Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9MJfOf7vzJPdDh2ZA_owT4naDrU.roa
File: 9MJfOf7vzJPdDh2ZA_owT4naDrU.roa (raw, json)
Hash identifier: aYXsOQNTKwhGeDX7BYh0W6MoOztFBJqWOIe1gB6iktc=
Subject key identifier: F4:C2:5F:39:FE:EF:CC:93:DD:0E:1D:99:03:FA:30:4F:89:DA:0E:B5
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 10A9F5DB
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9MJfOf7vzJPdDh2ZA_owT4naDrU.roa
Signing time: Sat 01 Jan 2022 13:59:29 +0000
ROA not before: Sat 01 Jan 2022 13:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211387
IP address blocks: 2a0b:6b86:f00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279573979 (0x10a9f5db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 13:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4c25f39feefcc93dd0e1d9903fa304f89da0eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:96:27:d2:00:43:90:9a:07:2d:0d:e4:a0:
7d:d4:e5:7a:fe:e3:a7:c0:9f:9c:de:32:b7:60:b4:
12:a4:60:89:d7:1d:85:54:65:8c:46:d2:9c:43:46:
56:1f:c2:53:4e:9a:a7:d2:33:2f:be:eb:bd:b5:10:
48:86:97:22:50:e8:0c:9a:16:1e:4b:6c:6f:32:1d:
13:ab:6d:ff:93:69:ce:81:13:dc:12:40:e4:cf:80:
ca:c4:91:c3:4e:86:4a:e1:b1:2e:38:cc:4b:36:1f:
81:89:51:aa:b1:18:f8:41:fd:69:0c:8d:99:79:85:
92:da:e8:03:ce:1c:dd:ce:8a:86:c9:b5:fd:0c:6e:
67:77:4e:af:f9:20:98:e9:81:00:61:3a:2c:a1:dc:
c6:7a:e2:7d:e5:07:2e:e4:de:32:cd:10:79:17:9a:
c4:a7:1b:55:d5:cd:51:88:41:0c:3a:84:a9:93:b9:
b2:5c:a5:25:8b:e7:b6:3a:ef:f0:ff:e2:fd:b5:64:
7d:7c:40:91:b5:ea:e6:c6:a9:d7:e1:58:20:62:d2:
03:a7:3b:c9:26:23:44:78:ce:48:b2:49:65:fe:3d:
de:a4:90:24:3d:a6:70:e8:bf:ba:43:85:4b:4f:1b:
99:74:93:6b:a0:40:1a:00:09:3a:96:84:df:08:6b:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C2:5F:39:FE:EF:CC:93:DD:0E:1D:99:03:FA:30:4F:89:DA:0E:B5
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9MJfOf7vzJPdDh2ZA_owT4naDrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:f00::/40
Signature Algorithm: sha256WithRSAEncryption
83:eb:9b:2e:0b:f0:fc:eb:2e:be:ed:72:22:14:ef:a1:97:2f:
61:b3:d9:21:2a:37:f2:16:82:d6:7a:b3:8f:a7:19:c7:aa:55:
c1:47:83:81:56:51:cf:ec:74:63:1e:9c:c1:47:0b:01:91:2c:
2a:12:6f:f0:58:3c:bd:74:72:83:a9:6a:8e:c0:f5:74:ab:c1:
38:4d:79:de:61:de:33:07:04:ec:ea:19:a7:20:87:04:d9:05:
8e:43:15:fb:68:c7:05:25:db:ba:c0:14:6d:f2:f2:38:65:10:
62:40:21:f1:44:2b:c0:12:2d:4c:ed:50:08:c7:e6:53:b9:f2:
cb:59:a5:8c:95:37:a9:e9:4b:d6:20:60:1e:8b:04:96:7c:95:
89:80:35:27:a9:23:c6:61:59:9a:24:6d:1d:04:79:7d:62:90:
71:d2:99:3f:b1:65:21:af:03:cb:f7:62:cb:12:73:23:21:e3:
c9:6f:56:e2:15:36:ac:20:62:be:47:00:87:f1:8e:8d:ae:c1:
d7:d5:89:90:7c:ac:21:cd:79:b2:2e:c1:62:16:b1:e6:3a:df:
0d:94:11:b4:8a:ce:01:7d:3b:58:3c:79:7e:29:ac:a2:8c:e8:
f8:f5:3f:5f:00:3d:c2:d2:54:91:a1:c5:26:1a:f0:a8:3b:0e:
66:98:df:c6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEKn12zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRjMjVmMzlmZWVm
Y2M5M2RkMGUxZDk5MDNmYTMwNGY4OWRhMGViNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpSlifSAEOQmgctDeSgfdTlev7jp8CfnN4yt2C0EqRgidcd
hVRljEbSnENGVh/CU06ap9IzL77rvbUQSIaXIlDoDJoWHktsbzIdE6tt/5NpzoET
3BJA5M+AysSRw06GSuGxLjjMSzYfgYlRqrEY+EH9aQyNmXmFktroA84c3c6Khsm1
/QxuZ3dOr/kgmOmBAGE6LKHcxnrifeUHLuTeMs0QeReaxKcbVdXNUYhBDDqEqZO5
slylJYvntjrv8P/i/bVkfXxAkbXq5sap1+FYIGLSA6c7ySYjRHjOSLJJZf493qSQ
JD2mcOi/ukOFS08bmXSTa6BAGgAJOpaE3whrvN8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT0wl85/u/Mk90OHZkD+jBPidoOtTAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
LzlNSmZPZjd2ekpQZERoMlpBX293VDRuYURyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLa4YPMA0GCSqGSIb3DQEBCwUA
A4IBAQCD65suC/D86y6+7XIiFO+hly9hs9khKjfyFoLWerOPpxnHqlXBR4OBVlHP
7HRjHpzBRwsBkSwqEm/wWDy9dHKDqWqOwPV0q8E4TXneYd4zBwTs6hmnIIcE2QWO
QxX7aMcFJdu6wBRt8vI4ZRBiQCHxRCvAEi1M7VAIx+ZTufLLWaWMlTep6UvWIGAe
iwSWfJWJgDUnqSPGYVmaJG0dBHl9YpBx0pk/sWUhrwPL92LLEnMjIePJb1biFTas
IGK+RwCH8Y6NrsHX1YmQfKwhzXmyLsFiFrHmOt8NlBG0is4BfTtYPHl+KayijOj4
9T9fAD3C0lSRocUmGvCoOw5mmN/G
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org