Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b5ea59-b5a9-4c48-ae02-1df65a07630f/1/0cpPR7LqOck18uB_qP-ds102h8Y.roa
File: 0cpPR7LqOck18uB_qP-ds102h8Y.roa (raw, json)
Hash identifier: NuVQgTzNMopjiXmWadsJHAjrxMjEB52svhnZ4qmufqs=
Subject key identifier: D1:CA:4F:47:B2:EA:39:C9:35:F2:E0:7F:A8:FF:9D:B3:5D:36:87:C6
Certificate issuer: /CN=e7eb26291b9e9ab5afc88ed76d3af81a907e5f9f
Certificate serial: 018237110D7F319BADC263F5DE228B09B78D
Authority key identifier: E7:EB:26:29:1B:9E:9A:B5:AF:C8:8E:D7:6D:3A:F8:1A:90:7E:5F:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5-smKRuemrWvyI7XbTr4GpB-X58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b5ea59-b5a9-4c48-ae02-1df65a07630f/1/0cpPR7LqOck18uB_qP-ds102h8Y.roa
Signing time: Mon 25 Jul 2022 20:34:00 +0000
ROA not before: Mon 25 Jul 2022 20:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:9c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:11:0d:7f:31:9b:ad:c2:63:f5:de:22:8b:09:b7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7eb26291b9e9ab5afc88ed76d3af81a907e5f9f
Validity
Not Before: Jul 25 20:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1ca4f47b2ea39c935f2e07fa8ff9db35d3687c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:79:2e:21:ee:44:2b:ba:20:dd:ad:97:f1:
de:72:c3:ec:2b:9f:5d:72:8e:a9:62:2e:a6:d1:ee:
72:c9:14:2f:21:d0:2d:4a:c7:52:07:2a:77:c8:30:
60:05:6d:4a:ed:cd:14:19:16:0d:b3:44:79:28:5b:
9e:42:73:d2:b9:50:90:d3:27:ed:71:af:aa:d3:88:
bd:4d:fd:e3:52:b7:bb:0b:de:d4:0b:8e:c4:2c:34:
bc:c1:c7:97:3c:94:ae:da:d5:cb:5c:fe:29:fe:36:
a0:6d:9e:c1:40:6e:9d:3c:59:1a:8d:28:04:00:45:
49:c0:64:5a:79:66:43:da:16:66:95:41:a3:1e:6b:
97:a4:93:1f:c1:73:43:0c:5a:7b:08:c5:50:7d:f7:
68:6a:7c:53:df:57:62:6a:06:b0:3d:a4:52:98:35:
3f:14:b2:ba:e6:b6:82:3a:b0:74:5e:7b:f9:62:87:
72:20:d0:1c:39:ca:7d:7d:70:ef:54:8d:59:cd:91:
43:3b:e0:f1:94:9b:8f:1c:83:83:ce:bd:37:8f:75:
7d:f4:45:46:37:a0:4a:a3:23:b9:5e:11:61:f5:02:
39:ee:41:8a:27:0b:f1:2c:ec:52:ff:4e:d1:a7:fe:
4f:65:b2:e5:06:0b:65:10:36:0f:1d:4c:fb:3b:17:
c6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CA:4F:47:B2:EA:39:C9:35:F2:E0:7F:A8:FF:9D:B3:5D:36:87:C6
X509v3 Authority Key Identifier:
keyid:E7:EB:26:29:1B:9E:9A:B5:AF:C8:8E:D7:6D:3A:F8:1A:90:7E:5F:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-smKRuemrWvyI7XbTr4GpB-X58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5ea59-b5a9-4c48-ae02-1df65a07630f/1/0cpPR7LqOck18uB_qP-ds102h8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5ea59-b5a9-4c48-ae02-1df65a07630f/1/5-smKRuemrWvyI7XbTr4GpB-X58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c40::/29
