Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/9xrbBfjJFDvYIi1yGWjPMH6v1MU.roa
File: 9xrbBfjJFDvYIi1yGWjPMH6v1MU.roa (raw, json)
Hash identifier: zQdAiYkEi2MFHjhsFEIY1M95OSsSnlFhIUnT5wm0Kzs=
Subject key identifier: F7:1A:DB:05:F8:C9:14:3B:D8:22:2D:72:19:68:CF:30:7E:AF:D4:C5
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 06077A4E
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/9xrbBfjJFDvYIi1yGWjPMH6v1MU.roa
Signing time: Sat 01 Jan 2022 16:01:25 +0000
ROA not before: Sat 01 Jan 2022 16:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211766
IP address blocks: 2a0d:f407:1026::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101153358 (0x6077a4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 16:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f71adb05f8c9143bd8222d721968cf307eafd4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:73:83:71:5c:d1:f5:8b:9f:2a:c5:37:38:
1a:9d:17:8e:ea:33:07:b4:90:1e:39:19:d9:50:5a:
9c:cb:c1:95:d2:63:3b:3d:1a:12:5b:05:7f:c3:53:
a6:8f:e0:bd:0b:fc:f6:96:8c:e6:3b:45:1b:20:9c:
0f:d7:98:39:92:08:da:ce:41:35:f0:d6:f6:b0:4f:
81:70:03:94:bf:7c:57:a1:3d:9d:f6:ba:e4:55:37:
f6:12:c0:8c:cc:83:09:5b:22:e1:89:91:5e:5a:fc:
01:a9:62:68:4f:77:d1:3b:82:c5:9e:9e:c1:d1:d0:
ad:2d:4d:58:c6:44:d3:de:84:69:9a:6f:b0:3d:8c:
f4:96:86:ed:92:8e:b4:c6:96:38:6f:b2:67:50:f4:
70:2b:96:8f:d7:f1:97:d9:c5:59:8b:fb:60:22:fe:
9c:92:a1:c1:e7:b1:7f:9c:6a:3d:f9:da:d4:5a:13:
17:d7:e7:9b:67:84:cb:07:b6:9f:8a:ea:71:3c:bf:
e4:bf:2e:fe:b5:5d:4f:da:1f:ae:f4:1f:fa:e4:3e:
06:cd:f4:23:ce:72:45:68:5b:b6:80:28:25:1e:2b:
68:c6:56:5e:28:89:d3:fb:76:a1:44:83:c7:25:66:
b1:a9:5a:0b:80:9b:d5:5d:86:c7:d2:5c:a9:f4:78:
d7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1A:DB:05:F8:C9:14:3B:D8:22:2D:72:19:68:CF:30:7E:AF:D4:C5
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/9xrbBfjJFDvYIi1yGWjPMH6v1MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:1026::/48
Signature Algorithm: sha256WithRSAEncryption
89:8a:0d:b4:ad:37:b3:1f:ea:38:62:3d:85:01:a0:aa:05:4b:
c7:fc:30:82:97:7d:df:d8:8d:6c:be:91:f4:84:16:de:0b:08:
d3:27:c9:ae:2b:83:5c:f7:ff:1b:d0:24:05:8c:a0:84:bf:66:
87:ee:c3:7b:db:b5:28:2c:e5:6d:9d:43:ac:da:66:4d:e2:6c:
cd:0a:ca:19:2b:f3:44:fa:37:06:16:c3:be:0f:ef:92:5a:3d:
90:39:5f:bb:9e:44:ec:f4:1f:45:6e:b1:a2:81:b1:1e:bd:5d:
82:84:3a:16:ce:e3:1f:99:14:23:68:24:d0:9c:c1:1d:c0:4f:
26:de:ac:5a:c2:bc:d4:d8:be:8b:ca:8e:c4:fb:6e:b4:77:54:
88:18:c1:f8:dd:f9:ba:06:dd:c8:54:24:5b:d2:74:6c:1b:e4:
04:e7:8b:d7:4a:2b:b1:7f:93:9c:ae:c3:9b:ae:94:57:06:07:
28:a9:37:ab:d9:08:b2:c5:e2:a5:56:35:2f:d4:c1:18:2c:6b:
52:57:0b:ed:24:25:08:e3:52:81:07:14:85:16:c0:b9:1a:4d:
39:10:c0:d3:33:6d:ec:7f:57:a2:b5:96:0b:cb:ad:4e:a1:fd:
57:1a:78:12:33:0c:1b:b7:f8:73:04:a4:c0:96:da:72:ee:81:
13:19:10:b8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBgd6TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDEw
MTE2MDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcxYWRiMDVmOGM5
MTQzYmQ4MjIyZDcyMTk2OGNmMzA3ZWFmZDRjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8/c4NxXNH1i58qxTc4Gp0XjuozB7SQHjkZ2VBanMvBldJj
Oz0aElsFf8NTpo/gvQv89paM5jtFGyCcD9eYOZII2s5BNfDW9rBPgXADlL98V6E9
nfa65FU39hLAjMyDCVsi4YmRXlr8AaliaE930TuCxZ6ewdHQrS1NWMZE096EaZpv
sD2M9JaG7ZKOtMaWOG+yZ1D0cCuWj9fxl9nFWYv7YCL+nJKhweexf5xqPfna1FoT
F9fnm2eEywe2n4rqcTy/5L8u/rVdT9ofrvQf+uQ+Bs30I85yRWhbtoAoJR4raMZW
XiiJ0/t2oUSDxyVmsalaC4Cb1V2Gx9JcqfR4170CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT3GtsF+MkUO9giLXIZaM8wfq/UxTAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
Lzl4cmJCZmpKRkR2WUlpMXlHV2pQTUg2djFNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN9AcQJjANBgkqhkiG9w0BAQsF
AAOCAQEAiYoNtK03sx/qOGI9hQGgqgVLx/wwgpd939iNbL6R9IQW3gsI0yfJriuD
XPf/G9AkBYyghL9mh+7De9u1KCzlbZ1DrNpmTeJszQrKGSvzRPo3BhbDvg/vklo9
kDlfu55E7PQfRW6xooGxHr1dgoQ6Fs7jH5kUI2gk0JzBHcBPJt6sWsK81Ni+i8qO
xPtutHdUiBjB+N35ugbdyFQkW9J0bBvkBOeL10orsX+TnK7Dm66UVwYHKKk3q9kI
ssXipVY1L9TBGCxrUlcL7SQlCONSgQcUhRbAuRpNORDA0zNt7H9XorWWC8utTqH9
Vxp4EjMMG7f4cwSkwJbacu6BExkQuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org