Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JLSJOh7EqyN65XiONXaLrWRfq7g.roa
File: JLSJOh7EqyN65XiONXaLrWRfq7g.roa (raw, json)
Hash identifier: cTkuqrlknlwHEa4EuSYwdSWtwA3sgNJ/7flTw4UKgh0=
Subject key identifier: 24:B4:89:3A:1E:C4:AB:23:7A:E5:78:8E:35:76:8B:AD:64:5F:AB:B8
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0182AD1B8A1DD884D6A650484A3AD6816453
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JLSJOh7EqyN65XiONXaLrWRfq7g.roa
Signing time: Wed 17 Aug 2022 18:40:39 +0000
ROA not before: Wed 17 Aug 2022 18:40:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5511
IP address blocks: 2a0f:e381::/32 maxlen: 32
2a07:e343::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ad:1b:8a:1d:d8:84:d6:a6:50:48:4a:3a:d6:81:64:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 17 18:40:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b4893a1ec4ab237ae5788e35768bad645fabb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:dc:bd:22:fa:b4:96:b7:1a:4b:7d:f9:8f:
d7:dd:d7:8e:6e:03:aa:80:93:d6:58:07:dc:5a:1f:
c9:4e:d6:d9:e5:22:ee:73:65:c6:99:9a:2b:56:5f:
fe:b0:f4:44:53:9a:fd:bd:6b:3d:5a:cb:39:50:ea:
51:7b:5e:49:ec:e9:29:8f:15:e5:84:9c:67:a0:a1:
09:6d:cd:f2:ab:9d:0d:79:0e:80:7d:e5:1c:c2:05:
07:dd:6c:8c:d1:68:b8:fb:ec:93:09:e2:6b:38:72:
ce:00:e9:db:56:41:b7:d6:e2:46:3c:98:bd:cb:86:
f0:4d:3d:a6:57:bd:48:8e:a1:16:41:52:1f:2d:7c:
3d:d1:0c:3a:cd:90:74:d1:b5:b4:c4:8e:86:fe:77:
97:7c:f6:d9:36:1c:55:27:71:b0:69:c1:74:cb:8c:
13:72:b4:85:71:5f:c9:ad:2a:7d:0d:72:78:ae:30:
81:40:4e:d4:db:6c:ef:6d:96:dc:9d:15:41:2c:64:
82:0f:7a:64:aa:cb:49:44:ba:00:4c:ea:42:76:05:
52:d2:0b:2e:15:4e:bb:78:9c:bc:cd:c8:32:63:f7:
a0:04:70:09:80:80:e9:55:7b:d7:46:10:9a:51:85:
9a:8a:4e:41:e9:76:56:55:89:63:df:33:c7:9b:80:
43:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B4:89:3A:1E:C4:AB:23:7A:E5:78:8E:35:76:8B:AD:64:5F:AB:B8
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JLSJOh7EqyN65XiONXaLrWRfq7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
70:ef:87:6b:0c:a2:98:92:b4:93:90:c8:30:13:95:47:f2:3d:
4f:cd:04:43:65:1a:ad:16:db:10:36:75:e6:9b:af:1d:fc:a6:
75:25:11:d5:2b:d4:43:73:86:84:75:e9:04:f8:6f:f3:ee:47:
47:0b:1e:6f:bc:e6:b1:97:f0:fa:31:c9:d1:eb:25:a8:d4:77:
eb:ee:2a:10:76:5f:4a:c1:f5:26:76:25:33:c8:09:a1:19:f0:
3b:f6:05:20:a0:de:a0:28:8b:ef:ef:4e:76:85:f2:d4:47:69:
07:d6:d8:ab:a6:90:77:80:1c:ce:0d:3d:98:e8:d9:f8:b8:9a:
cb:9b:0e:79:ba:d6:76:d9:4f:32:f7:40:d5:76:a9:62:87:f7:
22:39:11:0d:12:a9:21:b1:5e:c0:f0:bc:cb:ab:17:81:81:df:
11:b4:ea:d5:73:1e:b7:6e:a8:80:46:f6:c1:b5:d5:b7:6b:23:
ef:1d:15:b8:d0:29:b2:76:8f:f8:90:29:19:a3:09:de:53:ad:
29:e8:a8:b1:fd:41:40:b2:f6:e4:9e:8c:87:8a:11:88:8d:c0:
47:36:2f:f2:ee:53:21:6c:68:8e:1b:18:27:50:72:dc:fa:c3:
44:d3:91:04:9f:e3:fb:bb:3f:6f:75:86:e9:2c:68:51:93:7d:
80:f0:7b:1d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKtG4od2ITWplBISjrWgWRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwODE3MTg0MDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI0ODkzYTFlYzRhYjIzN2FlNTc4OGUzNTc2OGJhZDY0NWZhYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLcvSL6tJa3Gkt9+Y/X3deObgOq
gJPWWAfcWh/JTtbZ5SLuc2XGmZorVl/+sPREU5r9vWs9Wss5UOpRe15J7OkpjxXl
hJxnoKEJbc3yq50NeQ6AfeUcwgUH3WyM0Wi4++yTCeJrOHLOAOnbVkG31uJGPJi9
y4bwTT2mV71IjqEWQVIfLXw90Qw6zZB00bW0xI6G/neXfPbZNhxVJ3GwacF0y4wT
crSFcV/JrSp9DXJ4rjCBQE7U22zvbZbcnRVBLGSCD3pkqstJRLoATOpCdgVS0gsu
FU67eJy8zcgyY/egBHAJgIDpVXvXRhCaUYWaik5B6XZWVYlj3zPHm4BDpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCS0iToexKsjeuV4jjV2i61kX6u4MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSkxTSk9oN0VxeU42NVhpT05YYUxyV1JmcTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfjQwMF
ACoP44EwDQYJKoZIhvcNAQELBQADggEBAHDvh2sMopiStJOQyDATlUfyPU/NBENl
Gq0W2xA2deabrx38pnUlEdUr1ENzhoR16QT4b/PuR0cLHm+85rGX8PoxydHrJajU
d+vuKhB2X0rB9SZ2JTPICaEZ8Dv2BSCg3qAoi+/vTnaF8tRHaQfW2KumkHeAHM4N
PZjo2fi4msubDnm61nbZTzL3QNV2qWKH9yI5EQ0SqSGxXsDwvMurF4GB3xG06tVz
HrduqIBG9sG11bdrI+8dFbjQKbJ2j/iQKRmjCd5TrSnoqLH9QUCy9uSejIeKEYiN
wEc2L/LuUyFsaI4bGCdQctz6w0TTkQSf4/u7P291huksaFGTfYDwex0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org