Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8RpFHGAUN3QSUiFzGJNprDG_mUk.roa
File: 8RpFHGAUN3QSUiFzGJNprDG_mUk.roa (raw, json)
Hash identifier: gKGXzvYhCVd7E3+OUYL30M04waaM3omBQQgi9K5PFpA=
Subject key identifier: F1:1A:45:1C:60:14:37:74:12:52:21:73:18:93:69:AC:31:BF:99:49
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 2CFB89
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8RpFHGAUN3QSUiFzGJNprDG_mUk.roa
Signing time: Wed 04 May 2022 12:54:16 +0000
ROA not before: Wed 04 May 2022 12:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205929
IP address blocks: 2a06:89c2:3000::/36 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2947977 (0x2cfb89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: May 4 12:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f11a451c6014377412522173189369ac31bf9949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:93:fc:a5:d7:a5:04:c5:da:24:40:cb:67:4b:
77:f2:d2:37:d4:c7:b4:e8:8d:3a:91:55:24:1e:63:
5f:a2:57:54:56:f5:44:e9:40:a9:f2:b5:1a:d6:b3:
c9:16:44:56:82:c5:01:00:39:00:a4:25:cd:68:f4:
0f:a3:c4:57:ab:a0:bc:de:39:d9:6b:00:f5:9b:37:
2c:79:b9:a8:80:e6:61:d1:5e:8a:69:0a:e1:2c:45:
7a:92:ba:bf:74:e2:f6:69:c1:00:b0:f8:35:81:f2:
30:a1:ab:7a:81:3d:75:7e:f3:53:85:a2:c1:78:62:
92:54:af:83:4e:1a:71:45:f9:7c:51:ab:ec:9c:eb:
21:28:fc:3c:14:41:82:0b:e0:04:74:16:79:fa:79:
f2:c4:98:ef:3d:e1:10:09:8d:24:73:29:34:10:b4:
10:13:e8:30:d0:dc:9e:d2:40:54:0b:21:29:d8:6e:
7a:fc:d2:85:df:29:e9:a6:84:89:74:b5:82:f8:f7:
9b:7d:8f:62:9e:7e:20:6f:a9:0d:a2:f4:e7:96:64:
14:bc:9c:4d:88:cf:16:ab:ab:47:8c:c3:60:ba:bc:
96:a7:d0:d6:42:c5:d2:c0:6a:b1:f1:98:d9:07:f7:
9c:67:c1:d3:1b:2e:8e:be:a2:ad:5c:9b:ac:17:5e:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1A:45:1C:60:14:37:74:12:52:21:73:18:93:69:AC:31:BF:99:49
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8RpFHGAUN3QSUiFzGJNprDG_mUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:89c2:3000::/36
2a06:89c3:5010::/48
Signature Algorithm: sha256WithRSAEncryption
83:ac:26:6c:73:ac:31:c3:97:eb:b9:c3:02:71:85:f5:54:72:
13:47:90:b1:59:93:27:b3:21:20:72:71:65:e5:72:bd:0f:95:
79:5d:f8:e4:6c:8a:3a:4e:18:f4:2f:6b:f2:ce:6c:72:d8:ee:
6a:ca:52:9d:5a:22:f3:5b:da:fd:7c:e4:1f:f1:a3:a5:42:55:
68:35:b4:b4:14:a9:d2:2e:05:f7:d7:e4:73:8e:27:07:02:3e:
b3:a4:de:a6:c7:4f:91:7a:88:08:f3:71:22:9f:08:ea:69:0c:
48:3b:f4:13:22:04:8b:a9:64:cd:c1:d1:f3:fb:05:d7:c9:b0:
8a:69:15:c0:84:c3:2d:e2:06:92:03:ca:2f:ff:e9:de:4f:a1:
56:fc:10:52:0a:89:6e:c3:37:f0:26:ad:6c:43:0a:a9:a6:e9:
a9:bb:09:85:72:d3:7d:ba:01:f7:11:1a:64:e6:00:60:88:f7:
81:1b:64:57:0e:59:84:cf:f6:c8:21:b7:b8:3d:35:54:5c:9b:
fb:2f:f0:50:5d:6c:9c:c4:d3:87:d5:cd:86:b1:84:6b:1f:a0:
7f:ca:46:1f:8f:29:07:ed:d2:8e:2a:3d:bd:a7:60:46:fc:74:
e1:2c:4b:68:5f:77:3e:49:bc:34:97:4f:3e:68:85:73:df:1e:
db:0e:31:2b
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIDLPuJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA4
ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIxOTM4YjkwHhcNMjIwNTA0
MTI1NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMTFhNDUxYzYwMTQz
Nzc0MTI1MjIxNzMxODkzNjlhYzMxYmY5OTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhpP8pdelBMXaJEDLZ0t38tI31Me06I06kVUkHmNfoldUVvVE
6UCp8rUa1rPJFkRWgsUBADkApCXNaPQPo8RXq6C83jnZawD1mzcsebmogOZh0V6K
aQrhLEV6krq/dOL2acEAsPg1gfIwoat6gT11fvNThaLBeGKSVK+DThpxRfl8Uavs
nOshKPw8FEGCC+AEdBZ5+nnyxJjvPeEQCY0kcyk0ELQQE+gw0Nye0kBUCyEp2G56
/NKF3ynppoSJdLWC+PebfY9inn4gb6kNovTnlmQUvJxNiM8Wq6tHjMNguryWp9DW
QsXSwGqx8ZjZB/ecZ8HTGy6OvqKtXJusF17UdQIDAQABo4ICFDCCAhAwHQYDVR0O
BBYEFPEaRRxgFDd0ElIhcxiTaawxv5lJMB8GA1UdIwQYMBaAFAj8qvjRfdGmV5X3
FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4LzEv
OFJwRkhHQVVOM1FTVWlGekdKTnByREdfbVVrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8w
NjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4LzEvQ1B5cS1ORjkwYVpY
bGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCoG
CCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYEKgaJwjADBwAqBonDUBAwDQYJKoZI
hvcNAQELBQADggEBAIOsJmxzrDHDl+u5wwJxhfVUchNHkLFZkyezISBycWXlcr0P
lXld+ORsijpOGPQva/LObHLY7mrKUp1aIvNb2v185B/xo6VCVWg1tLQUqdIuBffX
5HOOJwcCPrOk3qbHT5F6iAjzcSKfCOppDEg79BMiBIupZM3B0fP7BdfJsIppFcCE
wy3iBpIDyi//6d5PoVb8EFIKiW7DN/AmrWxDCqmm6am7CYVy0326AfcRGmTmAGCI
94EbZFcOWYTP9sght7g9NVRcm/sv8FBdbJzE04fVzYaxhGsfoH/KRh+PKQft0o4q
Pb2nYEb8dOEsS2hfdz5JvDSXTz5ohXPfHtsOMSs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:04 2023 by rpki-client on console-fra.rpki-client.org