Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/nHG3Bs818i4GwudHSOVBxF3zOHI.roa
File: nHG3Bs818i4GwudHSOVBxF3zOHI.roa (raw, json)
Hash identifier: +wVEyW1hdTvkyLW4zYd8JZzcS2d7q1/WpqixeiUHwdY=
Subject key identifier: 9C:71:B7:06:CF:35:F2:2E:06:C2:E7:47:48:E5:41:C4:5D:F3:38:72
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0809D65E
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/nHG3Bs818i4GwudHSOVBxF3zOHI.roa
Signing time: Sat 01 Jan 2022 06:55:50 +0000
ROA not before: Sat 01 Jan 2022 06:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206499
IP address blocks: 2a0f:5700::/32 maxlen: 48
2a0f:5701::/32 maxlen: 48
2a0f:5701::/33 maxlen: 33
2a0f:5701::/34 maxlen: 34
2a0f:5701:fe10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134862430 (0x809d65e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 06:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c71b706cf35f22e06c2e74748e541c45df33872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:34:2e:d8:83:09:ad:75:9b:71:68:93:dc:
62:77:58:9e:d3:f8:42:9d:6c:fc:1e:67:e5:21:ea:
3c:58:09:6e:45:79:12:23:9e:c7:ea:54:5e:be:d4:
c6:6f:b1:c2:7b:48:90:d9:9f:d8:ef:cc:3d:62:33:
80:1e:1f:65:df:32:71:ba:20:61:33:5b:6b:e9:c4:
a7:cd:cc:5e:36:d8:02:6e:b7:85:49:31:37:cb:b7:
eb:b6:d5:dd:c0:1c:98:22:90:b3:ca:52:eb:6a:47:
69:0c:0a:ef:0f:f1:af:19:79:3e:34:1a:b1:7e:0e:
25:b1:a6:61:ff:65:59:45:e8:0f:46:0c:d7:34:17:
26:46:85:b1:41:ba:71:6e:32:7c:50:2e:13:c0:ac:
bf:67:bf:d5:73:06:ff:41:04:fc:80:b4:90:dd:3d:
e5:43:a2:84:09:4f:15:fe:1c:dd:6a:7d:6e:3b:09:
c7:30:e8:10:63:6a:d1:fd:7d:2f:79:8e:48:f9:1d:
24:df:e5:d7:18:3d:78:5d:08:b3:46:88:9c:3c:9e:
f6:80:3e:d6:c4:96:06:22:87:f2:c8:44:73:f5:fb:
5f:80:31:30:19:a2:92:24:ee:4c:e7:87:0c:68:dc:
a3:36:f5:ef:b5:80:0f:22:3a:ed:bb:6c:1c:bf:da:
f4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:71:B7:06:CF:35:F2:2E:06:C2:E7:47:48:E5:41:C4:5D:F3:38:72
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/nHG3Bs818i4GwudHSOVBxF3zOHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5700::/31
Signature Algorithm: sha256WithRSAEncryption
b4:c0:ee:bb:1b:93:70:29:b3:99:53:99:1b:be:2f:e6:76:fb:
51:ec:ce:40:ec:55:a2:bd:bd:e6:39:d7:e2:92:ab:cc:27:62:
c5:c7:f3:55:68:d2:89:16:09:ae:59:60:b5:db:d5:3c:82:a0:
c1:2f:d9:68:c6:e9:05:b8:6d:84:7c:c5:2d:02:e1:a6:d6:45:
c9:c5:d8:f0:96:c3:07:d2:70:a3:42:b7:7f:65:32:fa:2a:b0:
d1:a9:d7:53:a9:0f:bc:22:69:cf:02:03:4d:2d:27:7f:34:6e:
2f:63:7b:10:f0:cd:ef:42:0b:07:03:d4:d9:af:aa:1f:3e:ac:
b1:58:b6:65:9c:ae:1a:fd:fe:e5:35:90:4b:51:b4:fe:27:d8:
d4:3d:6f:d0:c4:b2:86:51:60:34:75:4c:a4:cb:76:e6:8d:ea:
75:ae:8c:0c:70:6b:ce:97:16:78:75:56:79:fd:f2:b9:72:a7:
7f:ae:a3:fe:ab:bb:35:d6:90:ea:53:ac:56:06:fe:25:6a:dd:
96:7c:d9:a2:a5:00:3d:e6:4a:58:36:c8:63:0b:08:de:57:ed:
65:2d:54:b7:38:0b:fe:9c:64:20:16:38:25:3f:7d:02:d6:93:
59:e1:86:e5:42:30:32:37:06:5d:32:96:fe:1f:78:69:49:6f:
b3:7f:df:52
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECAnWXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTY0NGMxMTU2ODUxODAzZjM3YWRlZWMwODc2Y2NmOTg5ZDVhZWYwMB4XDTIyMDEw
MTA2NTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM3MWI3MDZjZjM1
ZjIyZTA2YzJlNzQ3NDhlNTQxYzQ1ZGYzMzg3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2YNC7YgwmtdZtxaJPcYndYntP4Qp1s/B5n5SHqPFgJbkV5
EiOex+pUXr7Uxm+xwntIkNmf2O/MPWIzgB4fZd8ycbogYTNba+nEp83MXjbYAm63
hUkxN8u367bV3cAcmCKQs8pS62pHaQwK7w/xrxl5PjQasX4OJbGmYf9lWUXoD0YM
1zQXJkaFsUG6cW4yfFAuE8Csv2e/1XMG/0EE/IC0kN095UOihAlPFf4c3Wp9bjsJ
xzDoEGNq0f19L3mOSPkdJN/l1xg9eF0Is0aInDye9oA+1sSWBiKH8shEc/X7X4Ax
MBmikiTuTOeHDGjcozb177WADyI67btsHL/a9DUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSccbcGzzXyLgbC50dI5UHEXfM4cjAfBgNVHSMEGDAWgBRKZEwRVoUYA/N6
3uwIdsz5idWu8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NtUk1FVmFGR0FQemV0N3NDSGJNLVluVnJ2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNmIwNzk4LTNkNGYtNDBlNi1iNzM5LWNjMWM5YjVmNjY0MC8x
L25IRzNCczgxOGk0R3d1ZEhTT1ZCeEYzek9ISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NmIwNzk4LTNkNGYtNDBlNi1iNzM5LWNjMWM5YjVmNjY0MC8xL1NtUk1FVmFGR0FQ
emV0N3NDSGJNLVluVnJ2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFASoPVwAwDQYJKoZIhvcNAQELBQAD
ggEBALTA7rsbk3Aps5lTmRu+L+Z2+1HszkDsVaK9veY51+KSq8wnYsXH81Vo0okW
Ca5ZYLXb1TyCoMEv2WjG6QW4bYR8xS0C4abWRcnF2PCWwwfScKNCt39lMvoqsNGp
11OpD7wiac8CA00tJ380bi9jexDwze9CCwcD1Nmvqh8+rLFYtmWcrhr9/uU1kEtR
tP4n2NQ9b9DEsoZRYDR1TKTLduaN6nWujAxwa86XFnh1Vnn98rlyp3+uo/6ruzXW
kOpTrFYG/iVq3ZZ82aKlAD3mSlg2yGMLCN5X7WUtVLc4C/6cZCAWOCU/fQLWk1nh
huVCMDI3Bl0ylv4feGlJb7N/31I=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:49 2023 by rpki-client on console-ams.rpki-client.org