Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oGsqJ1tylZMbPcQibCzDQ4HwV5k.roa
File: oGsqJ1tylZMbPcQibCzDQ4HwV5k.roa (raw, json)
Hash identifier: /D7G5gpxUFoYURK1L/p7VJSoMdGOX4inanP5VtVty6w=
Subject key identifier: A0:6B:2A:27:5B:72:95:93:1B:3D:C4:22:6C:2C:C3:43:81:F0:57:99
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018212280AD59DDB98CBBF8F03556F7887F6
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oGsqJ1tylZMbPcQibCzDQ4HwV5k.roa
Signing time: Mon 18 Jul 2022 16:33:10 +0000
ROA not before: Mon 18 Jul 2022 16:33:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a06:e881:73ff::/48 maxlen: 48
2a06:e881:650f::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9300::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:28:0a:d5:9d:db:98:cb:bf:8f:03:55:6f:78:87:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jul 18 16:33:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a06b2a275b7295931b3dc4226c2cc34381f05799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9b:78:ac:32:ed:a3:08:6a:40:c0:86:29:64:
5e:01:a5:30:be:f1:c6:42:b1:95:15:58:5a:ab:87:
a1:01:04:32:88:f6:f0:b6:c5:0d:0b:82:fb:57:ed:
e8:72:eb:54:28:9e:a7:e6:30:c2:ee:6a:b6:3f:26:
19:43:a0:f4:61:48:71:02:ea:44:d5:c4:58:8c:95:
ac:82:3f:38:ce:a3:c6:3f:fb:77:de:20:85:ee:12:
9c:3c:bd:55:73:68:e8:87:8d:96:e0:93:72:16:ef:
0a:7a:f2:11:7a:e7:25:27:20:75:8c:94:8d:8a:e2:
67:2e:0a:56:f0:b9:34:12:d2:21:3e:52:1e:8e:c8:
b5:70:71:a5:ef:4b:0b:6f:30:7d:5b:b8:82:f7:46:
eb:f6:44:01:14:3a:26:b4:84:36:bc:cc:84:90:98:
05:18:1a:83:90:72:3a:3d:b0:5d:ed:61:ae:56:fb:
cb:ba:5a:38:ab:09:91:20:a3:b2:ef:b1:3c:55:f2:
40:49:e3:32:da:82:6b:b0:38:04:7b:12:70:0b:de:
23:fd:40:b5:80:90:38:2f:92:84:a9:fa:7a:2d:13:
68:79:3e:55:53:d2:be:87:f6:ef:97:f1:f4:94:78:
f0:8a:49:c3:7a:6c:45:eb:40:e0:00:8e:0e:88:a5:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6B:2A:27:5B:72:95:93:1B:3D:C4:22:6C:2C:C3:43:81:F0:57:99
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oGsqJ1tylZMbPcQibCzDQ4HwV5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:650f::/48
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9300::/44
Signature Algorithm: sha256WithRSAEncryption
03:90:9e:9b:d5:74:3b:81:00:a2:71:85:e9:3f:51:6d:99:a6:
d7:24:f5:1a:ae:9c:0d:38:23:5a:80:54:cc:fb:74:3b:9c:05:
21:bf:9c:ac:ea:28:ca:f0:08:4d:a0:3b:a4:ce:ad:d6:f3:a4:
25:06:bf:1c:70:1e:60:74:0e:09:52:19:56:ec:ea:e4:8b:d6:
78:a6:f6:c1:8e:97:c7:83:fe:b6:df:f1:78:75:b7:62:dd:41:
e6:d1:dc:f1:8f:de:ba:80:6d:af:bd:34:5b:9e:f2:14:73:66:
0c:5b:00:54:65:66:ee:a4:a8:41:e5:5e:af:3c:f0:39:63:97:
c3:bc:a6:4e:68:7b:e0:fd:ce:f5:f6:14:4a:3b:d5:ba:34:f3:
d8:bc:20:f7:68:9d:f3:de:ab:6f:dc:5e:78:ec:a7:7d:1a:84:
14:8f:29:19:84:29:38:4f:9b:05:cd:43:0a:8b:58:4e:1f:0c:
1f:7d:cd:bb:ef:9f:e4:ed:2e:75:a4:e0:17:8d:49:c9:4d:08:
07:11:94:49:ef:e9:39:22:31:de:5a:23:7c:dc:c8:45:4b:a5:
77:ba:d7:15:fa:fa:09:34:70:59:ed:09:3e:11:84:26:e6:06:
38:ba:ba:9b:c8:35:d2:b1:ec:f4:af:eb:b4:c3:ce:fc:fc:81:
0d:fd:c3:9b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYISKArVnduYy7+PA1VveIf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIwNzE4MTYzMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDZiMmEyNzViNzI5NTkzMWIzZGM0MjI2YzJjYzM0MzgxZjA1Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpt4rDLtowhqQMCGKWReAaUwvvHG
QrGVFVhaq4ehAQQyiPbwtsUNC4L7V+3ocutUKJ6n5jDC7mq2PyYZQ6D0YUhxAupE
1cRYjJWsgj84zqPGP/t33iCF7hKcPL1Vc2joh42W4JNyFu8KevIReuclJyB1jJSN
iuJnLgpW8Lk0EtIhPlIejsi1cHGl70sLbzB9W7iC90br9kQBFDomtIQ2vMyEkJgF
GBqDkHI6PbBd7WGuVvvLulo4qwmRIKOy77E8VfJASeMy2oJrsDgEexJwC94j/UC1
gJA4L5KEqfp6LRNoeT5VU9K+h/bvl/H0lHjwiknDemxF60DgAI4OiKUXIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKBrKidbcpWTGz3EImwsw0OB8FeZMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvb0dzcUoxdHlsWk1iUGNRaWJDekRRNEh3VjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgbogWUP
AwcAKgbogXP/AwcDKgbogZIAAwcEKgbogZMAMA0GCSqGSIb3DQEBCwUAA4IBAQAD
kJ6b1XQ7gQCicYXpP1FtmabXJPUarpwNOCNagFTM+3Q7nAUhv5ys6ijK8AhNoDuk
zq3W86QlBr8ccB5gdA4JUhlW7Orki9Z4pvbBjpfHg/623/F4dbdi3UHm0dzxj966
gG2vvTRbnvIUc2YMWwBUZWbupKhB5V6vPPA5Y5fDvKZOaHvg/c719hRKO9W6NPPY
vCD3aJ3z3qtv3F547Kd9GoQUjykZhCk4T5sFzUMKi1hOHwwffc2775/k7S51pOAX
jUnJTQgHEZRJ7+k5IjHeWiN83MhFS6V3utcV+voJNHBZ7Qk+EYQm5gY4urqbyDXS
sez0r+u0w878/IEN/cOb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:42 2023 by rpki-client on console-ams.rpki-client.org