Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/T__X0dYcj17ZS3oR1DhnchZdkz8.roa
File: T__X0dYcj17ZS3oR1DhnchZdkz8.roa (raw, json)
Hash identifier: SqFovpbhF/rY693YwgDOBg4BAcSfkYcE+WRmKrcgq3Q=
Subject key identifier: 4F:FF:D7:D1:D6:1C:8F:5E:D9:4B:7A:11:D4:38:67:72:16:5D:93:3F
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0156A8A1
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/T__X0dYcj17ZS3oR1DhnchZdkz8.roa
Signing time: Tue 15 Mar 2022 12:32:48 +0000
ROA not before: Tue 15 Mar 2022 12:32:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8778
IP address blocks: 2a00:9060::/32 maxlen: 32
2a02:dd8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22456481 (0x156a8a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 15 12:32:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fffd7d1d61c8f5ed94b7a11d4386772165d933f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7e:df:28:3a:d0:1a:ad:0a:d9:4c:b9:e2:8b:
e0:75:69:5d:27:ee:53:34:5b:3c:f1:e8:61:be:53:
e3:ed:7a:8e:df:6e:dd:1e:67:46:76:41:52:03:a7:
c8:d8:c6:bb:91:ea:8a:5e:b2:84:a2:fd:9a:05:e0:
91:15:7e:a1:3e:bd:3e:eb:01:2f:42:8c:ce:87:d8:
91:42:b2:ce:aa:ea:0f:83:b4:e4:22:b3:81:c0:36:
b0:81:df:e9:d7:f2:11:6a:da:17:7d:79:2f:02:71:
31:ce:aa:86:c1:29:27:cf:00:a7:21:de:e0:bf:f7:
8e:26:8d:3e:84:c9:7d:f4:78:17:ba:ba:bd:71:c4:
d4:aa:1f:43:79:e9:21:45:5f:4e:90:c8:f3:40:99:
10:3d:be:33:32:1f:55:44:1f:ff:a3:f2:ed:4e:47:
7b:ab:87:2b:0f:01:34:fc:b3:39:9f:fb:f6:e4:86:
13:67:5a:68:64:47:f9:aa:ce:69:3d:2f:d6:14:fa:
1e:78:24:a1:67:ce:a5:c4:2f:25:ec:c2:74:a8:82:
e6:21:91:b4:0f:02:db:d0:d6:d7:d8:6a:2d:6b:d3:
ca:cc:a7:c3:d5:12:70:18:aa:27:f8:58:43:19:bd:
3f:b2:9e:1c:67:93:5f:f6:17:b4:a5:b8:df:2b:5e:
c8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FF:D7:D1:D6:1C:8F:5E:D9:4B:7A:11:D4:38:67:72:16:5D:93:3F
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/T__X0dYcj17ZS3oR1DhnchZdkz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:9060::/32
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
00:85:c2:24:9d:60:2d:13:4e:80:ef:ba:6a:d0:04:f4:a7:86:
69:39:31:ba:23:98:f0:65:e4:4d:b9:9a:e6:af:5e:af:dd:e7:
c1:52:29:fe:47:6b:9d:5d:18:f9:a3:68:cd:48:e0:01:4a:c8:
b9:c4:7a:67:7a:98:08:be:e8:9e:e7:a0:b4:0b:de:4d:57:0b:
24:fd:8a:b6:42:20:3c:85:b5:d4:bd:a5:44:ef:d3:ed:d1:a1:
bb:9a:30:a2:a9:ce:3e:27:e6:4c:05:c1:e9:f8:8a:f1:58:2a:
3c:95:1c:11:46:9e:e0:57:75:71:f6:ba:1d:c7:77:86:d3:40:
60:30:64:da:25:3d:7d:00:0a:55:89:cc:76:d7:cd:f9:9b:e5:
72:89:50:0e:c9:03:8f:dd:a8:31:cb:87:69:7a:c2:77:e2:ff:
51:7d:e8:b0:8a:70:43:9e:49:35:53:9c:27:46:64:b3:5b:a3:
66:a8:88:6a:0e:18:09:07:ab:d3:40:e6:4b:09:6c:21:7a:ba:
b6:5d:b3:88:b0:9a:a8:ff:ce:b0:30:24:3a:27:43:7a:49:07:
65:d4:c3:2a:25:c6:2c:ca:9b:36:1f:18:c4:74:a7:a2:2f:d8:
f0:21:eb:a3:ba:4a:e6:f7:5a:3d:78:a2:34:9b:c6:8d:87:34:
a2:04:1c:44
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAVaooTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMx
NTEyMzI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZmZmQ3ZDFkNjFj
OGY1ZWQ5NGI3YTExZDQzODY3NzIxNjVkOTMzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMp+3yg60BqtCtlMueKL4HVpXSfuUzRbPPHoYb5T4+16jt9u
3R5nRnZBUgOnyNjGu5Hqil6yhKL9mgXgkRV+oT69PusBL0KMzofYkUKyzqrqD4O0
5CKzgcA2sIHf6dfyEWraF315LwJxMc6qhsEpJ88ApyHe4L/3jiaNPoTJffR4F7q6
vXHE1KofQ3npIUVfTpDI80CZED2+MzIfVUQf/6Py7U5He6uHKw8BNPyzOZ/79uSG
E2daaGRH+arOaT0v1hT6HngkoWfOpcQvJezCdKiC5iGRtA8C29DW19hqLWvTysyn
w9UScBiqJ/hYQxm9P7KeHGeTX/YXtKW43yteyAsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRP/9fR1hyPXtlLehHUOGdyFl2TPzAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L1RfX1gwZFljajE3WlMzb1IxRGhuY2haZGt6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFACoAkGADBQMqAg3YMA0GCSqGSIb3
DQEBCwUAA4IBAQAAhcIknWAtE06A77pq0AT0p4ZpOTG6I5jwZeRNuZrmr16v3efB
Uin+R2udXRj5o2jNSOABSsi5xHpnepgIvuie56C0C95NVwsk/Yq2QiA8hbXUvaVE
79Pt0aG7mjCiqc4+J+ZMBcHp+IrxWCo8lRwRRp7gV3Vx9rodx3eG00BgMGTaJT19
AApVicx21835m+VyiVAOyQOP3agxy4dpesJ34v9RfeiwinBDnkk1U5wnRmSzW6Nm
qIhqDhgJB6vTQOZLCWwherq2XbOIsJqo/86wMCQ6J0N6SQdl1MMqJcYsyps2HxjE
dKeiL9jwIeujukrm91o9eKI0m8aNhzSiBBxE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org