Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/out9CQ-pSPkM-Un6OYCmLyStL4k.roa
File: out9CQ-pSPkM-Un6OYCmLyStL4k.roa (raw, json)
Hash identifier: 0SNREGhB+ww0PIt53fPaGYodN/XstzNoTC4nwfwTup0=
Subject key identifier: A2:EB:7D:09:0F:A9:48:F9:0C:F9:49:FA:39:80:A6:2F:24:AD:2F:89
Certificate issuer: /CN=893afecd711705c476b785d0c86ef54c2124354c
Certificate serial: 34F882B6
Authority key identifier: 89:3A:FE:CD:71:17:05:C4:76:B7:85:D0:C8:6E:F5:4C:21:24:35:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTr-zXEXBcR2t4XQyG71TCEkNUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/out9CQ-pSPkM-Un6OYCmLyStL4k.roa
Signing time: Sat 01 Jan 2022 10:01:56 +0000
ROA not before: Sat 01 Jan 2022 10:01:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8767
IP address blocks: 2a01:4800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888701622 (0x34f882b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893afecd711705c476b785d0c86ef54c2124354c
Validity
Not Before: Jan 1 10:01:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2eb7d090fa948f90cf949fa3980a62f24ad2f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e1:67:ad:c5:53:9f:55:ed:c0:b2:53:04:a8:
79:e2:e0:23:74:8b:63:80:c9:f9:b6:59:0c:96:58:
8a:05:a3:c9:6b:c9:97:2f:cf:a9:e8:84:85:19:2d:
46:f2:8e:b4:1b:74:52:c6:fe:ac:65:53:ef:4f:41:
8a:4d:19:51:37:35:37:e9:22:af:9e:49:70:f9:dd:
3a:72:ca:2a:cf:3f:6b:80:bf:d9:a1:9b:64:20:f7:
d6:7f:c2:57:0b:c2:56:0d:2a:18:c5:e5:7a:7c:42:
d7:4c:30:ac:1f:1a:ea:05:62:09:97:49:a2:92:fa:
af:de:99:17:31:61:c2:4a:c9:d7:78:6d:b3:47:09:
14:7c:72:86:fd:ff:7c:55:75:6d:88:81:cc:f4:18:
0e:c4:10:b7:26:44:85:c9:81:cb:c5:fd:50:21:2f:
b8:0f:bb:eb:52:bd:f2:f7:57:25:74:8a:38:ce:b9:
82:b2:48:73:30:84:e3:b7:b5:22:be:db:03:50:55:
56:1c:f8:0e:59:06:28:b6:4f:b5:7a:40:98:ba:7f:
33:f9:80:23:9e:08:4d:64:31:20:7a:8f:6b:30:c1:
80:e1:9b:97:4e:7d:58:d7:ed:76:7a:03:1e:a1:be:
18:43:f7:32:00:a2:53:49:86:bd:6c:ce:ba:e9:e7:
1d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EB:7D:09:0F:A9:48:F9:0C:F9:49:FA:39:80:A6:2F:24:AD:2F:89
X509v3 Authority Key Identifier:
keyid:89:3A:FE:CD:71:17:05:C4:76:B7:85:D0:C8:6E:F5:4C:21:24:35:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTr-zXEXBcR2t4XQyG71TCEkNUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/out9CQ-pSPkM-Un6OYCmLyStL4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/iTr-zXEXBcR2t4XQyG71TCEkNUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4800::/32
Signature Algorithm: sha256WithRSAEncryption
