Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa
File: u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa (raw, json)
Hash identifier: Vvq2tYPuTFjhD1Bj5eNvxdqoBI8LN/NuAUXcSL57sWM=
Subject key identifier: BB:C0:85:B1:63:53:54:B4:3F:7B:28:7B:17:09:4F:66:E7:11:80:4E
Certificate issuer: /CN=7fcf7c648b4a65720adf0066641ac30f5f07a512
Certificate serial: 50D692
Authority key identifier: 7F:CF:7C:64:8B:4A:65:72:0A:DF:00:66:64:1A:C3:0F:5F:07:A5:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f898ZItKZXIK3wBmZBrDD18HpRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa
Signing time: Sat 01 Jan 2022 03:00:10 +0000
ROA not before: Sat 01 Jan 2022 03:00:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:7480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5297810 (0x50d692)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcf7c648b4a65720adf0066641ac30f5f07a512
Validity
Not Before: Jan 1 03:00:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbc085b1635354b43f7b287b17094f66e711804e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ac:19:fe:6f:bd:e0:bb:24:3d:6e:ba:0f:20:
67:d2:a2:76:98:f7:06:37:67:e2:80:54:57:d4:09:
df:1a:d7:07:7c:b4:9c:b3:de:7d:3e:73:5e:93:8b:
e1:76:34:7c:18:c2:aa:8b:e9:76:7d:c5:b0:af:83:
ec:e5:a9:1f:fb:10:e9:c6:f1:be:32:a4:0b:d4:d1:
bf:c6:15:05:0e:1a:91:9b:86:78:81:58:74:bf:bd:
ff:2a:be:3c:0a:1e:b7:0e:75:8e:23:a9:7e:dd:c0:
9a:97:ca:ff:9a:2c:fa:ef:b0:10:9f:7e:c0:3f:d2:
d3:da:b4:b1:87:98:7a:de:29:94:ca:d3:3b:8e:19:
b1:52:7c:b8:ce:cc:bf:3a:3b:cb:bf:02:f8:63:e7:
94:e3:0a:85:a7:26:67:65:b0:27:fa:26:9d:6a:d3:
de:27:82:44:b3:5c:8a:ac:0a:ec:c4:21:2d:c4:58:
f7:5f:7e:ac:ae:1b:08:38:f3:50:93:2b:a6:0a:83:
f8:b3:32:3e:c4:3e:e8:66:82:6f:90:ae:14:64:18:
b2:a4:fc:b6:e6:ec:9d:36:87:10:18:d0:11:6d:38:
78:10:c4:21:ed:fc:4b:9b:da:52:4a:39:27:9a:a5:
0c:67:4b:a3:da:80:6a:29:b3:96:55:b0:59:96:0e:
6f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C0:85:B1:63:53:54:B4:3F:7B:28:7B:17:09:4F:66:E7:11:80:4E
X509v3 Authority Key Identifier:
keyid:7F:CF:7C:64:8B:4A:65:72:0A:DF:00:66:64:1A:C3:0F:5F:07:A5:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f898ZItKZXIK3wBmZBrDD18HpRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/u8CFsWNTVLQ_eyh7FwlPZucRgE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dbdaca-1e15-47c9-8c80-ddaac7f9a72f/1/f898ZItKZXIK3wBmZBrDD18HpRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7480::/29
Signature Algorithm: sha256WithRSAEncryption
