Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/Cf1kuMOZR3zjASU_DKvWQGl5M6I.roa
File: Cf1kuMOZR3zjASU_DKvWQGl5M6I.roa (raw, json)
Hash identifier: DF1RkY0V51MdgWxUODmWISmY4dizs5i9FFf6HQnfcbQ=
Subject key identifier: 09:FD:64:B8:C3:99:47:7C:E3:01:25:3F:0C:AB:D6:40:69:79:33:A2
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 09734F18
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/Cf1kuMOZR3zjASU_DKvWQGl5M6I.roa
Signing time: Sat 19 Feb 2022 16:04:26 +0000
ROA not before: Sat 19 Feb 2022 16:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4755
IP address blocks: 2a07:8145::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158551832 (0x9734f18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Feb 19 16:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09fd64b8c399477ce301253f0cabd640697933a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:9e:d4:81:f6:50:1e:2f:17:37:f3:7d:8f:
06:ca:c4:b9:34:18:ad:81:c7:33:9b:e8:0e:6f:9a:
85:79:db:a5:4b:2c:30:ec:4c:02:37:50:0e:c7:67:
56:78:9f:f8:3b:88:bc:89:64:5e:90:6b:4d:0e:40:
d0:f9:4e:b6:95:22:01:8c:fd:91:a9:f4:26:6a:9a:
cf:83:9b:d9:b5:f6:14:30:57:67:fa:77:27:db:3c:
2c:13:88:d0:b1:ae:34:ed:c2:76:74:ea:05:10:9b:
d1:c7:36:4e:1a:78:9d:28:40:29:77:a1:90:d5:01:
4b:39:14:5b:63:de:bc:ba:b1:c5:56:42:97:b8:1c:
76:36:b3:66:6b:2c:02:07:54:43:c3:8e:b4:78:5a:
a1:38:fb:d3:c7:71:e2:56:c2:f0:fc:4b:99:e7:9b:
2d:49:9b:4c:d2:58:df:da:df:5e:c0:9a:85:a0:4c:
b6:9d:22:1f:84:71:f4:e7:44:ed:81:af:06:8f:82:
ac:d0:8d:79:61:69:be:8f:e7:fb:f0:0b:ee:0b:b8:
86:d5:3a:c0:88:b8:66:98:86:08:51:77:d3:05:09:
40:35:07:7f:66:f0:92:c3:0d:f4:06:27:7b:67:0b:
a9:fe:30:8b:d5:15:f1:bb:78:ff:0c:2a:c7:2a:0a:
a5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FD:64:B8:C3:99:47:7C:E3:01:25:3F:0C:AB:D6:40:69:79:33:A2
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/Cf1kuMOZR3zjASU_DKvWQGl5M6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
58:bb:b5:69:b9:16:10:a9:81:c1:b4:fd:87:94:d4:c4:5e:92:
0d:f4:93:bd:a8:56:c2:bf:d8:75:61:6d:24:5f:45:b1:00:b4:
59:d6:cc:a7:62:df:68:cb:82:67:06:36:12:a4:5d:36:4f:fe:
a4:3d:d4:2e:96:fb:7c:82:95:33:88:a7:ed:ad:ce:a2:78:dd:
71:c5:45:e0:35:b2:69:dc:ea:a0:46:ed:66:11:2a:44:c6:4f:
4e:88:b4:d2:b1:e3:99:ae:29:27:fd:7c:e8:5e:6a:de:a5:29:
cb:24:f9:5d:38:e1:9d:3d:3d:87:0d:fa:63:5b:14:17:8a:fa:
98:5e:8f:73:df:84:cc:ea:66:6d:86:bf:e9:be:0c:e2:a0:65:
2a:fb:6e:7b:33:96:88:85:d6:fb:81:70:10:1a:1c:82:e6:5e:
07:6c:d9:41:ab:71:ff:26:92:5d:20:10:b7:f8:e4:0a:cf:35:
12:df:05:4d:3e:f2:e3:04:c9:2e:06:cd:62:f0:cf:cb:92:88:
4e:fc:13:8b:30:e0:65:02:ec:77:df:4a:88:24:32:d1:cb:0c:
ac:46:35:28:3b:17:cd:93:ad:fc:34:56:d1:57:e3:da:15:af:
81:37:4e:ef:5d:67:7f:da:83:74:49:86:08:e5:0c:d8:2d:00:
3b:9b:e4:5e
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECXNPGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDIx
OTE2MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlmZDY0YjhjMzk5
NDc3Y2UzMDEyNTNmMGNhYmQ2NDA2OTc5MzNhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9KntSB9lAeLxc3832PBsrEuTQYrYHHM5voDm+ahXnbpUss
MOxMAjdQDsdnVnif+DuIvIlkXpBrTQ5A0PlOtpUiAYz9kan0Jmqaz4Ob2bX2FDBX
Z/p3J9s8LBOI0LGuNO3CdnTqBRCb0cc2Thp4nShAKXehkNUBSzkUW2PevLqxxVZC
l7gcdjazZmssAgdUQ8OOtHhaoTj708dx4lbC8PxLmeebLUmbTNJY39rfXsCahaBM
tp0iH4Rx9OdE7YGvBo+CrNCNeWFpvo/n+/AL7gu4htU6wIi4ZpiGCFF30wUJQDUH
f2bwksMN9AYne2cLqf4wi9UV8bt4/wwqxyoKpa0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQJ/WS4w5lHfOMBJT8Mq9ZAaXkzojAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L0NmMWt1TU9aUjN6akFTVV9ES3ZXUUdsNU02SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoHgUUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBYu7VpuRYQqYHBtP2HlNTEXpIN9JO9qFbCv9h1YW0kX0WxALRZ1synYt9o
y4JnBjYSpF02T/6kPdQulvt8gpUziKftrc6ieN1xxUXgNbJp3OqgRu1mESpExk9O
iLTSseOZrikn/XzoXmrepSnLJPldOOGdPT2HDfpjWxQXivqYXo9z34TM6mZthr/p
vgzioGUq+257M5aIhdb7gXAQGhyC5l4HbNlBq3H/JpJdIBC3+OQKzzUS3wVNPvLj
BMkuBs1i8M/LkohO/BOLMOBlAux330qIJDLRywysRjUoOxfNk638NFbRV+PaFa+B
N07vXWd/2oN0SYYI5QzYLQA7m+Re
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org