a5:da:84:a0:e3:4d:b8:d4:e2:a0:7b:92:7b:b7:38:4e:e7:05:
23:ab:75:15:a8:22:08:dc:02:cb:ef:97:56:8f:62:97:04:68:
43:1a:43:4e:1a:7a:85:21:b2:b2:2d:fa:47:1f:81:2a:70:df:
e0:04:97:e2:df:95:f5:e6:59:74:87:bb:f9:6a:a9:bf:4a:36:
24:86:37:cd:9e:e8:c6:3d:3b:6d:45:ed:97:0a:9d:ff:3a:48:
ac:1a:c2:47:b5:a5:03:85:1c:82:5f:52:4b:d9:4e:fe:80:d6:
e5:95:7a:93:32:05:40:39:9f:9c:71:f2:53:5a:9b:5b:01:ee:
93:21:94:a5:61:9d:cb:25:5e:87:98:38:4b:f7:cd:5f:b9:2b:
a0:24:96:f1:cb:4d:a5:46:88:af:fd:4f:2f:aa:e3:d6:8b:14:
40:98:bc:53:89:20:32:3e:fd:0f:d3:c9:8a:87:c4:ce:81:46:
b2:0a:3f:de:e0:12:cc:90:d5:a5:86:ed:9e:2e:91:9d:ad:82:
75:36:a7:64:0f:f5:67:f2:d1:f4:d1:de:d8:72:51:56:23:b0:
cc:d5:f5:c5:78:52:37:ad:7a:1f:2a:93:ac:90:a6:b2:03:c6:
fe:30:3a:2f:51:26:5a:98:1b:fe:6f:f4:28:8d:3a:81:23:b7:
bc:9a:4d:81
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENPiCtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTNhZmVjZDcxMTcwNWM0NzZiNzg1ZDBjODZlZjU0YzIxMjQzNTRjMB4XDTIyMDEw
MTEwMDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJlYjdkMDkwZmE5
NDhmOTBjZjk0OWZhMzk4MGE2MmYyNGFkMmY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLhZ63FU59V7cCyUwSoeeLgI3SLY4DJ+bZZDJZYigWjyWvJ
ly/PqeiEhRktRvKOtBt0Usb+rGVT709Bik0ZUTc1N+kir55JcPndOnLKKs8/a4C/
2aGbZCD31n/CVwvCVg0qGMXlenxC10wwrB8a6gViCZdJopL6r96ZFzFhwkrJ13ht
s0cJFHxyhv3/fFV1bYiBzPQYDsQQtyZEhcmBy8X9UCEvuA+761K98vdXJXSKOM65
grJIczCE47e1Ir7bA1BVVhz4DlkGKLZPtXpAmLp/M/mAI54ITWQxIHqPazDBgOGb
l059WNftdnoDHqG+GEP3MgCiU0mGvWzOuunnHX8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSi630JD6lI+Qz5Sfo5gKYvJK0viTAfBgNVHSMEGDAWgBSJOv7NcRcFxHa3
hdDIbvVMISQ1TDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lUci16WEVYQmNSMnQ0WFF5RzcxVENFa05Vdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvY2EzYjVmLTAyMjEtNDNhZC04YWJkLTFjMTMyMDZhODEyMy8x
L291dDlDUS1wU1BrTS1VbjZPWUNtTHlTdEw0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
Y2EzYjVmLTAyMjEtNDNhZC04YWJkLTFjMTMyMDZhODEyMy8xL2lUci16WEVYQmNS
MnQ0WFF5RzcxVENFa05Vdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBSAAwDQYJKoZIhvcNAQELBQAD
ggEBAKXahKDjTbjU4qB7knu3OE7nBSOrdRWoIgjcAsvvl1aPYpcEaEMaQ04aeoUh
srIt+kcfgSpw3+AEl+LflfXmWXSHu/lqqb9KNiSGN82e6MY9O21F7ZcKnf86SKwa
wke1pQOFHIJfUkvZTv6A1uWVepMyBUA5n5xx8lNam1sB7pMhlKVhncslXoeYOEv3
zV+5K6AklvHLTaVGiK/9Ty+q49aLFECYvFOJIDI+/Q/TyYqHxM6BRrIKP97gEsyQ
1aWG7Z4ukZ2tgnU2p2QP9Wfy0fTR3thyUVYjsMzV9cV4Ujeteh8qk6yQprIDxv4w
Oi9RJlqYG/5v9CiNOoEjt7yaTYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:17 2024 by rpki-client on console-ams.rpki-client.org