Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/zz5GT-vmiSbdj9NpmP-0uPklg6c.roa
File: zz5GT-vmiSbdj9NpmP-0uPklg6c.roa (raw, json)
Hash identifier: c52N7URqP5uz0cKyoJQs8MV7oBFFD6vF/jWrzk/Io8w=
Subject key identifier: CF:3E:46:4F:EB:E6:89:26:DD:8F:D3:69:98:FF:B4:B8:F9:25:83:A7
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0984F6D1
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/zz5GT-vmiSbdj9NpmP-0uPklg6c.roa
Signing time: Sat 01 Jan 2022 09:04:12 +0000
ROA not before: Sat 01 Jan 2022 09:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212916
IP address blocks: 2a0e:aa07:e011::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159708881 (0x984f6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf3e464febe68926dd8fd36998ffb4b8f92583a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8e:9b:9f:c9:e8:97:8d:85:43:17:f7:05:b6:
1b:3d:46:f2:d0:32:14:c8:17:52:97:21:39:3f:c6:
ae:fb:2a:ee:2a:87:31:8f:8c:ff:9f:2d:6b:b9:3e:
5c:42:41:a6:1d:3e:42:ff:c0:a7:21:38:82:7c:c4:
b7:a8:88:d2:bb:c4:c6:3c:89:46:8a:fd:34:16:03:
4c:4f:36:2d:4b:19:99:89:91:0d:bd:55:17:b1:80:
63:bc:46:70:1f:0c:ad:45:92:60:42:02:91:7c:6e:
39:e1:90:96:81:81:3f:a3:f9:3b:49:28:e0:f3:4f:
f1:2c:33:35:5b:e7:d6:62:e7:c0:64:f2:c2:35:ca:
d3:2d:6b:5a:99:54:20:c7:fe:28:d9:5a:4e:59:b1:
fd:9a:19:96:92:99:44:12:e4:36:56:97:dd:1d:5e:
46:c9:bc:37:a6:ed:46:3f:69:e1:fc:27:f1:e6:89:
49:5c:f3:32:aa:94:70:dd:ea:70:30:c5:d7:a4:c9:
8d:b5:67:d3:20:5d:d0:7a:f0:70:8c:aa:b2:98:dc:
2c:13:74:d5:3a:ee:79:06:d9:8a:0a:47:24:9a:a3:
ae:30:f7:6f:61:86:a2:34:8e:67:5f:9c:77:cf:ab:
c8:dd:b4:7c:38:bd:83:9d:49:08:ce:8e:97:0f:4b:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3E:46:4F:EB:E6:89:26:DD:8F:D3:69:98:FF:B4:B8:F9:25:83:A7
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/zz5GT-vmiSbdj9NpmP-0uPklg6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e011::/48
Signature Algorithm: sha256WithRSAEncryption
61:1e:af:dc:43:4d:99:cc:d6:27:f9:21:b8:c9:1e:27:05:63:
f8:21:d0:50:96:93:ab:24:26:b8:1a:96:b9:d0:c1:b7:91:44:
bb:46:9e:c1:a3:80:1f:5a:61:c6:20:51:1b:fb:ab:11:09:2b:
5a:c1:c1:10:a0:ae:4a:98:23:5c:5e:e6:db:c9:d7:da:3c:62:
62:37:29:d2:69:d8:24:3c:79:15:3c:c5:00:77:57:89:82:d6:
58:b7:1a:93:3e:cd:fc:87:e7:c6:97:c1:1a:33:86:a0:bc:33:
55:91:89:c8:29:00:f5:48:d9:8d:ce:d9:fb:4d:d6:72:64:d1:
29:14:78:2c:bf:6c:b7:9d:0f:c4:21:ea:98:64:be:8f:8f:be:
5c:78:1c:f4:bd:e3:72:ff:b6:91:20:ba:06:4e:dc:a8:82:5b:
ba:ab:52:3d:17:60:01:79:17:b6:d6:8e:3c:07:eb:8a:cd:2f:
6a:cb:95:b9:26:29:d6:1e:12:e2:02:3d:6e:81:59:43:04:b3:
3e:2c:29:12:ac:7a:d0:4e:41:33:1c:3e:92:db:c7:cc:83:74:
d2:11:57:2b:83:f1:58:e1:e5:27:91:46:b5:d2:d3:96:e5:23:
cb:98:90:61:c2:0f:a7:a5:33:ae:e3:66:2f:f3:48:60:4a:87:
bb:b8:f9:f2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECYT20TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YzZTQ2NGZlYmU2
ODkyNmRkOGZkMzY5OThmZmI0YjhmOTI1ODNhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+Om5/J6JeNhUMX9wW2Gz1G8tAyFMgXUpchOT/Grvsq7iqH
MY+M/58ta7k+XEJBph0+Qv/ApyE4gnzEt6iI0rvExjyJRor9NBYDTE82LUsZmYmR
Db1VF7GAY7xGcB8MrUWSYEICkXxuOeGQloGBP6P5O0ko4PNP8SwzNVvn1mLnwGTy
wjXK0y1rWplUIMf+KNlaTlmx/ZoZlpKZRBLkNlaX3R1eRsm8N6btRj9p4fwn8eaJ
SVzzMqqUcN3qcDDF16TJjbVn0yBd0HrwcIyqspjcLBN01TrueQbZigpHJJqjrjD3
b2GGojSOZ1+cd8+ryN20fDi9g51JCM6Olw9LpL0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTPPkZP6+aJJt2P02mY/7S4+SWDpzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L3p6NUdULXZtaVNiZGo5TnBtUC0wdVBrbGc2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOqgfgETANBgkqhkiG9w0BAQsF
AAOCAQEAYR6v3ENNmczWJ/khuMkeJwVj+CHQUJaTqyQmuBqWudDBt5FEu0aewaOA
H1phxiBRG/urEQkrWsHBEKCuSpgjXF7m28nX2jxiYjcp0mnYJDx5FTzFAHdXiYLW
WLcakz7N/IfnxpfBGjOGoLwzVZGJyCkA9UjZjc7Z+03WcmTRKRR4LL9st50PxCHq
mGS+j4++XHgc9L3jcv+2kSC6Bk7cqIJbuqtSPRdgAXkXttaOPAfris0vasuVuSYp
1h4S4gI9boFZQwSzPiwpEqx60E5BMxw+ktvHzIN00hFXK4PxWOHlJ5FGtdLTluUj
y5iQYcIPp6UzruNmL/NIYEqHu7j58g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:31 2023 by rpki-client on console-fra.rpki-client.org