Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AHz65QxaWasw4A6GCfXMiL8D40o.roa
File: AHz65QxaWasw4A6GCfXMiL8D40o.roa (raw, json)
Hash identifier: h02telFNNi3mwg+qBY6fokg3yt6QL0hkKEFL1UB28UI=
Subject key identifier: 00:7C:FA:E5:0C:5A:59:AB:30:E0:0E:86:09:F5:CC:88:BF:03:E3:4A
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 079A9227
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AHz65QxaWasw4A6GCfXMiL8D40o.roa
Signing time: Sat 01 Jan 2022 08:01:39 +0000
ROA not before: Sat 01 Jan 2022 08:01:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3258
IP address blocks: 2a09:4::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:1::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127570471 (0x79a9227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 08:01:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=007cfae50c5a59ab30e00e8609f5cc88bf03e34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:55:8b:d7:73:3c:e4:a5:1e:cd:06:32:9d:
c9:f5:7d:86:bd:a2:f1:04:32:e7:cd:c4:93:f1:92:
6b:f2:cf:ba:37:48:d9:2d:9f:ea:10:79:31:01:a2:
a4:e9:7b:0e:86:1b:90:45:e9:5b:73:31:b7:fb:f6:
79:97:68:97:34:24:8c:e8:2d:fc:54:73:6f:b5:d9:
4f:ff:38:c1:fb:07:21:e3:4b:bc:1b:77:89:7f:c6:
49:a8:99:7b:53:d2:14:09:28:51:b2:1a:9d:aa:90:
c2:ca:41:b9:38:a7:89:23:6b:31:39:91:3f:4e:cc:
80:f2:0c:28:3c:f0:df:2a:55:7d:ca:cd:6e:b8:08:
be:77:17:63:11:5c:f3:6f:11:06:8d:f5:00:74:e5:
e1:4b:88:76:6d:aa:6f:68:6b:70:cc:e3:bd:bb:df:
b4:9c:62:88:09:36:70:d5:a2:e4:7d:a3:b5:4a:0c:
2d:da:ab:cb:69:70:d2:73:eb:a1:73:1a:75:11:a9:
f6:19:ea:7f:09:eb:2c:ae:c7:6e:c5:ff:73:b6:46:
87:72:1a:08:65:4d:35:3c:43:ba:7f:cd:d7:93:d0:
92:4a:c7:b3:23:a0:26:89:55:3b:9e:17:4d:0c:73:
c0:48:cc:65:78:95:23:f1:52:ab:b1:31:61:5c:09:
25:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7C:FA:E5:0C:5A:59:AB:30:E0:0E:86:09:F5:CC:88:BF:03:E3:4A
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AHz65QxaWasw4A6GCfXMiL8D40o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7:2008::/48
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
01:80:23:87:bd:e3:3a:5b:2b:59:24:b0:be:b6:57:dd:b3:e1:
50:c8:1e:b4:dc:7a:75:17:2c:60:65:0c:f7:eb:0f:85:4f:12:
9f:5c:32:92:74:00:63:72:e5:a9:0c:1f:6c:22:86:2e:c1:f8:
ae:e9:03:38:27:25:90:bd:2d:10:25:ac:1e:8f:01:b4:3c:35:
f8:28:46:e1:95:80:42:50:2d:2c:e6:4e:07:ab:a9:61:d1:fe:
c5:d9:90:77:d6:9e:08:88:98:27:c8:d8:01:ab:9d:2b:f7:c6:
ff:20:f3:22:c5:2d:3c:de:6e:fb:4d:d1:0c:f8:d7:48:31:97:
be:0d:45:b7:3e:7d:8e:12:81:6e:66:a4:58:58:05:9b:ec:f7:
3c:f0:cb:79:a0:30:01:7e:7e:76:e6:2b:68:2e:e1:cc:2b:37:
54:85:62:b1:12:c4:fb:d0:1e:fe:e1:1d:61:f4:8b:a8:fc:41:
5b:5a:64:c1:ba:18:a8:b5:d5:6b:f4:2a:ff:d9:64:06:de:40:
22:a9:65:66:b3:3f:0d:8e:d9:11:e6:16:69:ac:c8:ed:e8:8c:
f9:56:e3:8e:c4:6a:fc:a0:e8:02:30:d1:ef:d0:cd:30:40:bc:
f7:04:70:c0:fb:5a:93:9c:1d:2f:1e:8d:d6:af:98:df:80:90:
da:64:6a:c5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEB5qSJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA3Y2ZhZTUwYzVh
NTlhYjMwZTAwZTg2MDlmNWNjODhiZjAzZTM0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmzVYvXczzkpR7NBjKdyfV9hr2i8QQy583Ek/GSa/LPujdI
2S2f6hB5MQGipOl7DoYbkEXpW3Mxt/v2eZdolzQkjOgt/FRzb7XZT/84wfsHIeNL
vBt3iX/GSaiZe1PSFAkoUbIanaqQwspBuTiniSNrMTmRP07MgPIMKDzw3ypVfcrN
brgIvncXYxFc828RBo31AHTl4UuIdm2qb2hrcMzjvbvftJxiiAk2cNWi5H2jtUoM
Ldqry2lw0nProXMadRGp9hnqfwnrLK7HbsX/c7ZGh3IaCGVNNTxDun/N15PQkkrH
syOgJolVO54XTQxzwEjMZXiVI/FSq7ExYVwJJWcCAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBQAfPrlDFpZqzDgDoYJ9cyIvwPjSjAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L0FIejY1UXhhV2FzdzRBNkdDZlhNaUw4RDQwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwQwQCAAIwPQMHACoJAAEAAAMHACoJAAIAAAMHACoJ
AAMAAAMHACoJAAQAAAMHACoJAAUAAAMHACoJAAcgCAMFAyoQBIAwDQYJKoZIhvcN
AQELBQADggEBAAGAI4e94zpbK1kksL62V92z4VDIHrTcenUXLGBlDPfrD4VPEp9c
MpJ0AGNy5akMH2wihi7B+K7pAzgnJZC9LRAlrB6PAbQ8NfgoRuGVgEJQLSzmTger
qWHR/sXZkHfWngiImCfI2AGrnSv3xv8g8yLFLTzebvtN0Qz410gxl74NRbc+fY4S
gW5mpFhYBZvs9zzwy3mgMAF+fnbmK2gu4cwrN1SFYrESxPvQHv7hHWH0i6j8QVta
ZMG6GKi11Wv0Kv/ZZAbeQCKpZWazPw2O2RHmFmmsyO3ojPlW447Eavyg6AIw0e/Q
zTBAvPcEcMD7WpOcHS8ejdavmN+AkNpkasU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org