Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9QGOTPNJYsXGK-5pop8J_k59EDI.roa
File: 9QGOTPNJYsXGK-5pop8J_k59EDI.roa (raw, json)
Hash identifier: nIOm+d2CsA8A7YR2ZUFa/ams4QpANVI3HVuw55S0LVQ=
Subject key identifier: F5:01:8E:4C:F3:49:62:C5:C6:2B:EE:69:A2:9F:09:FE:4E:7D:10:32
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01856072EA4A21E74B2BCE6A6B78A920DDBE
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9QGOTPNJYsXGK-5pop8J_k59EDI.roa
Signing time: Fri 30 Dec 2022 00:33:41 +0000
ROA not before: Fri 30 Dec 2022 00:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4477
IP address blocks: 2a09:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:60:72:ea:4a:21:e7:4b:2b:ce:6a:6b:78:a9:20:dd:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 30 00:33:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5018e4cf34962c5c62bee69a29f09fe4e7d1032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:76:f0:e4:16:0b:4e:f7:26:eb:1e:b9:4a:6e:
f4:74:70:ec:aa:ca:9c:31:56:48:26:e0:97:fd:9d:
bc:03:18:4e:fd:53:6c:aa:ac:02:b5:c2:d1:7b:f6:
c1:60:ed:89:b7:18:39:83:33:5b:81:9b:9b:10:81:
76:04:5b:78:75:e7:84:91:ee:2c:25:fa:aa:ba:15:
22:8e:f9:11:e8:4f:c1:61:bc:6d:19:0e:a4:9a:e9:
ac:c1:96:c6:a4:11:6e:eb:3d:65:0c:ad:c8:99:01:
cb:6a:af:e6:89:0a:54:f0:b2:73:b3:90:a1:f1:ac:
bc:b7:10:8f:6a:53:c2:8f:f0:93:4d:29:4a:ff:d9:
a8:6e:b2:94:70:68:3d:8b:99:d0:c4:df:5a:4d:3d:
97:4e:15:b9:a7:d2:7f:01:0f:0e:03:9e:63:4f:1d:
7a:d3:99:74:14:77:c9:7c:b0:61:ee:9f:5c:a2:ec:
97:c5:eb:47:31:08:6b:63:fb:04:60:a7:ac:d6:c4:
31:21:ab:22:9e:02:76:0c:ac:3d:d8:26:08:f2:64:
ee:e3:74:67:f3:96:48:a5:55:5a:1b:ef:0a:8e:b9:
75:a9:58:1c:da:a6:ad:8e:50:c1:01:3b:b1:9d:2b:
a9:8b:3e:e2:30:21:e2:7b:4f:f6:1c:d5:34:e8:c8:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:01:8E:4C:F3:49:62:C5:C6:2B:EE:69:A2:9F:09:FE:4E:7D:10:32
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9QGOTPNJYsXGK-5pop8J_k59EDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
49:cd:a7:4c:22:61:3a:4f:2c:88:3d:0f:cd:50:4a:2d:fd:e9:
8e:e4:c5:85:bd:23:96:82:e7:8a:58:47:1f:eb:65:ff:75:34:
ca:db:ca:2f:82:16:54:5a:a7:8e:be:1e:f7:ce:99:b4:48:ad:
cd:14:c2:95:ef:91:4a:a9:e9:bb:09:e3:51:44:26:c3:b9:58:
b9:0d:d0:77:48:de:f5:b2:89:33:27:6b:76:67:ea:47:0b:d0:
d0:c2:da:24:22:f6:5f:71:10:fb:75:54:54:26:93:a5:01:bf:
fa:bd:87:fb:a4:cd:a7:37:95:4c:df:60:f0:82:b2:42:4f:96:
97:1c:c3:55:87:d4:93:7f:87:42:bd:a6:5e:87:91:31:0a:1e:
b1:d4:53:94:a5:96:86:d9:25:f3:89:bb:3b:02:a0:d3:31:9c:
b5:d4:07:27:cc:dd:8f:ad:17:7e:38:69:bd:bd:2a:1b:ad:e3:
ed:f6:98:35:01:73:2a:00:37:08:f4:7c:65:ab:7e:cc:7f:f1:
3d:32:f9:cc:33:a4:8b:93:fe:1b:cd:c4:9a:c9:a5:9c:e8:e4:
db:27:43:86:c0:c7:00:42:cf:e4:4b:0c:3e:3f:c9:0f:64:6f:
32:5e:fc:f2:3c:c9:67:40:a9:e3:f5:36:a3:cf:fb:c2:ff:95:
a2:7c:41:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVgcupKIedLK85qa3ipIN2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMjMwMDAzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAxOGU0Y2YzNDk2MmM1YzYyYmVlNjlhMjlmMDlmZTRlN2QxMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnbw5BYLTvcm6x65Sm70dHDsqsqc
MVZIJuCX/Z28AxhO/VNsqqwCtcLRe/bBYO2Jtxg5gzNbgZubEIF2BFt4deeEke4s
JfqquhUijvkR6E/BYbxtGQ6kmumswZbGpBFu6z1lDK3ImQHLaq/miQpU8LJzs5Ch
8ay8txCPalPCj/CTTSlK/9mobrKUcGg9i5nQxN9aTT2XThW5p9J/AQ8OA55jTx16
05l0FHfJfLBh7p9couyXxetHMQhrY/sEYKes1sQxIasingJ2DKw92CYI8mTu43Rn
85ZIpVVaG+8Kjrl1qVgc2qatjlDBATuxnSupiz7iMCHie0/2HNU06Mg9wwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPUBjkzzSWLFxivuaaKfCf5OfRAyMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvOVFHT1RQTkpZc1hHSy01cG9wOEpfazU5RURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgl8QDAN
BgkqhkiG9w0BAQsFAAOCAQEASc2nTCJhOk8siD0PzVBKLf3pjuTFhb0jloLnilhH
H+tl/3U0ytvKL4IWVFqnjr4e986ZtEitzRTCle+RSqnpuwnjUUQmw7lYuQ3Qd0je
9bKJMydrdmfqRwvQ0MLaJCL2X3EQ+3VUVCaTpQG/+r2H+6TNpzeVTN9g8IKyQk+W
lxzDVYfUk3+HQr2mXoeRMQoesdRTlKWWhtkl84m7OwKg0zGctdQHJ8zdj60Xfjhp
vb0qG63j7faYNQFzKgA3CPR8Zat+zH/xPTL5zDOki5P+G83EmsmlnOjk2ydDhsDH
AELP5EsMPj/JD2RvMl788jzJZ0Cp4/U2o8/7wv+VonxBfw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:53 2023 by rpki-client on console-ams.rpki-client.org