Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/9i0VUTyvteZAX46yf8hD9P2mRg0.roa
File: 9i0VUTyvteZAX46yf8hD9P2mRg0.roa (raw, json)
Hash identifier: 5coYAM47LBg/IIYDVQKgEyLgqDtgRFJ98CQI5Gmbxdk=
Subject key identifier: F6:2D:15:51:3C:AF:B5:E6:40:5F:8E:B2:7F:C8:43:F4:FD:A6:46:0D
Certificate issuer: /CN=854c8176d9c42c704b310913309470351bb599e5
Certificate serial: 0231A718
Authority key identifier: 85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/9i0VUTyvteZAX46yf8hD9P2mRg0.roa
Signing time: Sat 01 Jan 2022 02:58:55 +0000
ROA not before: Sat 01 Jan 2022 02:58:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31685
IP address blocks: 2a01:4a60:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36808472 (0x231a718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c8176d9c42c704b310913309470351bb599e5
Validity
Not Before: Jan 1 02:58:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f62d15513cafb5e6405f8eb27fc843f4fda6460d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:b5:91:ea:b2:ea:55:f0:31:5b:28:d5:9b:
45:d5:4c:b4:73:36:29:56:8f:12:25:7e:48:85:16:
3d:aa:4c:e7:e7:ce:18:2c:94:7e:17:59:d2:d8:2d:
7a:8f:89:71:f1:44:9e:3c:2e:09:a9:b9:cb:11:2a:
15:c1:eb:bb:53:c4:0b:51:0a:19:0c:c0:ff:10:f4:
29:42:47:33:d7:fe:49:d2:92:e5:eb:64:50:40:c6:
c4:f0:11:5b:58:ba:06:8f:46:d6:53:ec:37:44:92:
93:94:71:ea:78:8b:fb:e4:e7:00:e6:78:35:ab:72:
70:34:69:0b:50:07:bf:03:4e:5f:a2:f6:7c:06:bb:
a0:93:a0:2c:98:8d:67:bb:96:ae:05:57:89:7f:34:
05:76:25:bd:71:93:89:37:ba:27:32:ec:ad:a8:a4:
f8:09:09:f9:91:c7:0e:8a:df:e0:04:d4:b7:1e:7f:
e9:d2:e0:5b:38:ab:90:c4:e7:c8:ae:09:96:19:fa:
dd:c9:7a:d7:31:36:3f:e8:a1:b4:c2:c4:e0:d4:38:
44:c7:e6:af:a7:ea:b7:6f:49:ed:1c:26:ac:db:33:
3c:75:62:d0:15:13:e1:d5:44:ab:a2:e0:95:db:5a:
04:54:e2:87:dd:81:ed:4f:4a:9e:db:ac:27:14:2a:
8b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2D:15:51:3C:AF:B5:E6:40:5F:8E:B2:7F:C8:43:F4:FD:A6:46:0D
X509v3 Authority Key Identifier:
keyid:85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/9i0VUTyvteZAX46yf8hD9P2mRg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4a60:1::/48
Signature Algorithm: sha256WithRSAEncryption
30:77:c6:57:67:4d:08:eb:1d:30:37:b8:45:6e:81:86:45:d1:
1e:8c:86:ca:f7:c6:ba:e1:ad:1b:fa:0a:3a:70:04:fd:4d:e3:
04:55:87:2f:f7:04:ff:11:2a:1a:8b:5a:2e:80:01:f3:39:65:
ac:16:47:51:aa:23:29:7d:92:01:f7:44:83:da:68:9d:16:3f:
95:65:47:98:56:db:97:29:b8:5d:36:01:db:d9:e7:39:b3:66:
d7:2b:b7:e8:86:fd:e4:77:a0:9e:a5:fb:5b:bc:b3:3f:7f:d4:
6f:de:2b:c9:bd:e1:9f:2c:24:df:da:f4:f1:3e:05:c8:c6:63:
c0:98:08:eb:c9:82:ad:bf:7d:8f:3a:21:8c:cf:cd:74:65:d4:
ea:e9:d8:ff:62:75:40:89:2d:98:19:90:a3:6c:d9:4c:f3:d0:
23:48:a8:0b:fb:f6:e9:02:32:69:0b:6b:b9:af:a1:36:b9:11:
5d:48:7b:88:ef:84:3c:e7:af:88:8e:de:53:eb:c2:ad:31:76:
66:f6:06:11:a3:4b:e7:39:35:91:a3:9d:23:64:4b:23:15:12:
36:82:cb:a2:ab:39:5b:3b:a3:c8:04:d4:1f:2e:02:37:b1:aa:
ff:da:c5:12:de:d1:23:3a:da:29:39:ff:b7:6f:e1:bb:f4:b5:
a8:d0:89:d3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAjGnGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTRjODE3NmQ5YzQyYzcwNGIzMTA5MTMzMDk0NzAzNTFiYjU5OWU1MB4XDTIyMDEw
MTAyNTg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjYyZDE1NTEzY2Fm
YjVlNjQwNWY4ZWIyN2ZjODQzZjRmZGE2NDYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuRtZHqsupV8DFbKNWbRdVMtHM2KVaPEiV+SIUWPapM5+fO
GCyUfhdZ0tgteo+JcfFEnjwuCam5yxEqFcHru1PEC1EKGQzA/xD0KUJHM9f+SdKS
5etkUEDGxPARW1i6Bo9G1lPsN0SSk5Rx6niL++TnAOZ4NatycDRpC1AHvwNOX6L2
fAa7oJOgLJiNZ7uWrgVXiX80BXYlvXGTiTe6JzLsraik+AkJ+ZHHDorf4ATUtx5/
6dLgWzirkMTnyK4Jlhn63cl61zE2P+ihtMLE4NQ4RMfmr6fqt29J7RwmrNszPHVi
0BUT4dVEq6LgldtaBFTih92B7U9KntusJxQqizsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT2LRVRPK+15kBfjrJ/yEP0/aZGDTAfBgNVHSMEGDAWgBSFTIF22cQscEsx
CRMwlHA1G7WZ5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hVeUJkdG5FTEhCTE1Ra1RNSlJ3TlJ1MW1lVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvY2ZmNjMwLTZjOGEtNDNiZC1hZmI5LWIwN2YwMTZhMTc2Mi8x
LzlpMFZVVHl2dGVaQVg0NnlmOGhEOVAybVJnMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
Y2ZmNjMwLTZjOGEtNDNiZC1hZmI5LWIwN2YwMTZhMTc2Mi8xL2hVeUJkdG5FTEhC
TE1Ra1RNSlJ3TlJ1MW1lVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBSmAAATANBgkqhkiG9w0BAQsF
AAOCAQEAMHfGV2dNCOsdMDe4RW6BhkXRHoyGyvfGuuGtG/oKOnAE/U3jBFWHL/cE
/xEqGotaLoAB8zllrBZHUaojKX2SAfdEg9ponRY/lWVHmFbblym4XTYB29nnObNm
1yu36Ib95HegnqX7W7yzP3/Ub94ryb3hnywk39r08T4FyMZjwJgI68mCrb99jzoh
jM/NdGXU6unY/2J1QIktmBmQo2zZTPPQI0ioC/v26QIyaQtrua+hNrkRXUh7iO+E
POeviI7eU+vCrTF2ZvYGEaNL5zk1kaOdI2RLIxUSNoLLoqs5WzujyATUHy4CN7Gq
/9rFEt7RIzraKTn/t2/hu/S1qNCJ0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:34 2024 by rpki-client on console-ams.rpki-client.org