Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gYszPWKALzQCDleIN08ckvW4Frc.roa
File: gYszPWKALzQCDleIN08ckvW4Frc.roa (raw, json)
Hash identifier: DO+1YbbNrYmJ/YQk/aN9ZufaNQ9gjYu92cMMJqv5bTk=
Subject key identifier: 81:8B:33:3D:62:80:2F:34:02:0E:57:88:37:4F:1C:92:F5:B8:16:B7
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 109FCB7A
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gYszPWKALzQCDleIN08ckvW4Frc.roa
Signing time: Sat 01 Jan 2022 13:59:25 +0000
ROA not before: Sat 01 Jan 2022 13:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60271
IP address blocks: 2a0b:6b86:200::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278907770 (0x109fcb7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 13:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=818b333d62802f34020e5788374f1c92f5b816b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:7e:cd:1b:4a:31:30:2f:8f:b2:68:03:79:
8a:16:de:73:fe:64:74:e3:97:40:e3:ba:38:71:20:
63:3a:21:fc:59:3d:bb:98:94:b0:7c:cd:52:9e:7c:
8d:86:29:b6:e7:6a:bf:7c:f5:3c:db:e4:52:98:9b:
92:77:95:04:0e:9a:3f:52:df:45:cf:37:ba:ad:87:
d0:f1:09:b3:20:35:9c:3c:99:a6:8c:a7:6f:ad:cb:
47:bc:29:eb:b5:9a:3a:97:4b:80:92:67:48:e5:cf:
b2:ca:7a:d6:dd:02:4a:63:5e:c2:09:f7:d6:cd:64:
cc:71:45:b2:95:52:b3:38:d4:d8:d4:57:d3:f3:8d:
a3:9c:2c:ea:36:44:35:93:92:c2:00:5d:ae:86:86:
25:63:b7:ba:57:fe:04:a5:a3:66:f8:93:bb:b2:90:
f6:c2:1a:7d:29:f6:ee:ab:13:e8:7b:5f:12:14:d5:
52:ff:33:ea:a9:4f:b8:9f:1e:b5:6e:c6:32:c5:50:
c1:7c:8a:ad:a6:60:fa:8b:6d:55:5d:f5:e6:17:18:
5f:a1:35:6f:29:5b:f8:e6:03:69:00:e7:99:39:f5:
e0:db:19:de:5c:04:29:03:b4:cc:49:ee:82:70:e1:
07:e5:57:0d:ff:9e:6b:52:f0:da:82:ed:b8:78:94:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8B:33:3D:62:80:2F:34:02:0E:57:88:37:4F:1C:92:F5:B8:16:B7
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gYszPWKALzQCDleIN08ckvW4Frc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:200::/40
Signature Algorithm: sha256WithRSAEncryption
8b:cb:1f:dd:8b:e7:19:44:12:e8:aa:27:d2:2e:c8:b7:a3:01:
82:1e:68:73:18:4b:09:d7:a8:a7:87:d8:2c:7b:a9:38:29:04:
24:6a:e1:5f:12:3b:1b:eb:2d:aa:7a:12:95:65:06:53:0f:ea:
32:1b:d1:10:ab:5c:f4:a8:79:3a:38:18:7c:e6:99:a1:73:36:
74:fc:09:7f:cd:c6:e9:3b:f7:7e:c4:6b:17:fe:55:19:f6:7d:
90:01:a7:2f:cb:d5:8e:1f:6a:05:0c:60:02:a0:69:9d:c1:c5:
28:01:54:36:d7:22:6b:75:ce:f2:4b:36:68:80:0a:11:99:9f:
a5:b3:72:86:22:08:f4:fd:f9:c9:e3:22:52:cd:8b:79:e0:e6:
0d:fe:d2:6f:80:45:dd:f2:61:c2:b2:11:40:2a:7f:06:7e:f2:
a0:0f:eb:18:6c:c0:5d:8c:1c:b3:21:6d:fa:2a:34:56:68:e0:
b9:4b:e1:2e:f7:28:a6:5b:ab:14:b7:73:31:11:6a:83:cf:b4:
17:e8:af:58:72:33:ec:8d:76:3a:61:a6:4c:a3:f4:2a:f6:bc:
57:74:9f:7e:a7:1c:e6:f5:15:b3:90:e8:5e:77:54:68:39:a3:
b0:5f:19:95:c8:fc:13:4c:ed:7f:42:56:7a:15:eb:cc:06:3c:
1a:71:85:12
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEJ/LejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE4YjMzM2Q2Mjgw
MmYzNDAyMGU1Nzg4Mzc0ZjFjOTJmNWI4MTZiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOJfs0bSjEwL4+yaAN5ihbec/5kdOOXQOO6OHEgYzoh/Fk9
u5iUsHzNUp58jYYptudqv3z1PNvkUpibkneVBA6aP1LfRc83uq2H0PEJsyA1nDyZ
poynb63LR7wp67WaOpdLgJJnSOXPssp61t0CSmNewgn31s1kzHFFspVSszjU2NRX
0/ONo5ws6jZENZOSwgBdroaGJWO3ulf+BKWjZviTu7KQ9sIafSn27qsT6HtfEhTV
Uv8z6qlPuJ8etW7GMsVQwXyKraZg+ottVV315hcYX6E1bylb+OYDaQDnmTn14NsZ
3lwEKQO0zEnugnDhB+VXDf+ea1Lw2oLtuHiUI1MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSBizM9YoAvNAIOV4g3TxyS9bgWtzAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
L2dZc3pQV0tBTHpRQ0RsZUlOMDhja3ZXNEZyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLa4YCMA0GCSqGSIb3DQEBCwUA
A4IBAQCLyx/di+cZRBLoqifSLsi3owGCHmhzGEsJ16inh9gse6k4KQQkauFfEjsb
6y2qehKVZQZTD+oyG9EQq1z0qHk6OBh85pmhczZ0/Al/zcbpO/d+xGsX/lUZ9n2Q
Aacvy9WOH2oFDGACoGmdwcUoAVQ21yJrdc7ySzZogAoRmZ+ls3KGIgj0/fnJ4yJS
zYt54OYN/tJvgEXd8mHCshFAKn8GfvKgD+sYbMBdjByzIW36KjRWaOC5S+Eu9yim
W6sUt3MxEWqDz7QX6K9YcjPsjXY6YaZMo/Qq9rxXdJ9+pxzm9RWzkOhed1RoOaOw
XxmVyPwTTO1/QlZ6FevMBjwacYUS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org