Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/7n1Z0K8ED4ExOT0c1I8VIV2vk7E.roa
File: 7n1Z0K8ED4ExOT0c1I8VIV2vk7E.roa (raw, json)
Hash identifier: rxjxOxdMq9KCw5j2639uOg4hVn1rUtddg8Bo1ii+T74=
Subject key identifier: EE:7D:59:D0:AF:04:0F:81:31:39:3D:1C:D4:8F:15:21:5D:AF:93:B1
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0182F04E0A7B73321481D7B6DF0049128522
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/7n1Z0K8ED4ExOT0c1I8VIV2vk7E.roa
Signing time: Tue 30 Aug 2022 19:50:22 +0000
ROA not before: Tue 30 Aug 2022 19:50:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a06:d904::/30 maxlen: 30
2a04:c104::/30 maxlen: 30
2a0b:ab00::/30 maxlen: 30
2a09:3b00::/30 maxlen: 30
2a04:c100::/30 maxlen: 30
2a0f:cf80::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:4e:0a:7b:73:32:14:81:d7:b6:df:00:49:12:85:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Aug 30 19:50:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee7d59d0af040f8131393d1cd48f15215daf93b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e2:91:82:de:c3:64:1b:da:64:8d:90:0c:7c:
87:02:48:63:7c:85:4f:6e:e4:6a:a6:48:ef:31:26:
de:93:7c:aa:de:4c:5a:d5:b9:53:c7:a9:e3:15:ef:
02:4c:27:cc:c9:f2:c9:cf:ac:74:f1:e0:e5:1c:15:
02:fb:cd:fd:1e:9f:3e:a5:c0:39:f9:c9:7c:08:17:
73:51:58:7b:66:d6:09:94:e0:25:f8:5e:ce:1f:6b:
fb:24:61:3d:2f:44:e3:fe:96:5f:6b:41:c1:c3:a8:
8e:3b:6c:9e:b9:f8:9f:44:5e:a4:19:8e:7b:4d:8e:
f7:96:09:eb:c8:d1:e9:0d:bd:d3:2b:58:7c:ad:02:
f7:8b:dd:e5:b5:1e:ea:01:77:9d:b5:a9:7a:69:51:
db:2b:2a:58:6d:3a:78:c2:58:8a:d6:89:a6:c7:18:
95:3e:47:20:d5:ef:e3:2b:aa:8f:9a:1d:52:32:a7:
a6:8b:ba:4d:8b:75:b7:e7:d5:a8:87:f1:31:c7:55:
6c:2e:cd:0f:df:dc:64:be:9a:20:99:e8:7e:2f:de:
ce:16:da:ca:2b:95:fd:8e:e0:8c:a2:f1:57:02:a5:
d9:49:98:44:19:68:4e:d2:2f:31:14:e0:67:73:a6:
c9:89:3d:69:12:7f:1f:b1:5b:2c:05:36:40:a1:a8:
82:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7D:59:D0:AF:04:0F:81:31:39:3D:1C:D4:8F:15:21:5D:AF:93:B1
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/7n1Z0K8ED4ExOT0c1I8VIV2vk7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c100::/29
2a06:d904::/30
2a09:3b00::/30
2a0b:ab00::/30
2a0f:cf80::/30
Signature Algorithm: sha256WithRSAEncryption
87:a5:ca:ef:90:65:a1:a6:25:c3:5e:e9:28:ac:f4:04:be:46:
12:12:25:b2:2a:f7:6a:13:02:b8:30:bc:22:2c:eb:13:49:63:
ba:ca:9e:ff:90:25:a8:12:1f:f6:78:f6:51:a7:12:45:78:ed:
f7:44:fd:d2:dc:20:85:5f:15:30:e9:a1:be:0b:74:bf:24:95:
cc:1b:56:79:43:ab:b9:50:b0:b3:40:d8:0e:1d:f1:a0:d4:3e:
ba:d1:0d:ee:e4:04:fd:e4:f0:f1:ce:db:fc:bf:91:79:7c:5d:
a0:a6:5e:46:23:dd:64:52:92:8f:47:a4:93:1d:98:f2:d9:3e:
b9:91:5b:27:a6:81:07:1c:27:87:16:77:65:aa:62:c9:44:8c:
57:7b:0a:ca:89:1d:13:36:37:b1:18:2f:5a:05:6a:a4:73:70:
b1:d5:7c:b5:50:30:0f:5f:6d:30:0f:31:0d:86:b3:3e:13:50:
b2:b0:be:3b:ed:f7:3c:13:9d:b5:e4:ed:19:da:2e:13:df:04:
ea:b3:5e:f7:0a:b0:d5:9a:cd:6e:4d:12:11:8d:37:19:7c:ba:
e4:da:c0:4c:a5:d6:8f:16:c8:fd:0b:4d:22:00:ce:eb:d7:f2:
44:70:4b:59:f5:09:d1:07:7c:58:6c:09:49:cf:31:43:98:d3:
89:55:6b:74
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYLwTgp7czIUgde23wBJEoUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIwODMwMTk1MDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTdkNTlkMGFmMDQwZjgxMzEzOTNkMWNkNDhmMTUyMTVkYWY5M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OKRgt7DZBvaZI2QDHyHAkhjfIVP
buRqpkjvMSbek3yq3kxa1blTx6njFe8CTCfMyfLJz6x08eDlHBUC+839Hp8+pcA5
+cl8CBdzUVh7ZtYJlOAl+F7OH2v7JGE9L0Tj/pZfa0HBw6iOO2yeufifRF6kGY57
TY73lgnryNHpDb3TK1h8rQL3i93ltR7qAXedtal6aVHbKypYbTp4wliK1ommxxiV
Pkcg1e/jK6qPmh1SMqemi7pNi3W359Woh/Exx1VsLs0P39xkvpogmeh+L97OFtrK
K5X9juCMovFXAqXZSZhEGWhO0i8xFOBnc6bJiT1pEn8fsVssBTZAoaiCuwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO59WdCvBA+BMTk9HNSPFSFdr5OxMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvN24xWjBLOEVENEV4T1QwYzFJOFZJVjJ2azdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgTBAAMF
AioG2QQDBQIqCTsAAwUCKgurAAMFAioPz4AwDQYJKoZIhvcNAQELBQADggEBAIel
yu+QZaGmJcNe6Sis9AS+RhISJbIq92oTArgwvCIs6xNJY7rKnv+QJagSH/Z49lGn
EkV47fdE/dLcIIVfFTDpob4LdL8klcwbVnlDq7lQsLNA2A4d8aDUPrrRDe7kBP3k
8PHO2/y/kXl8XaCmXkYj3WRSko9HpJMdmPLZPrmRWyemgQccJ4cWd2WqYslEjFd7
CsqJHRM2N7EYL1oFaqRzcLHVfLVQMA9fbTAPMQ2Gsz4TULKwvjvt9zwTnbXk7Rna
LhPfBOqzXvcKsNWazW5NEhGNNxl8uuTawEyl1o8WyP0LTSIAzuvX8kRwS1n1CdEH
fFhsCUnPMUOY04lVa3Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:45 2023 by rpki-client on console-fra.rpki-client.org