Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/CWmAL8_5SYNWBhn7woSW6qY9W7w.roa
File: CWmAL8_5SYNWBhn7woSW6qY9W7w.roa (raw, json)
Hash identifier: sqd8dzN5r02FxAGo/AwpjAd+fj10Q5ECRo++QNlo+nA=
Subject key identifier: 09:69:80:2F:CF:F9:49:83:56:06:19:FB:C2:84:96:EA:A6:3D:5B:BC
Certificate issuer: /CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Certificate serial: 07D2BA03
Authority key identifier: F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/CWmAL8_5SYNWBhn7woSW6qY9W7w.roa
Signing time: Sat 01 Jan 2022 06:04:17 +0000
ROA not before: Sat 01 Jan 2022 06:04:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3209
IP address blocks: 2a09:c580:1611::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131250691 (0x7d2ba03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Validity
Not Before: Jan 1 06:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0969802fcff94983560619fbc28496eaa63d5bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:6e:71:8f:94:c6:92:60:57:ea:da:08:21:
3f:61:68:51:e9:9e:18:11:04:a2:65:33:50:14:55:
55:4f:76:c4:94:2a:98:54:1c:e8:f3:6d:4a:66:da:
c1:4d:76:4e:13:8c:2e:a6:81:1c:10:30:9e:35:56:
fd:35:11:66:c2:79:87:21:a5:19:46:68:f5:20:26:
8a:b9:74:0f:12:00:73:2b:d4:98:89:e9:8a:86:f5:
93:ed:b1:39:4a:6b:44:80:96:2b:6f:81:ac:b8:07:
ce:07:39:13:68:14:3f:e1:a2:86:77:07:f4:0d:6c:
43:06:f9:a7:8b:51:b5:81:8c:c4:d3:ad:35:33:31:
0f:77:c3:c9:1a:9d:66:3c:6d:dd:49:a9:a9:2e:c0:
c3:23:1b:0a:70:0f:bc:e0:b9:23:49:d1:e6:f1:b2:
13:09:82:b0:24:74:a1:35:61:8a:9b:ff:70:37:f9:
cd:d1:3d:3f:a8:5c:c7:61:e7:3b:89:45:0e:4d:6d:
5c:38:af:17:c2:5f:8e:79:02:d5:a5:37:4f:b5:ee:
b4:46:00:98:c1:8e:ef:bf:3a:6c:c3:a7:3c:ab:85:
1f:1b:47:3f:da:54:8c:71:99:03:cc:6a:96:f5:0c:
a3:9b:e7:f4:09:52:cf:a9:6e:ee:ff:c4:fc:6a:7e:
31:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:69:80:2F:CF:F9:49:83:56:06:19:FB:C2:84:96:EA:A6:3D:5B:BC
X509v3 Authority Key Identifier:
keyid:F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/CWmAL8_5SYNWBhn7woSW6qY9W7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/8d15W-NuS1swnryOBOpzlBNccUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:c580:1611::/48
Signature Algorithm: sha256WithRSAEncryption
7e:45:dd:cf:c7:8a:e0:62:19:b0:82:7a:4c:3a:8e:95:11:7c:
11:8d:3f:13:ff:da:31:46:34:f6:32:93:00:e1:d4:9e:78:94:
48:38:d9:12:ed:73:7e:0a:37:26:70:2e:b2:97:0a:2a:40:df:
87:28:14:95:9f:61:f0:83:74:34:6f:66:ae:12:4e:16:4c:72:
9f:0e:2e:ef:78:4c:d1:6f:ff:33:02:17:ba:9a:e4:d0:f6:19:
c5:0b:03:6b:e8:72:ee:04:c8:64:ef:54:d6:36:d9:77:17:41:
2a:2c:2b:df:0f:53:ae:68:e6:5b:39:31:29:2e:65:7b:56:a1:
58:e4:ad:11:ca:9c:4b:0a:28:42:50:97:fe:8c:89:51:70:25:
d1:fb:df:29:f7:89:0a:77:a7:66:33:dc:d2:2e:26:a9:89:37:
94:ce:9c:51:5d:85:4b:d7:d7:8c:59:f5:c4:a7:d8:ef:cb:9d:
9c:61:48:95:d7:fe:8c:69:79:c1:be:de:ae:5f:4c:58:79:f0:
08:dd:39:ad:64:f0:28:d9:95:9a:35:eb:c2:40:14:32:a4:fc:
7d:5d:7c:f1:a6:6e:fc:de:36:3a:15:45:31:49:c7:05:b9:85:
fb:dc:5c:21:3a:2d:1a:7e:2b:eb:f2:e1:0c:21:0d:fc:e6:53:
31:f8:5a:b0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB9K6AzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWRkNzk1YmUzNmU0YjViMzA5ZWJjOGUwNGVhNzM5NDEzNWM3MTRjMB4XDTIyMDEw
MTA2MDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk2OTgwMmZjZmY5
NDk4MzU2MDYxOWZiYzI4NDk2ZWFhNjNkNWJiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMICbnGPlMaSYFfq2gghP2FoUemeGBEEomUzUBRVVU92xJQq
mFQc6PNtSmbawU12ThOMLqaBHBAwnjVW/TURZsJ5hyGlGUZo9SAmirl0DxIAcyvU
mInpiob1k+2xOUprRICWK2+BrLgHzgc5E2gUP+GihncH9A1sQwb5p4tRtYGMxNOt
NTMxD3fDyRqdZjxt3UmpqS7AwyMbCnAPvOC5I0nR5vGyEwmCsCR0oTVhipv/cDf5
zdE9P6hcx2HnO4lFDk1tXDivF8JfjnkC1aU3T7XutEYAmMGO7786bMOnPKuFHxtH
P9pUjHGZA8xqlvUMo5vn9AlSz6lu7v/E/Gp+MZcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQJaYAvz/lJg1YGGfvChJbqpj1bvDAfBgNVHSMEGDAWgBTx3Xlb425LWzCe
vI4E6nOUE1xxTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkMTVXLU51UzFzd25yeU9CT3B6bEJOY2NVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvOTc5YmRiLTAxYTMtNGQxNy04NzQ2LWZlNDQ3NzJkNWFlMS8x
L0NXbUFMOF81U1lOV0Jobjd3b1NXNnFZOVc3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
OTc5YmRiLTAxYTMtNGQxNy04NzQ2LWZlNDQ3NzJkNWFlMS8xLzhkMTVXLU51UzFz
d25yeU9CT3B6bEJOY2NVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJxYAWETANBgkqhkiG9w0BAQsF
AAOCAQEAfkXdz8eK4GIZsIJ6TDqOlRF8EY0/E//aMUY09jKTAOHUnniUSDjZEu1z
fgo3JnAuspcKKkDfhygUlZ9h8IN0NG9mrhJOFkxynw4u73hM0W//MwIXuprk0PYZ
xQsDa+hy7gTIZO9U1jbZdxdBKiwr3w9TrmjmWzkxKS5le1ahWOStEcqcSwooQlCX
/oyJUXAl0fvfKfeJCnenZjPc0i4mqYk3lM6cUV2FS9fXjFn1xKfY78udnGFIldf+
jGl5wb7erl9MWHnwCN05rWTwKNmVmjXrwkAUMqT8fV188aZu/N42OhVFMUnHBbmF
+9xcITotGn4r6/LhDCEN/OZTMfhasA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-fra.rpki-client.org