Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/JS1rIIgtYOhMKuxxCsc0YR312-g.roa
File: JS1rIIgtYOhMKuxxCsc0YR312-g.roa (raw, json)
Hash identifier: WWUKkT9oR3Tx2dgxWXpDjieNQEDejgAQtS/Hvy3UQ90=
Subject key identifier: 25:2D:6B:20:88:2D:60:E8:4C:2A:EC:71:0A:C7:34:61:1D:F5:DB:E8
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 01853E45B9DD8B11F756E98E4BCF3BBEE495
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/JS1rIIgtYOhMKuxxCsc0YR312-g.roa
Signing time: Fri 23 Dec 2022 09:17:15 +0000
ROA not before: Fri 23 Dec 2022 09:17:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9137
IP address blocks: 2a02:5640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:45:b9:dd:8b:11:f7:56:e9:8e:4b:cf:3b:be:e4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Dec 23 09:17:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=252d6b20882d60e84c2aec710ac734611df5dbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:bb:76:20:a0:c7:ea:d9:4f:1d:96:b7:24:
a5:c1:40:be:dc:a6:b5:b4:14:01:c7:b9:03:d2:e3:
7d:81:57:19:e9:dc:ec:f3:3c:f5:77:cf:01:44:24:
ad:79:d8:b3:f1:95:6a:07:af:f3:70:67:ed:07:5d:
02:b4:e3:82:f3:6b:d7:53:8d:5a:98:98:11:b4:4f:
d8:3a:49:42:1d:e6:02:55:fd:3a:90:d0:6d:ea:1b:
07:2a:84:c2:fd:e0:a2:85:f7:88:98:99:69:93:49:
43:1c:7f:ae:fe:10:e7:ff:b7:84:8e:ee:25:90:2f:
e7:b6:22:3a:98:63:28:5f:57:09:bf:66:48:94:fd:
02:f0:af:46:01:1f:ed:93:a6:bc:74:de:20:b1:27:
92:bd:76:17:f5:90:b6:24:cc:58:ec:1b:eb:a5:2d:
9b:fb:e3:1e:69:29:ca:f4:7b:ba:1e:e7:e2:c8:2d:
f9:c7:61:6e:be:60:d7:62:f0:aa:d4:09:ad:c2:bf:
07:00:84:09:46:e6:50:30:8d:6b:bb:14:79:50:52:
cc:02:39:10:f5:39:c9:76:2f:1f:cf:c7:ff:e8:77:
8d:cd:09:1d:94:9c:7e:13:99:fc:52:e2:e2:97:71:
6e:a0:cc:16:d8:de:ce:45:a5:69:b8:83:33:e0:79:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2D:6B:20:88:2D:60:E8:4C:2A:EC:71:0A:C7:34:61:1D:F5:DB:E8
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/JS1rIIgtYOhMKuxxCsc0YR312-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
10:8e:8e:eb:bd:d1:81:df:5c:66:4b:b0:c7:2c:39:16:df:ae:
b6:4f:56:f5:c9:19:07:3c:37:e2:8e:d0:28:de:66:9a:77:d7:
d9:20:cf:b2:24:66:40:4b:c4:63:67:4e:39:71:00:d0:4d:04:
f4:54:25:43:b9:9f:37:89:a3:bc:6e:24:ed:7e:80:7c:8f:b4:
58:32:a7:b2:e4:91:79:ce:0e:96:2c:b9:46:d9:9a:fc:73:25:
59:9e:35:81:e5:6a:cf:80:80:32:d4:6c:85:39:50:5d:fd:f3:
4d:5a:ec:79:82:86:0d:8a:bc:71:8c:d9:0a:5f:9d:bb:0b:53:
42:29:a1:50:f0:f7:19:c1:c1:54:5e:26:f3:56:c3:a3:4a:50:
b1:92:89:3f:e5:7a:12:a4:f2:ef:6d:89:1f:03:8d:38:69:f5:
5b:71:c9:2a:ac:9f:bc:d3:a9:5c:3f:28:46:2e:6b:69:5e:5d:
0a:dd:f2:fe:b8:13:7e:26:e3:a7:6c:c4:3e:87:11:7b:c0:15:
e5:cd:56:e1:91:9d:5a:30:c1:1d:31:a8:d4:45:e8:6b:a9:b8:
0c:67:d8:c7:a0:62:c0:c2:82:c2:ba:20:40:13:2f:4b:15:be:
e1:58:1e:30:4b:bb:c9:3e:57:b4:af:a9:f4:54:30:40:f4:3c:
3a:ba:a7:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYU+RbndixH3VumOS887vuSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjIxMjIzMDkxNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJkNmIyMDg4MmQ2MGU4NGMyYWVjNzEwYWM3MzQ2MTFkZjVkYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQq7diCgx+rZTx2WtySlwUC+3Ka1
tBQBx7kD0uN9gVcZ6dzs8zz1d88BRCStediz8ZVqB6/zcGftB10CtOOC82vXU41a
mJgRtE/YOklCHeYCVf06kNBt6hsHKoTC/eCihfeImJlpk0lDHH+u/hDn/7eEju4l
kC/ntiI6mGMoX1cJv2ZIlP0C8K9GAR/tk6a8dN4gsSeSvXYX9ZC2JMxY7BvrpS2b
++MeaSnK9Hu6HufiyC35x2FuvmDXYvCq1Amtwr8HAIQJRuZQMI1ruxR5UFLMAjkQ
9TnJdi8fz8f/6HeNzQkdlJx+E5n8UuLil3FuoMwW2N7ORaVpuIMz4Hkx5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCUtayCILWDoTCrscQrHNGEd9dvoMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvSlMxcklJZ3RZT2hNS3V4eENzYzBZUjMxMi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgJWQDAN
BgkqhkiG9w0BAQsFAAOCAQEAEI6O673Rgd9cZkuwxyw5Ft+utk9W9ckZBzw34o7Q
KN5mmnfX2SDPsiRmQEvEY2dOOXEA0E0E9FQlQ7mfN4mjvG4k7X6AfI+0WDKnsuSR
ec4Oliy5Rtma/HMlWZ41geVqz4CAMtRshTlQXf3zTVrseYKGDYq8cYzZCl+duwtT
QimhUPD3GcHBVF4m81bDo0pQsZKJP+V6EqTy722JHwONOGn1W3HJKqyfvNOpXD8o
Ri5raV5dCt3y/rgTfibjp2zEPocRe8AV5c1W4ZGdWjDBHTGo1EXoa6m4DGfYx6Bi
wMKCwrogQBMvSxW+4VgeMEu7yT5XtK+p9FQwQPQ8OrqnhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org