Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/M6BT5Czytb9Tn48QZck59LXAZwg.roa
File: M6BT5Czytb9Tn48QZck59LXAZwg.roa (raw, json)
Hash identifier: nQZkYfpDnY9U7Ns1z/Yj4T0DKqUmrAlQcKrH6LOJFvo=
Subject key identifier: 33:A0:53:E4:2C:F2:B5:BF:53:9F:8F:10:65:C9:39:F4:B5:C0:67:08
Certificate issuer: /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial: 018345A30A5A4F59771FFE4425EFD0283132
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/M6BT5Czytb9Tn48QZck59LXAZwg.roa
Signing time: Fri 16 Sep 2022 09:30:56 +0000
ROA not before: Fri 16 Sep 2022 09:30:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201210
IP address blocks: 2a05:8cc0::/29 maxlen: 29
2001:4d70::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:a3:0a:5a:4f:59:77:1f:fe:44:25:ef:d0:28:31:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
Validity
Not Before: Sep 16 09:30:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33a053e42cf2b5bf539f8f1065c939f4b5c06708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:a2:cc:63:f4:3b:c8:f9:f4:56:07:a7:e7:
34:2e:38:81:1d:78:6d:5d:58:7c:3b:2d:76:d0:1f:
88:1f:a8:d7:1f:79:bf:34:f2:5f:c8:16:47:7b:e3:
f7:14:33:19:f8:a4:2d:30:58:83:fd:b5:a1:00:12:
59:4d:55:a6:55:e0:9d:9c:e5:68:95:32:7a:9d:bc:
de:97:cc:e7:b6:6c:3d:c8:24:d0:79:24:ae:39:f6:
ea:da:9b:99:4e:48:24:95:cd:ba:6a:83:1d:66:15:
37:0e:20:ed:a7:aa:b0:b9:d4:73:c5:9e:92:dc:cc:
f9:4b:dd:c7:5f:55:13:58:83:b8:35:a6:36:f0:77:
6a:8a:e6:b0:53:3d:4d:25:00:be:65:24:60:ba:fe:
66:1c:51:e4:97:c3:d2:7f:51:c1:08:f8:50:e6:75:
d5:2a:d3:16:c2:c2:1d:b0:51:f3:d0:bd:4d:43:77:
0b:22:43:91:29:1c:a9:14:3a:ac:4f:2c:6e:04:a6:
20:ac:63:6b:2a:f5:bf:76:77:33:68:8a:c6:03:80:
8d:2a:fc:ab:45:c8:bd:76:98:b4:cf:f6:92:fc:3d:
46:8f:90:e7:0c:54:9b:13:56:97:21:e7:b0:bf:e3:
a9:e3:0e:70:69:fc:05:7d:69:2a:ac:02:ee:ef:79:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A0:53:E4:2C:F2:B5:BF:53:9F:8F:10:65:C9:39:F4:B5:C0:67:08
X509v3 Authority Key Identifier:
keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/M6BT5Czytb9Tn48QZck59LXAZwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4d70::/32
2a05:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:85:4f:3e:a0:0f:fd:16:58:db:2e:50:ce:88:d0:14:55:c1:
c1:75:c7:97:92:49:4d:71:50:01:fa:80:f5:3a:88:2b:e2:67:
b0:1b:52:9e:36:1d:6b:5d:b5:2f:fb:3c:24:ef:23:66:3f:c4:
3b:9d:49:ed:f8:72:0b:ad:9e:ce:fc:ec:6b:82:68:ff:75:4d:
d4:10:8f:14:69:0f:68:1c:97:43:88:65:67:79:91:55:83:f0:
67:12:6c:c5:3c:f6:a0:17:dd:5e:ec:65:25:eb:e7:35:f7:94:
cd:a4:8b:30:11:ec:42:cb:94:95:2d:25:60:5e:9b:43:16:cc:
2b:5e:32:21:28:3a:cc:7e:97:5e:55:48:03:48:ee:d5:e7:cc:
16:0e:59:3f:5d:2e:0b:86:83:94:57:8f:87:b5:13:dc:7e:8e:
cc:7c:9c:31:9c:17:ca:d4:eb:97:d2:39:20:8d:94:8d:24:bc:
58:c0:ce:2b:56:98:2d:df:d9:8c:de:25:bd:ac:1e:17:74:ab:
c0:b7:dc:bc:e8:d5:1a:01:3f:a8:49:59:ca:f4:ae:fc:bf:ca:
92:fa:5a:20:37:b5:1a:28:91:52:8e:92:57:fe:4b:47:6f:44:
61:ce:4c:4c:2a:be:68:d6:af:7f:b9:48:fa:a0:99:4c:20:32:
93:20:7b:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYNFowpaT1l3H/5EJe/QKDEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjIwOTE2MDkzMDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2EwNTNlNDJjZjJiNWJmNTM5ZjhmMTA2NWM5MzlmNGI1YzA2NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkOizGP0O8j59FYHp+c0LjiBHXht
XVh8Oy120B+IH6jXH3m/NPJfyBZHe+P3FDMZ+KQtMFiD/bWhABJZTVWmVeCdnOVo
lTJ6nbzel8zntmw9yCTQeSSuOfbq2puZTkgklc26aoMdZhU3DiDtp6qwudRzxZ6S
3Mz5S93HX1UTWIO4NaY28HdqiuawUz1NJQC+ZSRguv5mHFHkl8PSf1HBCPhQ5nXV
KtMWwsIdsFHz0L1NQ3cLIkORKRypFDqsTyxuBKYgrGNrKvW/dnczaIrGA4CNKvyr
Rci9dpi0z/aS/D1Gj5DnDFSbE1aXIeewv+Op4w5wafwFfWkqrALu73kfHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDOgU+Qs8rW/U5+PEGXJOfS1wGcIMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvTTZCVDVDenl0YjlUbjQ4UVpjazU5TFhBWndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAFNcAMF
AyoFjMAwDQYJKoZIhvcNAQELBQADggEBAI6FTz6gD/0WWNsuUM6I0BRVwcF1x5eS
SU1xUAH6gPU6iCviZ7AbUp42HWtdtS/7PCTvI2Y/xDudSe34cgutns787GuCaP91
TdQQjxRpD2gcl0OIZWd5kVWD8GcSbMU89qAX3V7sZSXr5zX3lM2kizAR7ELLlJUt
JWBem0MWzCteMiEoOsx+l15VSANI7tXnzBYOWT9dLguGg5RXj4e1E9x+jsx8nDGc
F8rU65fSOSCNlI0kvFjAzitWmC3f2YzeJb2sHhd0q8C33Lzo1RoBP6hJWcr0rvy/
ypL6WiA3tRookVKOklf+S0dvRGHOTEwqvmjWr3+5SPqgmUwgMpMge8M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:43 2023 by rpki-client on console-fra.rpki-client.org