Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/1akl2XF4I3D8gGnO7CmXx5WgiaM.roa
File: 1akl2XF4I3D8gGnO7CmXx5WgiaM.roa (raw, json)
Hash identifier: CRZD75+rRXmoytzsDIpUjUiBVd/fj5CzPvo/9blwiMo=
Subject key identifier: D5:A9:25:D9:71:78:23:70:FC:80:69:CE:EC:29:97:C7:95:A0:89:A3
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 17F4D9B8
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/1akl2XF4I3D8gGnO7CmXx5WgiaM.roa
Signing time: Sat 01 Jan 2022 09:54:32 +0000
ROA not before: Sat 01 Jan 2022 09:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 760
IP address blocks: 2001:62a::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401922488 (0x17f4d9b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 1 09:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5a925d971782370fc8069ceec2997c795a089a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:22:0a:db:bc:41:64:69:a3:da:f5:57:f4:f4:
87:86:8b:43:42:2f:18:6c:52:0c:03:bc:a2:18:f1:
1f:cb:7c:a2:5c:9e:c9:b5:4a:48:70:d0:1e:03:5e:
cc:30:70:fc:42:c1:48:6d:d8:4b:00:01:b2:87:57:
fb:ef:b8:2a:ba:d8:74:0b:71:45:a1:9f:d7:d9:90:
2a:e7:1c:80:6a:01:f1:6b:cd:56:ef:96:20:30:81:
86:76:e2:94:5f:28:46:9d:81:e0:77:10:76:6a:64:
a5:7e:89:95:e1:05:35:bd:dc:54:af:a4:3b:1f:3a:
10:17:81:68:b6:07:08:2c:a7:31:ba:78:ed:a9:6e:
78:53:36:c5:65:80:5a:dc:5a:49:44:6d:a4:d0:78:
ce:fc:7a:5b:8a:f7:12:c1:46:c7:f5:69:c1:65:8f:
24:f9:d2:08:b5:1a:91:be:41:e9:6f:3c:01:42:9a:
51:e9:01:95:9c:e1:42:46:88:3b:19:31:96:ed:2e:
6b:bd:f8:37:3a:21:72:63:f8:94:17:a2:30:e0:b5:
26:f6:14:8f:8d:2a:a8:ca:7c:d9:41:c9:1a:c6:0c:
06:47:8d:dd:ae:ae:e0:77:86:0e:68:1f:ab:42:a7:
2a:3d:08:70:f8:ea:05:81:6a:d1:5c:b0:e3:f7:78:
25:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A9:25:D9:71:78:23:70:FC:80:69:CE:EC:29:97:C7:95:A0:89:A3
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/1akl2XF4I3D8gGnO7CmXx5WgiaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:62a::/31
Signature Algorithm: sha256WithRSAEncryption
7e:ec:e1:d2:38:34:ba:8e:12:87:bd:65:ea:93:89:c7:01:97:
25:5f:ed:5a:f6:93:20:d1:20:39:1a:f1:4b:22:a1:39:5b:aa:
65:0d:b3:ee:9e:e5:cd:a1:fe:ee:69:cf:29:c3:05:57:9c:05:
e9:73:a2:1e:8a:d3:02:49:ab:93:bb:83:59:00:19:30:ea:3f:
4f:43:01:84:5b:c0:a9:a4:da:a6:10:8d:90:8e:cc:f6:01:f9:
5c:8f:ed:00:6a:2d:fe:23:77:9b:11:2e:96:20:f4:e3:e6:8a:
ca:10:70:e4:9c:d4:e4:0b:2f:22:a6:2c:82:6f:66:53:9e:30:
d4:ab:55:f4:bb:55:b8:9f:bb:f5:a0:12:9c:63:d5:aa:16:7d:
a8:b3:2e:5f:b3:69:df:03:59:7a:fb:bb:f3:22:2a:e6:3a:2d:
04:21:30:fe:95:e3:67:31:52:2b:6d:d6:cf:f7:e0:dc:fd:c5:
ff:d8:30:c2:0d:8b:db:30:37:1e:92:6f:2c:22:af:3b:b3:b5:
b1:fe:3e:2d:c8:e3:c5:8b:72:da:55:87:a1:97:68:96:4e:26:
f7:f4:1d:ae:aa:fc:64:ed:b7:a6:5b:f6:5c:fc:50:d2:b1:73:
63:ff:f4:1a:f4:25:8b:41:af:13:5a:e0:01:77:a5:4f:70:78:
0c:c6:b6:6a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEF/TZuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2Q4NDQ4YzVjYjkwMzk4ZTRjMjg1Y2VjOWMwZjQ3NjZhYzkzMWRmMB4XDTIyMDEw
MTA5NTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVhOTI1ZDk3MTc4
MjM3MGZjODA2OWNlZWMyOTk3Yzc5NWEwODlhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQiCtu8QWRpo9r1V/T0h4aLQ0IvGGxSDAO8ohjxH8t8olye
ybVKSHDQHgNezDBw/ELBSG3YSwABsodX+++4KrrYdAtxRaGf19mQKuccgGoB8WvN
Vu+WIDCBhnbilF8oRp2B4HcQdmpkpX6JleEFNb3cVK+kOx86EBeBaLYHCCynMbp4
7alueFM2xWWAWtxaSURtpNB4zvx6W4r3EsFGx/VpwWWPJPnSCLUakb5B6W88AUKa
UekBlZzhQkaIOxkxlu0ua734NzohcmP4lBeiMOC1JvYUj40qqMp82UHJGsYMBkeN
3a6u4HeGDmgfq0KnKj0IcPjqBYFq0Vyw4/d4JaECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTVqSXZcXgjcPyAac7sKZfHlaCJozAfBgNVHSMEGDAWgBQj2ESMXLkDmOTC
hc7JwPR2askx3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5aEVqRnk1QTVqa3dvWE95Y0QwZG1ySk1kOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvZjRhODBkLWY1ZjctNDUyMi1iOWI1LWY3NzJhMDEzOTAxNi8x
LzFha2wyWEY0STNEOGdHbk83Q21YeDVXZ2lhTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
ZjRhODBkLWY1ZjctNDUyMi1iOWI1LWY3NzJhMDEzOTAxNi8xL0k5aEVqRnk1QTVq
a3dvWE95Y0QwZG1ySk1kOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFASABBiowDQYJKoZIhvcNAQELBQAD
ggEBAH7s4dI4NLqOEoe9ZeqTiccBlyVf7Vr2kyDRIDka8UsioTlbqmUNs+6e5c2h
/u5pzynDBVecBelzoh6K0wJJq5O7g1kAGTDqP09DAYRbwKmk2qYQjZCOzPYB+VyP
7QBqLf4jd5sRLpYg9OPmisoQcOSc1OQLLyKmLIJvZlOeMNSrVfS7Vbifu/WgEpxj
1aoWfaizLl+zad8DWXr7u/MiKuY6LQQhMP6V42cxUitt1s/34Nz9xf/YMMINi9sw
Nx6SbywirzuztbH+Pi3I48WLctpVh6GXaJZOJvf0Ha6q/GTtt6Zb9lz8UNKxc2P/
9Br0JYtBrxNa4AF3pU9weAzGtmo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:52 2023 by rpki-client on console-fra.rpki-client.org