Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/A5Y-CTYZafA--HN3IQM6LsB_5sc.roa
File: A5Y-CTYZafA--HN3IQM6LsB_5sc.roa (raw, json)
Hash identifier: Af6EsIggDlFRbhCPNXs8T6w8FW7QTwwhS/7kjBF6i94=
Subject key identifier: 03:96:3E:09:36:19:69:F0:3E:F8:73:77:21:03:3A:2E:C0:7F:E6:C7
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0FDFD223
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/A5Y-CTYZafA--HN3IQM6LsB_5sc.roa
Signing time: Sat 01 Jan 2022 14:59:41 +0000
ROA not before: Sat 01 Jan 2022 14:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137909
IP address blocks: 2a06:e881:1600::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266326563 (0xfdfd223)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 1 14:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03963e09361969f03ef8737721033a2ec07fe6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:e1:c9:4c:56:81:3c:47:ac:4e:4c:65:26:
dc:9d:4a:5f:53:d8:df:8e:83:77:d3:c0:6c:3d:9d:
c6:07:b1:52:30:04:1a:8c:dd:46:b7:f0:9c:bd:a7:
63:65:45:d1:73:64:73:70:fe:e5:71:ec:63:5c:39:
d4:de:8b:f7:5e:19:b5:94:77:71:ea:52:a2:5b:60:
8a:7e:0a:31:f4:0a:3c:cf:a1:e9:49:9f:e4:29:47:
ed:42:15:ce:f6:50:0b:3d:82:bc:73:1a:2e:25:82:
66:c3:04:67:ee:ca:56:31:56:65:bf:87:82:fe:3b:
a6:89:c5:f0:73:ab:f8:5c:99:e2:b4:cc:89:9f:15:
cb:f0:af:04:a8:d8:3c:74:c0:40:cd:99:4a:a9:2e:
7d:b0:11:10:cc:1d:ba:90:94:59:e8:6d:38:2b:b9:
2f:51:46:e3:51:53:f6:4f:81:87:29:4a:a0:95:07:
74:75:1f:5c:34:94:93:51:6b:e6:5c:71:29:5b:51:
69:63:6e:20:db:c9:c8:4e:a9:ca:11:9a:fc:1b:15:
31:5d:f6:45:60:ec:2f:59:69:29:f4:74:d9:cf:94:
91:8a:99:ad:ed:4a:15:cc:7d:48:91:c4:eb:29:e1:
d8:ef:cf:7d:dc:d6:78:d0:24:8f:8e:4a:3a:d8:39:
f5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:96:3E:09:36:19:69:F0:3E:F8:73:77:21:03:3A:2E:C0:7F:E6:C7
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/A5Y-CTYZafA--HN3IQM6LsB_5sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:1600::/44
Signature Algorithm: sha256WithRSAEncryption
15:62:6a:93:69:1a:b8:99:29:d5:27:f4:03:3b:54:c1:02:62:
83:9a:d8:20:f8:43:ff:62:47:f2:78:d1:6a:69:28:7d:ad:3d:
e7:f3:b4:f7:e1:46:f2:b7:00:f0:26:67:d0:70:28:d8:61:86:
63:98:cd:76:40:1a:97:a7:df:16:e7:11:15:f0:45:88:b5:6c:
41:e5:41:dc:60:00:de:c9:3c:8e:ab:75:a3:44:da:ff:f4:4f:
90:55:60:45:fb:b6:86:8b:2f:ce:b0:4f:15:6b:9d:3b:ee:72:
f9:c8:d5:b9:ae:98:c6:f4:29:db:04:53:62:c3:73:c5:eb:06:
cc:3d:e1:b7:bc:ec:1e:2e:02:ea:a6:3a:6c:09:23:8f:b6:73:
55:cb:bd:4f:5d:b2:b4:7b:e7:8e:4a:98:8e:74:70:39:99:83:
99:bc:23:0a:6d:c1:40:29:1f:c1:f1:92:c4:fb:07:44:cf:03:
c0:b2:61:c7:b6:74:93:6b:89:23:f9:75:63:7a:38:0f:b9:63:
e2:ed:7d:aa:38:2a:b9:3c:3f:b1:f0:74:6b:39:e6:1d:b7:0c:
f8:e3:7a:a7:56:93:e6:01:a2:49:17:76:b6:7d:e2:2b:4d:dd:
d8:c3:d9:55:a0:d3:29:03:96:a9:d9:50:9c:06:b6:a9:f8:2a:
79:99:82:bd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED9/SIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDEw
MTE0NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM5NjNlMDkzNjE5
NjlmMDNlZjg3Mzc3MjEwMzNhMmVjMDdmZTZjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIad4clMVoE8R6xOTGUm3J1KX1PY346Dd9PAbD2dxgexUjAE
GozdRrfwnL2nY2VF0XNkc3D+5XHsY1w51N6L914ZtZR3cepSoltgin4KMfQKPM+h
6Umf5ClH7UIVzvZQCz2CvHMaLiWCZsMEZ+7KVjFWZb+Hgv47ponF8HOr+FyZ4rTM
iZ8Vy/CvBKjYPHTAQM2ZSqkufbAREMwdupCUWehtOCu5L1FG41FT9k+BhylKoJUH
dHUfXDSUk1Fr5lxxKVtRaWNuINvJyE6pyhGa/BsVMV32RWDsL1lpKfR02c+UkYqZ
re1KFcx9SJHE6ynh2O/PfdzWeNAkj45KOtg59S0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQDlj4JNhlp8D74c3chAzouwH/mxzAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L0E1WS1DVFlaYWZBLS1ITjNJUU02THNCXzVzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoG6IEWADANBgkqhkiG9w0BAQsF
AAOCAQEAFWJqk2kauJkp1Sf0AztUwQJig5rYIPhD/2JH8njRamkofa095/O09+FG
8rcA8CZn0HAo2GGGY5jNdkAal6ffFucRFfBFiLVsQeVB3GAA3sk8jqt1o0Ta//RP
kFVgRfu2hosvzrBPFWudO+5y+cjVua6YxvQp2wRTYsNzxesGzD3ht7zsHi4C6qY6
bAkjj7ZzVcu9T12ytHvnjkqYjnRwOZmDmbwjCm3BQCkfwfGSxPsHRM8DwLJhx7Z0
k2uJI/l1Y3o4D7lj4u19qjgquTw/sfB0aznmHbcM+ON6p1aT5gGiSRd2tn3iK03d
2MPZVaDTKQOWqdlQnAa2qfgqeZmCvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:55 2023 by rpki-client on console-fra.rpki-client.org