Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/cDqjOAFvXMzOaJv7aqUeZ08h1EA.roa
File: cDqjOAFvXMzOaJv7aqUeZ08h1EA.roa (raw, json)
Hash identifier: JfwU+j2q3iZwwMeIoriBSPDz8pV1YuO6Tb4U9I24G6Q=
Subject key identifier: 70:3A:A3:38:01:6F:5C:CC:CE:68:9B:FB:6A:A5:1E:67:4F:21:D4:40
Certificate issuer: /CN=edb04a943332768017266f4e5f56c006d98ebbb4
Certificate serial: 018245EF4AC9C946CC9662636E57FB7A8051
Authority key identifier: ED:B0:4A:94:33:32:76:80:17:26:6F:4E:5F:56:C0:06:D9:8E:BB:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bBKlDMydoAXJm9OX1bABtmOu7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/cDqjOAFvXMzOaJv7aqUeZ08h1EA.roa
Signing time: Thu 28 Jul 2022 17:51:26 +0000
ROA not before: Thu 28 Jul 2022 17:51:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137922
IP address blocks: 2a03:b8c0:27::/48 maxlen: 48
2a03:b8c0:17::/48 maxlen: 48
2a03:b8c0:18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:45:ef:4a:c9:c9:46:cc:96:62:63:6e:57:fb:7a:80:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb04a943332768017266f4e5f56c006d98ebbb4
Validity
Not Before: Jul 28 17:51:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=703aa338016f5cccce689bfb6aa51e674f21d440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a4:25:fb:e8:d5:32:27:b9:69:68:05:9d:b6:
72:7c:80:c7:fa:5e:ae:8b:b1:93:c7:87:b7:fe:f4:
78:f2:03:97:73:13:dd:50:54:f6:41:27:eb:07:a4:
30:85:26:a5:41:1f:dc:68:1b:59:78:83:48:b9:1f:
22:0b:8a:99:f2:3b:20:95:79:fc:8d:1c:30:49:81:
3a:cf:26:76:85:76:f9:e5:4d:7c:20:4b:f9:64:c8:
c8:93:7a:f8:ed:09:c6:3d:5f:30:c5:bb:fc:15:6d:
4f:89:aa:8d:36:e6:b4:a9:10:f0:8c:49:a5:28:42:
eb:0e:23:37:50:d3:02:ee:bb:22:a5:25:51:2e:e7:
d1:ac:a1:77:30:98:24:2a:39:3e:d4:cf:a1:1b:01:
16:6d:fe:81:c1:5c:bb:83:23:8b:64:9b:71:ca:6f:
aa:00:a3:bd:94:a7:4e:45:7e:32:fb:ab:10:a6:33:
52:81:bc:73:07:91:c4:6f:a7:93:fe:ad:ca:18:f2:
92:97:e2:14:42:0e:9d:c7:96:c2:be:7f:8d:3f:d5:
e0:32:a6:7e:ac:07:08:4d:46:51:1f:5f:86:8f:3f:
5a:cc:9a:4d:61:e4:ce:99:07:de:c4:48:85:8f:bc:
a4:e9:2a:1b:53:ac:66:25:bf:fe:ba:b6:68:f8:fd:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3A:A3:38:01:6F:5C:CC:CE:68:9B:FB:6A:A5:1E:67:4F:21:D4:40
X509v3 Authority Key Identifier:
keyid:ED:B0:4A:94:33:32:76:80:17:26:6F:4E:5F:56:C0:06:D9:8E:BB:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bBKlDMydoAXJm9OX1bABtmOu7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/cDqjOAFvXMzOaJv7aqUeZ08h1EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/7bBKlDMydoAXJm9OX1bABtmOu7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b8c0:17::-2a03:b8c0:18:ffff:ffff:ffff:ffff:ffff
2a03:b8c0:27::/48
