Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/thzmZX1JVLh5YlMzwdpoKVuG0NM.roa
File: thzmZX1JVLh5YlMzwdpoKVuG0NM.roa (raw, json)
Hash identifier: 5voOenf70Zrmg9mEAhr1DrbRVYNwW7J2A3hXQ+L5D7w=
Subject key identifier: B6:1C:E6:65:7D:49:54:B8:79:62:53:33:C1:DA:68:29:5B:86:D0:D3
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 042EF2B5
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/thzmZX1JVLh5YlMzwdpoKVuG0NM.roa
Signing time: Tue 19 Apr 2022 20:26:56 +0000
ROA not before: Tue 19 Apr 2022 20:26:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 2a09:9d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70185653 (0x42ef2b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Apr 19 20:26:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b61ce6657d4954b879625333c1da68295b86d0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:71:7d:c8:34:99:f4:66:53:f8:2e:97:0d:72:
4d:9f:46:c8:9f:57:f7:c3:1c:b2:c4:b8:4f:af:1c:
4c:ac:7b:c5:71:90:f4:7c:c4:74:30:47:1d:1d:1a:
e8:58:f4:19:1c:95:24:17:5e:b8:43:94:01:3e:cf:
6c:67:09:d7:e9:e7:4e:17:59:87:b3:dc:72:cf:21:
03:08:97:02:b3:08:85:c5:6e:aa:e6:9b:70:51:e8:
a9:8a:ca:26:d8:e5:63:03:79:24:21:35:03:df:0e:
21:82:7e:8a:f6:b3:d1:8d:8c:07:02:61:1f:97:8e:
de:99:15:4d:32:89:02:df:c9:0b:e3:93:45:02:b6:
74:0c:cf:75:91:0e:09:bc:89:dd:79:1c:67:c8:7e:
55:bf:55:10:ed:04:0c:cb:ac:6a:df:1d:61:ca:47:
41:66:51:ab:1b:1f:1b:d6:41:1b:0c:84:88:02:8c:
b0:8c:a5:21:e4:4a:c9:07:c2:e6:20:8a:5a:fd:c2:
4e:a9:f0:f9:08:71:a0:e2:ab:2e:31:3d:a2:9d:e0:
25:90:54:b4:33:43:8e:de:34:f0:07:55:e5:c1:1f:
8e:5b:d6:bf:81:41:f6:63:ca:cc:fa:ee:2f:be:63:
bd:41:4b:0c:cb:2b:6e:e3:48:02:59:0c:bd:82:c1:
45:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1C:E6:65:7D:49:54:B8:79:62:53:33:C1:DA:68:29:5B:86:D0:D3
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/thzmZX1JVLh5YlMzwdpoKVuG0NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:99:75:9e:6c:8a:09:33:8b:4e:fa:b1:c9:8c:23:64:18:33:
53:f8:cc:12:85:73:dc:ac:be:e9:a0:a5:9f:d9:a4:46:26:b7:
65:19:c8:34:d2:85:82:f8:e3:59:c9:5d:d8:a6:17:3f:6a:05:
c3:5f:64:ac:1e:a6:06:80:bf:b0:2c:23:6d:43:72:04:27:c2:
a1:28:41:de:40:2f:d5:b1:b0:d5:80:74:76:ed:ca:0b:6c:52:
3f:7d:0f:d7:58:48:88:94:95:88:4a:08:67:af:d3:29:c0:9d:
3c:81:6c:3b:4b:18:4b:80:65:2f:1d:e6:7d:01:1d:b4:32:74:
35:95:d9:b1:60:a8:9f:3d:a9:9c:7e:70:a6:0c:de:3a:bc:91:
8f:e4:fa:ed:a8:14:29:39:dd:d8:8d:a0:c0:3e:51:fd:92:24:
2e:ec:0c:bd:c2:88:e9:47:28:8b:a3:c5:6a:3c:73:0e:6b:87:
f2:15:e2:59:c3:b7:f2:0c:ea:87:60:48:3e:5b:49:71:62:a5:
3d:5d:94:11:b0:90:c9:e4:b5:27:4a:8c:3c:0b:9f:e1:cc:fa:
d7:0d:2c:5a:b0:4e:89:a7:a3:a9:d0:9d:f1:ee:6e:1e:8d:26:
2b:77:39:ae:10:62:09:2b:92:5f:3b:81:5a:a1:cc:92:7d:68:
a2:15:9b:98
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBC7ytTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTQzZGFjOGVhNTU2OTM0MzlkZDFiOGI0ODEyYmE3MTgzNGYxMDMxMB4XDTIyMDQx
OTIwMjY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYxY2U2NjU3ZDQ5
NTRiODc5NjI1MzMzYzFkYTY4Mjk1Yjg2ZDBkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZxfcg0mfRmU/gulw1yTZ9GyJ9X98McssS4T68cTKx7xXGQ
9HzEdDBHHR0a6Fj0GRyVJBdeuEOUAT7PbGcJ1+nnThdZh7Pccs8hAwiXArMIhcVu
quabcFHoqYrKJtjlYwN5JCE1A98OIYJ+ivaz0Y2MBwJhH5eO3pkVTTKJAt/JC+OT
RQK2dAzPdZEOCbyJ3XkcZ8h+Vb9VEO0EDMusat8dYcpHQWZRqxsfG9ZBGwyEiAKM
sIylIeRKyQfC5iCKWv3CTqnw+QhxoOKrLjE9op3gJZBUtDNDjt408AdV5cEfjlvW
v4FB9mPKzPruL75jvUFLDMsrbuNIAlkMvYLBRXsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBS2HOZlfUlUuHliUzPB2mgpW4bQ0zAfBgNVHSMEGDAWgBQuQ9rI6lVpNDnd
G4tIErpxg08QMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xrUGF5T3BWYVRRNTNSdUxTQks2Y1lOUEVERS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODZiYTM2LTc4YjgtNDRiYi05ZmI0LTI2YzdjOTYzYTc2OS8x
L3Roem1aWDFKVkxoNVlsTXp3ZHBvS1Z1RzBOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODZiYTM2LTc4YjgtNDRiYi05ZmI0LTI2YzdjOTYzYTc2OS8xL0xrUGF5T3BWYVRR
NTNSdUxTQks2Y1lOUEVERS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoJnQAwDQYJKoZIhvcNAQELBQAD
ggEBAJyZdZ5sigkzi076scmMI2QYM1P4zBKFc9ysvumgpZ/ZpEYmt2UZyDTShYL4
41nJXdimFz9qBcNfZKwepgaAv7AsI21DcgQnwqEoQd5AL9WxsNWAdHbtygtsUj99
D9dYSIiUlYhKCGev0ynAnTyBbDtLGEuAZS8d5n0BHbQydDWV2bFgqJ89qZx+cKYM
3jq8kY/k+u2oFCk53diNoMA+Uf2SJC7sDL3CiOlHKIujxWo8cw5rh/IV4lnDt/IM
6odgSD5bSXFipT1dlBGwkMnktSdKjDwLn+HM+tcNLFqwTomno6nQnfHubh6NJit3
Oa4QYgkrkl87gVqhzJJ9aKIVm5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org