Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/XdblWXHEzQo0ji7RO2GdEK9MlH4.roa
File: XdblWXHEzQo0ji7RO2GdEK9MlH4.roa (raw, json)
Hash identifier: dTcOEWZCqR3LmNCb0w5+sVcSlopwslt2efU4iuYDZ5A=
Subject key identifier: 5D:D6:E5:59:71:C4:CD:0A:34:8E:2E:D1:3B:61:9D:10:AF:4C:94:7E
Certificate issuer: /CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Certificate serial: 0181DACF8E265FB3801D6C1C51D1011E3547
Authority key identifier: 53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/XdblWXHEzQo0ji7RO2GdEK9MlH4.roa
Signing time: Thu 07 Jul 2022 22:37:24 +0000
ROA not before: Thu 07 Jul 2022 22:37:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a11:70c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:cf:8e:26:5f:b3:80:1d:6c:1c:51:d1:01:1e:35:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Validity
Not Before: Jul 7 22:37:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd6e55971c4cd0a348e2ed13b619d10af4c947e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:43:7a:83:6c:81:e9:0a:a2:13:ec:d1:c5:07:
a2:2f:f8:e0:1f:97:7b:d7:d4:6a:c8:46:49:2f:da:
84:dd:78:bb:a3:26:64:0b:03:2a:78:c5:6e:72:23:
79:e3:59:2c:04:ea:58:db:26:09:9b:26:98:56:86:
62:6a:aa:1f:3c:3a:de:58:e2:85:f1:ce:24:2c:20:
7f:22:57:0c:bc:49:e9:7d:db:0e:5a:2e:76:fd:da:
7e:13:df:0d:a5:8c:64:03:da:9c:00:0c:e6:31:42:
d1:7a:aa:30:e0:a9:b9:2f:f3:db:44:4c:8c:c2:ab:
ec:93:04:01:f8:13:96:1a:1c:c8:66:c5:30:cc:3d:
42:b2:46:5c:61:56:c2:94:4a:8c:45:26:3c:de:62:
d8:77:3b:c8:5f:2b:89:1e:46:f8:4d:a2:53:95:ff:
58:ad:9f:bf:d4:b3:ef:cd:31:df:c1:f4:a3:81:54:
2d:93:75:27:fb:ff:4d:92:38:4d:d2:2d:e0:71:17:
1c:fd:40:d1:c1:ed:15:da:44:cb:ac:e1:0d:c7:b7:
30:2e:ba:66:07:8c:f2:1b:f0:da:bd:6d:72:af:a7:
3d:5f:10:8c:69:f6:d3:a0:18:7f:99:de:82:10:29:
52:2f:2b:ea:c4:34:5c:62:ac:cb:7e:1c:50:b0:e1:
6a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D6:E5:59:71:C4:CD:0A:34:8E:2E:D1:3B:61:9D:10:AF:4C:94:7E
X509v3 Authority Key Identifier:
keyid:53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/XdblWXHEzQo0ji7RO2GdEK9MlH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/UwSTo9w8C34wx3ceK-IPgR68R-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:70c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:45:1e:c1:37:8b:2f:39:51:68:2a:61:0d:c6:4f:5b:6f:9a:
a8:5f:ec:9f:ce:7b:cd:80:d2:87:e2:f8:03:37:f0:97:93:d4:
8d:56:62:b1:ee:c5:9d:b3:08:29:0e:ca:8a:37:3b:f1:c6:bc:
04:94:b9:88:a7:50:3c:d3:c9:a4:8e:69:08:37:47:4a:8b:90:
b9:2a:e0:76:5a:4c:c7:59:5c:46:1d:db:01:67:45:2f:ed:93:
d7:24:ca:a4:b9:94:ff:a2:39:af:be:29:a8:3d:af:02:75:66:
52:65:81:6d:b4:4e:53:aa:f7:34:e4:f9:e0:0e:c0:b5:d0:5e:
d0:38:bb:37:4c:34:e9:76:fa:8c:19:e3:71:43:61:fc:db:ec:
5e:8a:ad:54:b6:35:a6:77:27:ec:01:0d:24:9b:9c:34:95:9b:
03:91:44:3a:fd:12:7c:a6:38:14:25:e6:0c:14:d6:24:a6:ba:
3e:2f:9f:8d:72:01:56:ec:a0:21:41:72:d9:27:17:97:75:3c:
38:72:82:11:5c:31:36:03:df:a3:f0:26:0b:03:ad:44:f0:54:
11:59:5a:4f:2b:b4:19:26:d3:dd:f9:4e:11:f9:ba:8b:89:20:
bb:f7:e1:92:1a:12:0a:eb:91:a4:18:57:3b:33:a4:3b:f8:bb:
ab:86:57:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaz44mX7OAHWwcUdEBHjVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMDQ5M2EzZGMzYzBiN2UzMGM3NzcxZTJiZTIwZjgxMWVi
YzQ3ZTAwHhcNMjIwNzA3MjIzNzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ2ZTU1OTcxYzRjZDBhMzQ4ZTJlZDEzYjYxOWQxMGFmNGM5NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkN6g2yB6QqiE+zRxQeiL/jgH5d7
19RqyEZJL9qE3Xi7oyZkCwMqeMVuciN541ksBOpY2yYJmyaYVoZiaqofPDreWOKF
8c4kLCB/IlcMvEnpfdsOWi52/dp+E98NpYxkA9qcAAzmMULReqow4Km5L/PbREyM
wqvskwQB+BOWGhzIZsUwzD1CskZcYVbClEqMRSY83mLYdzvIXyuJHkb4TaJTlf9Y
rZ+/1LPvzTHfwfSjgVQtk3Un+/9NkjhN0i3gcRcc/UDRwe0V2kTLrOENx7cwLrpm
B4zyG/DavW1yr6c9XxCMafbToBh/md6CEClSLyvqxDRcYqzLfhxQsOFqRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF3W5VlxxM0KNI4u0TthnRCvTJR+MB8GA1UdIwQY
MBaAFFMEk6PcPAt+MMd3HiviD4EevEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEt
YWZkZWExMmZiOTY1LzEvWGRibFdYSEV6UW8wamk3Uk8yR2RFSzlNbEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEtYWZkZWExMmZiOTY1
LzEvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFwwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKUUewTeLLzlRaCphDcZPW2+aqF/sn857zYDSh+L4
Azfwl5PUjVZise7FnbMIKQ7Kijc78ca8BJS5iKdQPNPJpI5pCDdHSouQuSrgdlpM
x1lcRh3bAWdFL+2T1yTKpLmU/6I5r74pqD2vAnVmUmWBbbROU6r3NOT54A7AtdBe
0Di7N0w06Xb6jBnjcUNh/NvsXoqtVLY1pncn7AENJJucNJWbA5FEOv0SfKY4FCXm
DBTWJKa6Pi+fjXIBVuygIUFy2ScXl3U8OHKCEVwxNgPfo/AmCwOtRPBUEVlaTyu0
GSbT3flOEfm6i4kgu/fhkhoSCuuRpBhXOzOkO/i7q4ZXZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-ams.rpki-client.org