90:6d:91:08:66:63:dc:5c:6a:7e:0d:ec:02:3b:3f:4f:1c:8f:
2c:96:af:86:bc:22:38:71:e0:5a:35:3e:de:d4:ed:64:8b:87:
bd:01:d7:54:16:0e:f1:fa:50:d0:84:80:11:a5:55:c4:19:b3:
25:e1:61:ab:af:7c:e6:90:e2:f9:3e:60:84:7a:cc:52:db:ea:
a2:de:1d:b1:46:f7:cd:94:db:3d:fb:c0:83:97:f4:8e:8d:6a:
a2:1d:df:59:2e:51:11:9f:f6:81:58:05:6f:56:ec:2e:53:fd:
5b:91:f4:3d:d8:ca:49:bd:6f:80:ca:9f:48:a9:8c:69:46:26:
c4:db:f6:78:33:53:77:8f:a7:2c:69:f4:0e:a7:bb:b8:58:76:
d5:70:d0:f9:ce:69:9c:74:56:18:12:3e:df:e9:24:eb:71:87:
66:34:d6:3b:19:51:c7:0b:02:bb:e5:38:56:33:8d:38:98:db:
e9:59:e0:d9:c4:e7:e1:a3:8b:f9:4b:c1:5d:66:98:47:02:d9:
63:84:fb:5e:02:f1:3e:4f:05:80:bf:2f:d5:d4:11:ac:f6:f1:
0a:be:e2:c4:8b:68:a8:3a:5b:5c:d7:da:2c:b1:0a:71:96:68:
8b:25:d3:a2:de:bf:53:84:94:ac:4b:8c:3a:ba:97:56:9e:79:
83:84:b5:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDUNaSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdm
Y2Y3YzY0OGI0YTY1NzIwYWRmMDA2NjY0MWFjMzBmNWYwN2E1MTIwHhcNMjIwMTAx
MDMwMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiYmMwODViMTYzNTM1
NGI0M2Y3YjI4N2IxNzA5NGY2NmU3MTE4MDRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiqwZ/m+94LskPW66DyBn0qJ2mPcGN2figFRX1AnfGtcHfLSc
s959PnNek4vhdjR8GMKqi+l2fcWwr4Ps5akf+xDpxvG+MqQL1NG/xhUFDhqRm4Z4
gVh0v73/Kr48Ch63DnWOI6l+3cCal8r/miz677AQn37AP9LT2rSxh5h63imUytM7
jhmxUny4zsy/OjvLvwL4Y+eU4wqFpyZnZbAn+iadatPeJ4JEs1yKrArsxCEtxFj3
X36srhsIOPNQkyumCoP4szI+xD7oZoJvkK4UZBiypPy25uydNocQGNARbTh4EMQh
7fxLm9pSSjknmqUMZ0uj2oBqKbOWVbBZlg5vyQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFLvAhbFjU1S0P3soexcJT2bnEYBOMB8GA1UdIwQYMBaAFH/PfGSLSmVyCt8A
ZmQaww9fB6USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Zjg5OFpJdEtaWElLM3dCbVpCckREMThIcFJJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOC9kYmRhY2EtMWUxNS00N2M5LThjODAtZGRhYWM3ZjlhNzJmLzEv
dThDRnNXTlRWTFFfZXloN0Z3bFBadWNSZ0U0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9k
YmRhY2EtMWUxNS00N2M5LThjODAtZGRhYWM3ZjlhNzJmLzEvZjg5OFpJdEtaWElL
M3dCbVpCckREMThIcFJJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhF0gDANBgkqhkiG9w0BAQsFAAOC
AQEAkG2RCGZj3Fxqfg3sAjs/TxyPLJavhrwiOHHgWjU+3tTtZIuHvQHXVBYO8fpQ
0ISAEaVVxBmzJeFhq6985pDi+T5ghHrMUtvqot4dsUb3zZTbPfvAg5f0jo1qoh3f
WS5REZ/2gVgFb1bsLlP9W5H0PdjKSb1vgMqfSKmMaUYmxNv2eDNTd4+nLGn0Dqe7
uFh21XDQ+c5pnHRWGBI+3+kk63GHZjTWOxlRxwsCu+U4VjONOJjb6Vng2cTn4aOL
+UvBXWaYRwLZY4T7XgLxPk8FgL8v1dQRrPbxCr7ixItoqDpbXNfaLLEKcZZoiyXT
ot6/U4SUrEuMOrqXVp55g4S1YA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-ams.rpki-client.org