Signature Algorithm: sha256WithRSAEncryption
3d:f1:6d:b4:ae:7b:87:b0:e5:76:31:0f:f2:f7:8c:09:b4:76:
02:8d:22:26:02:ae:75:6c:98:ca:a9:d9:b3:b1:b4:b3:de:a2:
24:95:13:4d:f6:95:5f:44:f6:b3:70:3d:c2:82:c8:84:74:1b:
89:37:36:e6:0d:65:95:71:40:b3:19:8c:dd:1d:eb:f4:e7:38:
e4:f2:53:50:07:0c:f3:ff:02:d7:90:6e:34:23:6b:d1:21:f3:
c0:2a:e3:2f:ca:d8:05:aa:cf:f4:a4:31:8a:c4:23:02:5b:17:
c0:4e:06:32:0e:56:72:2c:17:e7:e9:84:f2:6d:93:86:d5:84:
b3:7e:75:36:86:e5:28:52:dd:54:af:aa:40:46:8c:7c:cf:7c:
8e:df:79:d6:3e:47:55:8b:80:5f:aa:bb:a6:3b:cd:8b:f7:67:
8c:eb:b2:ef:f7:1b:5f:b0:de:ab:78:f0:98:da:9e:a4:6a:81:
12:16:3b:1b:49:b9:f7:80:62:c2:09:de:34:cc:1b:15:f1:d2:
98:ab:2d:43:bb:19:33:3e:77:51:d2:f0:a8:3b:65:6e:b0:e3:
04:bc:a9:88:5e:15:b6:76:09:a1:19:79:72:4a:8e:67:1a:72:
4e:b4:07:e6:4c:ba:de:61:d1:34:9f:cc:86:43:ac:c3:4f:f8:
03:3b:e7:76
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYJF70rJyUbMlmJjblf7eoBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjA0YTk0MzMzMjc2ODAxNzI2NmY0ZTVmNTZjMDA2ZDk4
ZWJiYjQwHhcNMjIwNzI4MTc1MTI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNhYTMzODAxNmY1Y2NjY2U2ODliZmI2YWE1MWU2NzRmMjFkNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Ql++jVMie5aWgFnbZyfIDH+l6u
i7GTx4e3/vR48gOXcxPdUFT2QSfrB6QwhSalQR/caBtZeINIuR8iC4qZ8jsglXn8
jRwwSYE6zyZ2hXb55U18IEv5ZMjIk3r47QnGPV8wxbv8FW1PiaqNNua0qRDwjEml
KELrDiM3UNMC7rsipSVRLufRrKF3MJgkKjk+1M+hGwEWbf6BwVy7gyOLZJtxym+q
AKO9lKdORX4y+6sQpjNSgbxzB5HEb6eT/q3KGPKSl+IUQg6dx5bCvn+NP9XgMqZ+
rAcITUZRH1+Gjz9azJpNYeTOmQfexEiFj7yk6SobU6xmJb/+urZo+P2obwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHA6ozgBb1zMzmib+2qlHmdPIdRAMB8GA1UdIwQY
MBaAFO2wSpQzMnaAFyZvTl9WwAbZjru0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JCS2xETXlkb0FYSm05T1gxYkFCdG1PdTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81MGE0YzQtOTFkMS00MzExLWI2N2It
ZTQ1ZmE2NGQ0ZDJkLzEvY0Rxak9BRnZYTXpPYUp2N2FxVWVaMDhoMUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81MGE0YzQtOTFkMS00MzExLWI2N2ItZTQ1ZmE2NGQ0ZDJk
LzEvN2JCS2xETXlkb0FYSm05T1gxYkFCdG1PdTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqA7jA
ABcDBwAqA7jAABgDBwAqA7jAACcwDQYJKoZIhvcNAQELBQADggEBAD3xbbSue4ew
5XYxD/L3jAm0dgKNIiYCrnVsmMqp2bOxtLPeoiSVE032lV9E9rNwPcKCyIR0G4k3
NuYNZZVxQLMZjN0d6/TnOOTyU1AHDPP/AteQbjQja9Eh88Aq4y/K2AWqz/SkMYrE
IwJbF8BOBjIOVnIsF+fphPJtk4bVhLN+dTaG5ShS3VSvqkBGjHzPfI7fedY+R1WL
gF+qu6Y7zYv3Z4zrsu/3G1+w3qt48JjanqRqgRIWOxtJufeAYsIJ3jTMGxXx0pir
LUO7GTM+d1HS8Kg7ZW6w4wS8qYheFbZ2CaEZeXJKjmcack60B+ZMut5h0TSfzIZD
rMNP+AM753Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:20 2023 by rpki-client on console-fra.rpki-client.org