Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/IMcRu45jzwD9NKh3FrOwZ67b9TI.roa
File: IMcRu45jzwD9NKh3FrOwZ67b9TI.roa (raw, json)
Hash identifier: Sl4t7tYSn1p1sshtoLVRSgVUP1oA+cNd9Tr2qMO3LRo=
Subject key identifier: 20:C7:11:BB:8E:63:CF:00:FD:34:A8:77:16:B3:B0:67:AE:DB:F5:32
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01441D38
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/IMcRu45jzwD9NKh3FrOwZ67b9TI.roa
Signing time: Sat 01 Jan 2022 13:05:39 +0000
ROA not before: Sat 01 Jan 2022 13:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211066
IP address blocks: 2a0e:da40:10::/44 maxlen: 128
2a0e:da40:da40::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21241144 (0x1441d38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 13:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20c711bb8e63cf00fd34a87716b3b067aedbf532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e7:2a:39:69:ed:01:95:c6:e2:26:61:8e:47:
f4:25:83:5c:c8:ca:ee:b4:41:14:bc:7e:c7:3e:bd:
04:3c:6e:a0:1c:a7:4e:43:ac:13:d5:cc:53:15:c0:
3a:ff:24:40:05:3b:41:67:be:08:fe:26:24:ba:eb:
6c:69:6f:49:13:0e:16:64:9a:86:4f:89:18:0c:44:
58:c5:e4:1a:f0:78:8c:62:15:6e:df:5f:aa:c2:18:
85:5d:4b:69:9b:8b:a2:c9:ff:de:cc:55:f1:35:de:
73:6a:95:a5:e8:1a:46:21:6e:7d:60:ba:94:94:b9:
7a:8a:5f:3a:d7:e0:80:84:fe:f0:73:1b:d4:46:f4:
39:4a:7c:0c:40:59:c6:ca:e0:a5:5f:ed:5b:8c:3c:
83:10:a1:1a:32:35:4b:ae:ff:a2:49:15:f5:84:8d:
c8:4c:00:53:18:e1:9c:10:c9:38:30:16:01:de:e1:
6f:7b:f2:37:dd:cb:91:58:4e:64:87:15:a8:22:75:
18:0b:9a:aa:72:b3:da:3e:e4:d5:25:fc:0d:bf:f0:
39:6b:49:32:6f:4f:19:14:7f:af:28:5b:6e:db:d2:
ac:ba:58:03:c5:2e:d7:5e:cc:e2:02:93:e5:b2:d3:
51:61:b0:3e:14:84:82:56:c6:20:1f:de:6a:b4:42:
9d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C7:11:BB:8E:63:CF:00:FD:34:A8:77:16:B3:B0:67:AE:DB:F5:32
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/IMcRu45jzwD9NKh3FrOwZ67b9TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:10::/44
2a0e:da40:da40::/48
Signature Algorithm: sha256WithRSAEncryption
40:05:4e:f1:2f:14:12:37:5b:b7:cc:eb:db:c4:65:32:47:b1:
c7:73:8c:6d:2d:17:bf:62:e6:ad:9d:6a:5e:f6:2a:fb:7d:99:
2f:1e:79:ae:77:1b:b2:e6:70:a4:57:ee:b8:60:f6:10:34:2c:
37:a2:d6:cd:d3:8d:40:7c:dd:41:42:62:16:d3:0b:8a:fe:03:
ec:6b:39:9e:1a:37:73:0f:31:77:96:79:bb:d5:8b:c6:b1:ee:
d1:9e:15:c3:99:62:39:e3:33:45:14:cb:28:ef:e7:16:27:93:
50:b9:7b:9f:82:9e:7b:67:c6:60:f1:e0:97:1e:f1:59:e2:bb:
2b:d0:c0:8c:d5:1b:cd:c3:dc:7f:7f:57:05:98:f5:f9:cd:63:
9f:3b:17:1f:37:ab:c7:5a:be:1e:65:ea:f9:2d:47:37:ef:ef:
74:e5:f1:e5:de:af:91:51:b0:c9:91:20:74:59:39:fe:d1:ac:
22:3e:97:da:cf:b8:11:ff:99:19:15:cb:e9:1d:09:9b:6f:f0:
cf:45:24:c1:60:ec:99:a3:53:2a:cb:a1:9f:b7:77:4b:7f:79:
09:93:7d:a2:b4:69:b1:fd:10:30:89:6d:b2:b8:d9:50:02:01:
0a:65:6e:3d:00:d8:6c:56:96:d3:af:9e:69:76:ba:88:e8:bb:
98:c1:4c:f5
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAUQdODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDEw
MTEzMDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBjNzExYmI4ZTYz
Y2YwMGZkMzRhODc3MTZiM2IwNjdhZWRiZjUzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7nKjlp7QGVxuImYY5H9CWDXMjK7rRBFLx+xz69BDxuoByn
TkOsE9XMUxXAOv8kQAU7QWe+CP4mJLrrbGlvSRMOFmSahk+JGAxEWMXkGvB4jGIV
bt9fqsIYhV1LaZuLosn/3sxV8TXec2qVpegaRiFufWC6lJS5eopfOtfggIT+8HMb
1Eb0OUp8DEBZxsrgpV/tW4w8gxChGjI1S67/okkV9YSNyEwAUxjhnBDJODAWAd7h
b3vyN93LkVhOZIcVqCJ1GAuaqnKz2j7k1SX8Db/wOWtJMm9PGRR/ryhbbtvSrLpY
A8Uu117M4gKT5bLTUWGwPhSEglbGIB/earRCnW0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQgxxG7jmPPAP00qHcWs7Bnrtv1MjAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L0lNY1J1NDVqendEOU5LaDNGck93WjY3YjlUSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoO2kAAEAMHACoO2kDaQDANBgkq
hkiG9w0BAQsFAAOCAQEAQAVO8S8UEjdbt8zr28RlMkexx3OMbS0Xv2LmrZ1qXvYq
+32ZLx55rncbsuZwpFfuuGD2EDQsN6LWzdONQHzdQUJiFtMLiv4D7Gs5nho3cw8x
d5Z5u9WLxrHu0Z4Vw5liOeMzRRTLKO/nFieTULl7n4Kee2fGYPHglx7xWeK7K9DA
jNUbzcPcf39XBZj1+c1jnzsXHzerx1q+HmXq+S1HN+/vdOXx5d6vkVGwyZEgdFk5
/tGsIj6X2s+4Ef+ZGRXL6R0Jm2/wz0UkwWDsmaNTKsuhn7d3S395CZN9orRpsf0Q
MIltsrjZUAIBCmVuPQDYbFaW06+eaXa6iOi7mMFM9Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-ams.rpki-client.org