Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSsQq5ZKEgxcnPd65Teeb0Tmy3A.roa
File: pSsQq5ZKEgxcnPd65Teeb0Tmy3A.roa (raw, json)
Hash identifier: LCE9qmnD9rPCexKB7HFPmwd3YnRLV00W+c8jsrP2yZY=
Subject key identifier: A5:2B:10:AB:96:4A:12:0C:5C:9C:F7:7A:E5:37:9E:6F:44:E6:CB:70
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 07DF140E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSsQq5ZKEgxcnPd65Teeb0Tmy3A.roa
Signing time: Sat 01 Jan 2022 08:01:04 +0000
ROA not before: Sat 01 Jan 2022 08:01:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210625
IP address blocks: 2a09:4e06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132060174 (0x7df140e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 08:01:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a52b10ab964a120c5c9cf77ae5379e6f44e6cb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:26:9c:d5:16:4a:f7:9a:44:aa:37:1a:99:
9c:67:b2:9d:90:b4:47:35:2b:61:f7:d1:a2:f8:46:
d0:88:c4:d5:b1:38:04:9c:49:cc:e6:58:db:d5:50:
da:ca:ee:f2:ab:91:c0:8c:5e:b6:af:b5:09:07:10:
fa:60:12:71:aa:dc:8e:d1:89:3b:f1:e2:1a:1e:f9:
aa:91:b7:cb:dd:87:25:df:66:fb:47:a6:f0:af:04:
fa:5c:b8:a3:e0:4f:3e:29:ee:21:56:e3:3d:b3:61:
1a:20:bd:53:c3:08:8e:49:9a:60:dc:52:4b:3c:8f:
85:3d:b8:cd:80:b0:55:cd:6d:3f:f3:bc:85:2f:e2:
41:fb:8b:b5:29:f4:03:59:90:de:5c:6d:7f:d6:8f:
22:03:ee:28:0f:56:65:92:d8:99:29:c7:0a:3d:95:
4c:b1:6d:d1:74:ed:1d:62:f0:86:2a:b5:76:35:f1:
05:0e:84:8b:3c:d5:9f:4c:ba:18:f9:cd:ea:86:02:
9a:3c:06:14:14:15:e7:ea:71:21:87:4c:a0:0d:4d:
c2:16:dd:1d:74:98:3a:0c:5c:f6:e4:12:c4:fe:31:
6a:32:50:b4:12:89:3f:74:e6:ba:fc:17:43:7e:06:
ff:3e:db:d2:87:65:a6:27:4e:d3:c5:86:bf:3a:07:
ba:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2B:10:AB:96:4A:12:0C:5C:9C:F7:7A:E5:37:9E:6F:44:E6:CB:70
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSsQq5ZKEgxcnPd65Teeb0Tmy3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4e06::/32
Signature Algorithm: sha256WithRSAEncryption
ad:07:92:84:50:35:a6:0f:63:99:d4:96:b4:dc:13:5d:92:bf:
3c:8a:b3:21:60:80:e2:ad:f7:bb:4d:9d:2f:62:ee:90:88:39:
f6:20:37:d8:73:15:01:e1:e9:8f:8c:61:e5:52:80:4b:48:0e:
aa:bf:65:87:29:61:b2:24:49:81:8c:c1:44:8d:51:d5:77:ca:
6e:28:ef:b9:dd:dd:a7:80:6b:20:0f:34:6f:6b:c5:04:80:e5:
aa:f2:1c:e4:35:6f:49:09:62:b1:49:eb:e7:41:dd:24:4c:18:
43:66:bb:00:a4:f7:c2:da:3a:8c:a1:02:96:f8:b8:8b:1e:8c:
7a:4b:7d:7f:e7:e1:6c:fb:48:bd:42:2c:e9:f9:6b:3d:ce:ee:
55:4d:ac:33:4a:8e:20:ac:bb:13:93:31:09:8f:c4:90:d2:d1:
f3:eb:7c:2b:ff:46:43:5b:82:54:89:2c:b9:82:a7:07:a1:41:
33:2f:2f:eb:a7:b2:31:b2:cf:4d:e6:fe:f1:16:3f:96:ce:8d:
26:f7:14:cc:bf:fe:2a:16:a5:70:37:1d:d4:cf:b2:98:63:0f:
de:ab:be:e6:fe:11:b6:68:42:c6:27:a2:5d:da:6f:c3:c7:9c:
8e:99:aa:5c:97:61:db:10:bd:eb:b8:2f:21:8b:d4:c2:8b:ce:
ed:29:c9:84
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB98UDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDEw
MTA4MDEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUyYjEwYWI5NjRh
MTIwYzVjOWNmNzdhZTUzNzllNmY0NGU2Y2I3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXBJpzVFkr3mkSqNxqZnGeynZC0RzUrYffRovhG0IjE1bE4
BJxJzOZY29VQ2sru8quRwIxetq+1CQcQ+mAScarcjtGJO/HiGh75qpG3y92HJd9m
+0em8K8E+ly4o+BPPinuIVbjPbNhGiC9U8MIjkmaYNxSSzyPhT24zYCwVc1tP/O8
hS/iQfuLtSn0A1mQ3lxtf9aPIgPuKA9WZZLYmSnHCj2VTLFt0XTtHWLwhiq1djXx
BQ6EizzVn0y6GPnN6oYCmjwGFBQV5+pxIYdMoA1NwhbdHXSYOgxc9uQSxP4xajJQ
tBKJP3TmuvwXQ34G/z7b0odlpidO08WGvzoHunMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSlKxCrlkoSDFyc93rlN55vRObLcDAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
L3BTc1FxNVpLRWd4Y25QZDY1VGVlYjBUbXkzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoJTgYwDQYJKoZIhvcNAQELBQAD
ggEBAK0HkoRQNaYPY5nUlrTcE12SvzyKsyFggOKt97tNnS9i7pCIOfYgN9hzFQHh
6Y+MYeVSgEtIDqq/ZYcpYbIkSYGMwUSNUdV3ym4o77nd3aeAayAPNG9rxQSA5ary
HOQ1b0kJYrFJ6+dB3SRMGENmuwCk98LaOoyhApb4uIsejHpLfX/n4Wz7SL1CLOn5
az3O7lVNrDNKjiCsuxOTMQmPxJDS0fPrfCv/RkNbglSJLLmCpwehQTMvL+unsjGy
z03m/vEWP5bOjSb3FMy//ioWpXA3HdTPsphjD96rvub+EbZoQsYnol3ab8PHnI6Z
qlyXYdsQveu4LyGL1MKLzu0pyYQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-ams.rpki-client.org