Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/eIXVmIPSKruTVNkh69jkNMR1hQA.roa
File: eIXVmIPSKruTVNkh69jkNMR1hQA.roa (raw, json)
Hash identifier: OETu9WpcjQOY6d3v6Ucagq8I5jS+rQXiXAuGYJQR1+k=
Subject key identifier: 78:85:D5:98:83:D2:2A:BB:93:54:D9:21:EB:D8:E4:34:C4:75:85:00
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 1B60C53F
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/eIXVmIPSKruTVNkh69jkNMR1hQA.roa
Signing time: Sat 01 Jan 2022 08:54:23 +0000
ROA not before: Sat 01 Jan 2022 08:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212390
IP address blocks: 2a04:2b00:14dd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459326783 (0x1b60c53f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 08:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7885d59883d22abb9354d921ebd8e434c4758500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:50:7c:77:75:1a:0f:5c:ef:72:cd:df:90:25:
64:62:01:14:6f:92:10:db:a9:68:37:2c:d1:7a:12:
c4:7c:b8:69:77:72:6a:b7:0d:cd:f8:3a:4a:34:8b:
55:ce:67:68:bb:15:03:d0:18:c7:d2:cc:2e:bd:68:
ee:e1:c9:8b:a3:1a:c3:b2:5f:65:f2:54:56:24:1c:
d3:61:c1:9e:b0:c3:44:bd:d4:d9:53:00:76:40:c0:
a0:e7:4a:b2:dc:02:a8:57:6b:88:dc:fe:4c:4e:bd:
3e:89:92:2e:64:0f:74:59:3d:65:f7:a7:e0:2f:a8:
94:d1:4e:b1:c4:32:1c:0b:31:e5:03:8c:77:a6:74:
1e:fc:d9:8a:29:6d:6c:19:d2:8f:fd:b6:87:22:d8:
0d:74:95:99:77:9d:92:9f:95:52:6d:71:79:0c:6b:
f9:92:3f:5a:45:6d:8d:32:73:22:21:86:ed:d7:73:
a3:0b:28:7c:5c:42:0d:3e:3c:91:0b:83:66:d5:64:
bf:74:7c:8d:3c:e4:62:29:17:e7:03:fe:4c:f1:82:
46:17:f2:8e:ce:73:12:7b:d6:56:57:f0:b3:6a:82:
82:e3:6f:d8:19:43:f4:98:78:dd:34:af:5c:76:fa:
a5:9e:a2:1f:9a:fd:eb:94:5f:a7:a2:1e:30:a4:4d:
2c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:85:D5:98:83:D2:2A:BB:93:54:D9:21:EB:D8:E4:34:C4:75:85:00
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/eIXVmIPSKruTVNkh69jkNMR1hQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14dd::/48
Signature Algorithm: sha256WithRSAEncryption
15:e5:8d:a5:d3:06:ec:7c:09:41:eb:f5:60:67:56:d8:ea:3f:
d2:2a:0b:09:32:33:4c:0d:0b:bb:12:99:bb:3b:e2:0f:4a:bf:
96:43:7c:0b:ea:94:22:84:0f:cf:63:0a:09:2d:d0:ac:27:cf:
d3:9e:1c:3d:0b:8f:4d:0b:9d:75:94:46:a0:cc:a1:db:4d:b2:
22:8b:03:7d:92:f2:35:e1:08:50:75:c5:e9:09:49:c7:b4:9b:
ca:65:35:05:f6:57:ac:fd:1f:e7:f7:62:6d:8a:9d:46:25:46:
5e:4c:9a:6c:ee:d9:86:79:86:a4:fc:df:ba:f4:64:f9:e1:ce:
6d:c1:f0:97:a0:14:a8:67:01:b8:b4:1b:6c:9a:be:2f:b0:fe:
33:7f:55:8b:a6:0d:b2:eb:18:84:d6:5f:f6:19:ab:c7:1c:7c:
c9:f6:11:1e:1d:19:2b:d1:e8:94:95:33:b3:f2:a9:15:8b:42:
e1:13:81:2e:2c:fc:96:0d:9c:0b:04:6e:06:70:6e:b9:c3:a5:
32:c6:96:bb:d9:b4:bd:65:e0:02:46:d6:d5:34:16:3a:3c:03:
ea:44:19:81:ea:a0:e9:93:5f:42:f7:74:5c:b0:5f:b3:5c:64:
66:44:eb:35:f0:77:fe:35:1e:87:db:bf:95:65:34:94:30:29:
f5:12:44:1d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEG2DFPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc2YWZiNzRmYWQ1YmFmMGE2MTgwYjQ5NTEwZDhiODQ5N2RmOGQzMB4XDTIyMDEw
MTA4NTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg4NWQ1OTg4M2Qy
MmFiYjkzNTRkOTIxZWJkOGU0MzRjNDc1ODUwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpQfHd1Gg9c73LN35AlZGIBFG+SENupaDcs0XoSxHy4aXdy
arcNzfg6SjSLVc5naLsVA9AYx9LMLr1o7uHJi6Maw7JfZfJUViQc02HBnrDDRL3U
2VMAdkDAoOdKstwCqFdriNz+TE69PomSLmQPdFk9Zfen4C+olNFOscQyHAsx5QOM
d6Z0HvzZiiltbBnSj/22hyLYDXSVmXedkp+VUm1xeQxr+ZI/WkVtjTJzIiGG7ddz
owsofFxCDT48kQuDZtVkv3R8jTzkYikX5wP+TPGCRhfyjs5zEnvWVlfws2qCguNv
2BlD9Jh43TSvXHb6pZ6iH5r965Rfp6IeMKRNLB0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR4hdWYg9Iqu5NU2SHr2OQ0xHWFADAfBgNVHSMEGDAWgBRHdq+3T61brwph
gLSVENi4SX340zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzYXZ0MC10VzY4S1lZQzBsUkRZdUVsOS1OTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8x
L2VJWFZtSVBTS3J1VFZOa2g2OWprTk1SMWhRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8xL1IzYXZ0MC10VzY4
S1lZQzBsUkRZdUVsOS1OTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEKwAU3TANBgkqhkiG9w0BAQsF
AAOCAQEAFeWNpdMG7HwJQev1YGdW2Oo/0ioLCTIzTA0LuxKZuzviD0q/lkN8C+qU
IoQPz2MKCS3QrCfP054cPQuPTQuddZRGoMyh202yIosDfZLyNeEIUHXF6QlJx7Sb
ymU1BfZXrP0f5/dibYqdRiVGXkyabO7ZhnmGpPzfuvRk+eHObcHwl6AUqGcBuLQb
bJq+L7D+M39Vi6YNsusYhNZf9hmrxxx8yfYRHh0ZK9HolJUzs/KpFYtC4ROBLiz8
lg2cCwRuBnBuucOlMsaWu9m0vWXgAkbW1TQWOjwD6kQZgeqg6ZNfQvd0XLBfs1xk
ZkTrNfB3/jUeh9u/lWU0lDAp9RJEHQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:25 2023 by rpki-client on console-ams.rpki-client.org