Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/R6Eju5cBcgwcr28mACFXO5gSwck.roa
File: R6Eju5cBcgwcr28mACFXO5gSwck.roa (raw, json)
Hash identifier: bgRl/5e0a1vJkUCAEHUYsN8unARQhW9mQtGoT12LwDc=
Subject key identifier: 47:A1:23:BB:97:01:72:0C:1C:AF:6F:26:00:21:57:3B:98:12:C1:C9
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01414146
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/R6Eju5cBcgwcr28mACFXO5gSwck.roa
Signing time: Sat 01 Jan 2022 13:05:38 +0000
ROA not before: Sat 01 Jan 2022 13:05:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 147173
IP address blocks: 2a0e:da40:100::/40 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21053766 (0x1414146)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 13:05:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47a123bb9701720c1caf6f260021573b9812c1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:7d:3b:ce:19:78:62:6f:b9:86:9c:48:ff:
11:c1:12:a9:af:0c:6f:fe:e7:41:a6:28:48:11:4e:
05:12:cc:06:5c:fb:23:86:ee:77:5d:14:35:56:7f:
44:8d:6a:c1:ce:ff:35:9b:f7:c6:83:85:83:4a:c2:
22:4b:e6:d4:44:c8:2e:85:18:ce:4a:14:48:dc:d0:
e7:e5:e8:42:b3:79:97:8f:38:5b:b0:bc:3b:a1:1a:
8d:32:b2:47:9c:2e:d7:d2:76:2f:a0:7d:c6:b1:c6:
e3:72:9f:3e:21:36:8a:8d:97:a1:dd:9b:1d:5e:77:
57:ba:f8:4a:77:80:84:ef:16:1c:4b:9c:07:be:80:
aa:e4:89:16:11:53:e6:15:24:dc:c1:ab:d2:f1:d0:
38:f3:da:4c:98:c5:cd:1a:9f:7e:0e:92:04:04:79:
4c:7f:c1:25:66:36:07:ba:30:61:74:31:c1:fb:4b:
23:3b:ec:be:3d:24:64:47:6e:6f:fb:27:46:19:31:
6d:86:aa:cd:9b:d2:94:93:96:06:2c:64:62:29:42:
d6:a1:83:b2:9a:fa:03:be:bb:08:18:50:ed:05:55:
d6:3f:15:09:3e:2c:34:f0:31:eb:a7:30:90:5f:5e:
af:51:f8:ff:24:7e:ba:00:bf:29:d1:45:b5:3c:59:
fa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A1:23:BB:97:01:72:0C:1C:AF:6F:26:00:21:57:3B:98:12:C1:C9
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/R6Eju5cBcgwcr28mACFXO5gSwck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:100::/40
Signature Algorithm: sha256WithRSAEncryption
46:fa:4f:40:b6:e9:45:2d:5f:bf:6e:86:12:45:7f:8f:dc:d5:
6b:c6:91:9e:07:06:fa:7c:49:dd:34:80:d6:c0:9f:71:91:9c:
1d:e3:3c:65:b2:a4:41:f4:f9:8b:d5:31:ea:c4:9a:24:6f:c8:
a7:09:1f:fe:cf:81:a2:d2:e9:81:de:b8:d3:b7:0e:32:d6:84:
b3:32:d6:7d:b2:a3:39:16:4c:ef:83:02:be:67:b0:a8:49:c1:
50:43:30:56:f7:81:ac:18:ea:f2:35:09:57:06:7e:70:4b:b7:
96:7c:40:15:4e:f1:fe:43:91:c1:ac:12:b4:d5:80:d6:e4:50:
88:12:24:f5:85:39:09:ae:70:1d:96:ec:53:45:77:a6:e2:4e:
0d:69:b6:b8:57:d4:b1:28:11:a0:d8:2a:d7:dd:69:0b:52:4c:
4b:51:79:6d:a0:88:b0:3c:db:6a:35:97:4d:1d:80:89:d4:6e:
d9:28:26:48:24:ca:38:22:6a:a9:41:a7:95:c7:4e:ff:96:08:
99:0c:79:0d:82:bb:a2:3d:71:a1:71:7e:38:0d:8b:d2:72:a0:
74:11:de:4c:93:22:e8:ca:5f:18:24:95:47:bc:2e:b2:06:71:
65:2c:d3:a1:06:f3:48:7b:64:be:d3:5a:7b:50:fa:c7:b3:f3:
d6:b1:8d:75
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAUFBRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDEw
MTEzMDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhMTIzYmI5NzAx
NzIwYzFjYWY2ZjI2MDAyMTU3M2I5ODEyYzFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvnfTvOGXhib7mGnEj/EcESqa8Mb/7nQaYoSBFOBRLMBlz7
I4bud10UNVZ/RI1qwc7/NZv3xoOFg0rCIkvm1ETILoUYzkoUSNzQ5+XoQrN5l484
W7C8O6EajTKyR5wu19J2L6B9xrHG43KfPiE2io2Xod2bHV53V7r4SneAhO8WHEuc
B76AquSJFhFT5hUk3MGr0vHQOPPaTJjFzRqffg6SBAR5TH/BJWY2B7owYXQxwftL
Izvsvj0kZEdub/snRhkxbYaqzZvSlJOWBixkYilC1qGDspr6A767CBhQ7QVV1j8V
CT4sNPAx66cwkF9er1H4/yR+ugC/KdFFtTxZ+ksCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRHoSO7lwFyDByvbyYAIVc7mBLByTAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L1I2RWp1NWNCY2d3Y3IyOG1BQ0ZYTzVnU3djay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoO2kABMA0GCSqGSIb3DQEBCwUA
A4IBAQBG+k9AtulFLV+/boYSRX+P3NVrxpGeBwb6fEndNIDWwJ9xkZwd4zxlsqRB
9PmL1THqxJokb8inCR/+z4Gi0umB3rjTtw4y1oSzMtZ9sqM5FkzvgwK+Z7CoScFQ
QzBW94GsGOryNQlXBn5wS7eWfEAVTvH+Q5HBrBK01YDW5FCIEiT1hTkJrnAdluxT
RXem4k4Naba4V9SxKBGg2CrX3WkLUkxLUXltoIiwPNtqNZdNHYCJ1G7ZKCZIJMo4
ImqpQaeVx07/lgiZDHkNgruiPXGhcX44DYvScqB0Ed5MkyLoyl8YJJVHvC6yBnFl
LNOhBvNIe2S+01p7UPrHs/PWsY11
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-ams.rpki-client.org