Signature Algorithm: sha256WithRSAEncryption
66:1c:00:ec:c1:c2:32:d3:64:3a:3b:6a:13:22:5b:dd:12:ca:
95:93:16:40:f1:be:38:de:96:45:63:c3:79:59:50:76:17:7e:
ae:b3:89:20:69:fa:1d:18:ed:fd:7f:ca:91:f3:d2:37:41:35:
31:ef:ed:0b:93:51:1b:48:97:5b:1f:e1:4b:4a:f2:ea:cc:97:
d0:98:e5:54:98:2f:94:82:ae:f9:6b:88:af:2b:b4:21:69:61:
6c:dd:d5:57:34:45:c2:fe:98:19:c5:a4:4c:1b:30:c8:45:f5:
01:2c:8e:b6:14:94:c1:ce:4d:31:94:07:61:2f:4c:c0:ad:b9:
ef:62:c6:6d:2f:93:15:7f:ef:b8:dc:37:40:3b:7b:ba:d9:71:
d6:2a:e8:36:4e:89:1f:be:86:4f:84:c8:aa:e1:64:ad:75:42:
3d:13:0b:05:10:d3:d7:a8:3d:f5:86:7b:d1:ba:68:8c:4c:5b:
a9:ea:3e:77:dd:fc:1c:88:36:b9:2d:f7:99:eb:31:78:ba:ef:
5b:f0:af:de:1c:f1:de:90:8a:11:6c:5d:f6:0c:be:1e:1c:96:
5a:14:6c:72:3e:95:8e:2c:b4:cb:49:d1:cd:57:ab:b2:c7:d5:
42:13:a8:0a:4d:6a:8c:89:13:fd:48:04:4a:d5:4c:13:d9:41:
3c:4a:d7:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3EQ1/MZutwmP13iKLCbeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZWIyNjI5MWI5ZTlhYjVhZmM4OGVkNzZkM2FmODFhOTA3
ZTVmOWYwHhcNMjIwNzI1MjAzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNhNGY0N2IyZWEzOWM5MzVmMmUwN2ZhOGZmOWRiMzVkMzY4N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyh5LiHuRCu6IN2tl/HecsPsK59d
co6pYi6m0e5yyRQvIdAtSsdSByp3yDBgBW1K7c0UGRYNs0R5KFueQnPSuVCQ0yft
ca+q04i9Tf3jUre7C97UC47ELDS8wceXPJSu2tXLXP4p/jagbZ7BQG6dPFkajSgE
AEVJwGRaeWZD2hZmlUGjHmuXpJMfwXNDDFp7CMVQffdoanxT31diagawPaRSmDU/
FLK65raCOrB0Xnv5YodyINAcOcp9fXDvVI1ZzZFDO+DxlJuPHIODzr03j3V99EVG
N6BKoyO5XhFh9QI57kGKJwvxLOxS/07Rp/5PZbLlBgtlEDYPHUz7OxfG0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNHKT0ey6jnJNfLgf6j/nbNdNofGMB8GA1UdIwQY
MBaAFOfrJikbnpq1r8iO1206+BqQfl+fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1zbUtSdWVtcld2eUk3WGJUcjRHcEItWDU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iNWVhNTktYjVhOS00YzQ4LWFlMDIt
MWRmNjVhMDc2MzBmLzEvMGNwUFI3THFPY2sxOHVCX3FQLWRzMTAyaDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iNWVhNTktYjVhOS00YzQ4LWFlMDItMWRmNjVhMDc2MzBm
LzEvNS1zbUtSdWVtcld2eUk3WGJUcjRHcEItWDU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGcQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZhwA7MHCMtNkOjtqEyJb3RLKlZMWQPG+ON6WRWPD
eVlQdhd+rrOJIGn6HRjt/X/KkfPSN0E1Me/tC5NRG0iXWx/hS0ry6syX0JjlVJgv
lIKu+WuIryu0IWlhbN3VVzRFwv6YGcWkTBswyEX1ASyOthSUwc5NMZQHYS9MwK25
72LGbS+TFX/vuNw3QDt7utlx1iroNk6JH76GT4TIquFkrXVCPRMLBRDT16g99YZ7
0bpojExbqeo+d938HIg2uS33mesxeLrvW/Cv3hzx3pCKEWxd9gy+HhyWWhRscj6V
jiy0y0nRzVerssfVQhOoCk1qjIkT/UgEStVME9lBPErXow==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-fra.rpki-client.org