Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/92i9BsAVGMXJCeUbp7robb4xK1w.roa
File: 92i9BsAVGMXJCeUbp7robb4xK1w.roa (raw, json)
Hash identifier: +wDbMNGoK3WhufVqKu8KYFBlDPnMkJyIGNDiziNe9hU=
Subject key identifier: F7:68:BD:06:C0:15:18:C5:C9:09:E5:1B:A7:BA:E8:6D:BE:31:2B:5C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0182C6DA11B64AE3758D3B7B89A6D5F7CBCB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/92i9BsAVGMXJCeUbp7robb4xK1w.roa
Signing time: Mon 22 Aug 2022 18:39:16 +0000
ROA not before: Mon 22 Aug 2022 18:39:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5511
IP address blocks: 2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:da:11:b6:4a:e3:75:8d:3b:7b:89:a6:d5:f7:cb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 22 18:39:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f768bd06c01518c5c909e51ba7bae86dbe312b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2b:c9:7f:3e:10:19:d9:f6:4e:4e:0e:e9:e1:
b9:15:50:b9:1d:06:3a:53:2d:7b:a8:2f:32:e7:cc:
aa:95:47:06:5c:e4:a0:b8:ed:34:41:c0:34:36:ee:
40:cc:e9:27:3c:44:b3:85:eb:57:58:57:d4:77:f4:
91:38:de:5f:f5:b5:ab:13:34:72:3a:ac:98:1d:ad:
ca:c2:f9:20:fc:5f:86:19:95:f2:44:ad:8d:59:ed:
75:a4:72:f1:51:c2:1c:1d:66:b9:61:e0:12:86:e2:
46:c5:6f:f5:91:57:d2:f5:03:8a:9d:66:7c:4f:de:
32:6b:d9:5f:52:f4:ca:44:28:88:a2:cf:46:df:29:
b9:b3:80:a1:d5:56:46:5f:0f:50:37:f9:f8:b2:56:
22:ea:45:d0:cc:3f:73:d8:9b:76:c7:fc:83:18:ba:
43:6d:cb:21:9b:79:7e:23:c3:19:7d:d2:87:94:a3:
6a:5b:37:06:1b:9b:4c:ac:9d:11:e2:ce:44:d5:7b:
cc:d0:46:db:98:49:f5:13:4c:e4:f1:9d:9e:b8:05:
cd:98:7b:f2:89:9e:5c:ad:fa:ee:61:9a:b2:07:d2:
83:cd:db:da:aa:1c:b0:95:92:b7:18:83:b8:75:90:
cc:80:51:69:65:48:6c:ef:50:ef:39:41:f7:34:80:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:68:BD:06:C0:15:18:C5:C9:09:E5:1B:A7:BA:E8:6D:BE:31:2B:5C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/92i9BsAVGMXJCeUbp7robb4xK1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
06:fe:4b:65:9e:de:be:52:35:8b:1f:78:8f:59:a3:87:08:1f:
7a:04:61:b6:5a:6d:dc:21:20:e7:f8:45:a5:f7:7e:e6:5e:70:
a5:2b:88:21:6d:a1:40:30:ca:57:1d:74:3c:00:ba:ad:b2:43:
09:e5:a6:86:29:de:93:d7:fe:67:6f:17:88:c4:57:67:88:b0:
82:93:1b:66:b8:2a:0a:12:41:a3:4b:cd:1b:fb:7f:7a:0e:6d:
b1:cb:65:7a:16:5f:9e:f9:25:a7:3a:12:69:71:f2:f0:ef:05:
17:7b:71:fe:88:2d:e9:7c:f0:76:60:d5:78:a0:b0:00:c8:26:
22:c5:c3:f2:f9:a4:66:10:b5:06:c3:38:f3:e0:28:cc:a1:52:
39:ad:bf:20:4c:10:f9:aa:5a:5f:ae:36:6d:54:49:f7:ce:de:
51:7d:bc:3f:94:94:1d:48:a7:0f:2f:04:a7:18:5f:e2:26:94:
2e:a5:4d:04:9b:9a:4f:d2:6a:94:ed:d4:b4:70:57:32:c6:57:
4c:e8:bc:17:1d:a4:52:bf:0f:a3:9f:87:5c:4e:25:0d:95:f6:
7f:68:0f:d1:be:9b:99:8b:30:10:87:6f:1b:6c:83:ab:92:c3:
65:c4:33:b1:f6:8d:d6:9a:60:30:4b:06:07:34:de:b9:1c:75:
56:e8:c3:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLG2hG2SuN1jTt7iabV98vLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODIyMTgzOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzY4YmQwNmMwMTUxOGM1YzkwOWU1MWJhN2JhZTg2ZGJlMzEyYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSvJfz4QGdn2Tk4O6eG5FVC5HQY6
Uy17qC8y58yqlUcGXOSguO00QcA0Nu5AzOknPESzhetXWFfUd/SRON5f9bWrEzRy
OqyYHa3Kwvkg/F+GGZXyRK2NWe11pHLxUcIcHWa5YeAShuJGxW/1kVfS9QOKnWZ8
T94ya9lfUvTKRCiIos9G3ym5s4Ch1VZGXw9QN/n4slYi6kXQzD9z2Jt2x/yDGLpD
bcshm3l+I8MZfdKHlKNqWzcGG5tMrJ0R4s5E1XvM0EbbmEn1E0zk8Z2euAXNmHvy
iZ5crfruYZqyB9KDzdvaqhywlZK3GIO4dZDMgFFpZUhs71DvOUH3NIAu+wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPdovQbAFRjFyQnlG6e66G2+MStcMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOTJpOUJzQVZHTVhKQ2VVYnA3cm9iYjR4SzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgtkwTAN
BgkqhkiG9w0BAQsFAAOCAQEABv5LZZ7evlI1ix94j1mjhwgfegRhtlpt3CEg5/hF
pfd+5l5wpSuIIW2hQDDKVx10PAC6rbJDCeWmhinek9f+Z28XiMRXZ4iwgpMbZrgq
ChJBo0vNG/t/eg5tsctlehZfnvklpzoSaXHy8O8FF3tx/ogt6XzwdmDVeKCwAMgm
IsXD8vmkZhC1BsM48+AozKFSOa2/IEwQ+apaX642bVRJ987eUX28P5SUHUinDy8E
pxhf4iaULqVNBJuaT9JqlO3UtHBXMsZXTOi8Fx2kUr8Po5+HXE4lDZX2f2gP0b6b
mYswEIdvG2yDq5LDZcQzsfaN1ppgMEsGBzTeuRx1VujDDw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org