Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/0iyED9yDRmVZAbITQ5Glk5Jk7N0.roa
File: 0iyED9yDRmVZAbITQ5Glk5Jk7N0.roa (raw, json)
Hash identifier: iSzv4ig3xRl/Jy+DWS1xQsb7vFkNopChCkuosSNMc6s=
Subject key identifier: D2:2C:84:0F:DC:83:46:65:59:01:B2:13:43:91:A5:93:92:64:EC:DD
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 08E022F8
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/0iyED9yDRmVZAbITQ5Glk5Jk7N0.roa
Signing time: Mon 21 Mar 2022 12:05:33 +0000
ROA not before: Mon 21 Mar 2022 12:05:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207252
IP address blocks: 2a0f:5707:ab90::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148906744 (0x8e022f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Mar 21 12:05:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d22c840fdc8346655901b2134391a5939264ecdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:39:ea:5e:64:74:27:4f:1a:d7:8f:d1:d9:bc:
48:c2:e8:fb:3c:ea:57:1f:0d:bc:21:b3:26:0f:8e:
c6:ca:2e:22:6f:d1:06:be:40:ff:a0:cb:c0:0c:d2:
5e:6e:b8:f4:29:6f:c9:48:00:6e:db:e5:62:42:61:
b9:05:8b:64:80:80:89:96:db:e2:9e:00:74:97:d1:
0e:33:f6:03:bb:23:87:98:73:6e:2f:44:68:01:4d:
0a:51:e2:0e:38:c9:1e:31:45:27:3a:20:0f:71:81:
d4:f6:19:8c:10:0e:64:d7:54:fe:02:2c:99:7c:66:
f3:4e:8f:56:71:d8:a2:04:e0:c1:bf:42:31:9e:94:
e9:6c:c8:f2:57:89:ab:98:2f:91:af:7b:fd:ce:9c:
bd:61:f1:c2:72:58:fe:75:80:14:9e:29:fa:32:d7:
e1:7c:40:15:62:74:9d:b9:cc:f3:ce:3d:d4:05:42:
13:a7:03:85:f0:05:ad:16:d1:c8:55:39:08:d6:6c:
a8:c0:e7:79:b7:31:89:7b:5e:ba:ee:23:fa:ff:cb:
e1:60:3e:e8:6c:7b:0e:d9:78:7b:4d:2a:3c:4b:8d:
24:e4:ec:1b:44:72:24:60:d6:bc:75:fc:1a:8a:5e:
eb:8a:4e:c0:63:ab:a7:13:0b:7d:a0:fd:a8:60:cc:
b6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2C:84:0F:DC:83:46:65:59:01:B2:13:43:91:A5:93:92:64:EC:DD
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/0iyED9yDRmVZAbITQ5Glk5Jk7N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ab90::/44
Signature Algorithm: sha256WithRSAEncryption
7e:85:c6:8a:34:7c:93:0f:9f:5c:0f:6b:21:bd:80:92:51:2d:
b3:cf:a6:18:98:fd:e4:0e:fe:92:02:0d:4c:e4:be:d7:ed:2e:
38:78:aa:43:8c:6f:1e:8a:98:cf:86:d0:aa:bd:b1:51:35:79:
b0:5b:51:f3:03:9e:69:76:cc:5b:44:8c:f6:3e:6f:37:17:69:
86:42:45:3e:1e:13:16:63:ea:73:c4:4a:99:97:a8:a9:b1:63:
43:8b:6c:f6:73:04:e2:1a:20:7f:46:9c:99:35:06:fb:b4:ac:
31:85:b1:2b:36:84:35:dd:f0:12:c7:b5:c8:3e:13:c8:eb:f0:
ea:50:91:33:51:91:08:cd:f4:88:2e:06:97:64:82:fc:3f:00:
cf:a9:04:f4:3f:3d:5c:12:b1:e2:a0:17:e3:73:7e:9a:23:cc:
fc:f7:d1:17:d5:4d:24:a1:68:f3:dc:10:11:3c:8f:7a:91:fa:
2e:ce:6f:bb:33:6d:38:ab:2c:e7:dc:ba:75:79:a9:cb:e9:6c:
65:14:40:a7:77:ec:5b:39:0b:39:c6:84:cb:c0:06:19:25:aa:
52:39:9b:66:52:4a:0a:52:9e:ad:06:7f:06:bc:97:e3:e3:6f:
47:61:d1:9c:24:24:dc:5b:e1:77:72:16:43:14:00:d7:89:e4:
14:de:fa:52
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECOAi+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTY0NGMxMTU2ODUxODAzZjM3YWRlZWMwODc2Y2NmOTg5ZDVhZWYwMB4XDTIyMDMy
MTEyMDUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIyYzg0MGZkYzgz
NDY2NTU5MDFiMjEzNDM5MWE1OTM5MjY0ZWNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKU56l5kdCdPGteP0dm8SMLo+zzqVx8NvCGzJg+OxsouIm/R
Br5A/6DLwAzSXm649ClvyUgAbtvlYkJhuQWLZICAiZbb4p4AdJfRDjP2A7sjh5hz
bi9EaAFNClHiDjjJHjFFJzogD3GB1PYZjBAOZNdU/gIsmXxm806PVnHYogTgwb9C
MZ6U6WzI8leJq5gvka97/c6cvWHxwnJY/nWAFJ4p+jLX4XxAFWJ0nbnM88491AVC
E6cDhfAFrRbRyFU5CNZsqMDnebcxiXteuu4j+v/L4WA+6Gx7Dtl4e00qPEuNJOTs
G0RyJGDWvHX8Gope64pOwGOrpxMLfaD9qGDMtpECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTSLIQP3INGZVkBshNDkaWTkmTs3TAfBgNVHSMEGDAWgBRKZEwRVoUYA/N6
3uwIdsz5idWu8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NtUk1FVmFGR0FQemV0N3NDSGJNLVluVnJ2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNmIwNzk4LTNkNGYtNDBlNi1iNzM5LWNjMWM5YjVmNjY0MC8x
LzBpeUVEOXlEUm1WWkFiSVRRNUdsazVKazdOMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NmIwNzk4LTNkNGYtNDBlNi1iNzM5LWNjMWM5YjVmNjY0MC8xL1NtUk1FVmFGR0FQ
emV0N3NDSGJNLVluVnJ2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoPVwerkDANBgkqhkiG9w0BAQsF
AAOCAQEAfoXGijR8kw+fXA9rIb2AklEts8+mGJj95A7+kgINTOS+1+0uOHiqQ4xv
HoqYz4bQqr2xUTV5sFtR8wOeaXbMW0SM9j5vNxdphkJFPh4TFmPqc8RKmZeoqbFj
Q4ts9nME4hogf0acmTUG+7SsMYWxKzaENd3wEse1yD4TyOvw6lCRM1GRCM30iC4G
l2SC/D8Az6kE9D89XBKx4qAX43N+miPM/PfRF9VNJKFo89wQETyPepH6Ls5vuzNt
OKss59y6dXmpy+lsZRRAp3fsWzkLOcaEy8AGGSWqUjmbZlJKClKerQZ/BryX4+Nv
R2HRnCQk3Fvhd3IWQxQA14nkFN76Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org