29:4d:ec:35:9c:9e:cc:5c:cb:2e:92:8d:b3:19:
f1:fa:8d:8a:ff:a2:e3:14:31:85:58:32:e0:1c:de:2f:bb:e9:
f7:c6:bc:7f:a8:d6:1a:28:53:b1:92:d9:a4:c7:0a:f3:e8:2d:
7c:0a:2f:89:c9:b7:f9:79:a9:64:2a:65:39:35:04:a0:42:a0:
61:11:b1:5d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECWhatTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM4MDlmNTE5ZDBl
NWRiOGRiNzJjYmVmNWQ0Mzc1ZGIxOWNiN2ZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj8eaFQ/G5ZAiryB2tb1/eqmympYTRD16WFXEuBjn6HWKWw
C8cViE5Gtr4H81Dn8wtkTdOU0cwEB4CK1878vuTyRS/juphLyRCI+P0rZ5PVjls1
XbkMHOrZQDODXdXY5hT28NtxtGtYlJSGqj1k1O41ei8lubfeSTP94SjI0X7W6no+
qIP+YkpjasurvXy782dDFMBRm8n3GqXCUW64IqdQU7EGlJ3Xo6+W8cOrYH/9CEbq
68hzabY4d1nnGuNn0rzCMFfFg/DXR2tkL814r2jZ7OTMnVFcTwx4riNAuOl+mYnY
Zl/ln9znYKMua32OvHt+GUTISPqw6rWiefgoNU8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSzgJ9RnQ5duNtyy+9dQ3XbGct/zzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L3M0Q2ZVWjBPWGJqYmNzdnZYVU4xMnhuTGY4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoOqgEwDQYJKoZIhvcNAQELBQAD
ggEBACwkF8JNq9RT6xDfvbD41E3to34xnRub+PHAqDBCCVlFy6SHyEDyw45cMdiH
qEZGJnWRO7rEMiQ15GAN76hLspsR7qJvnrirL/OQoZK1HRgudz/s62XoUObNhJyh
LfG7YwJ4RF225mSzPLAGWf4dzETMVyecWAip5V+Iutyjp4qVSI0rYRjvKfIODnEB
Kgw4wL2HdD7+bP71K/2wPk/2015XCK8CnDsRrueaFKJe5wWKwWr4u0CENRkpTew1
nJ7MXMsuko2zGfH6jYr/ouMUMYVYMuAc3i+76ffGvH+o1hooU7GS2aTHCvPoLXwK
L4nJt/l5qWQqZTk1BKBCoGERsV0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-ams.rpki-client.org