Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/dDbn1lLiVKhO8pjtaKDNg_bWULQ.roa
File: dDbn1lLiVKhO8pjtaKDNg_bWULQ.roa (raw, json)
Hash identifier: zye1REq3mt0Jo2EoxKOJSLiY8gm2YUdCYcmBIBempco=
Subject key identifier: 74:36:E7:D6:52:E2:54:A8:4E:F2:98:ED:68:A0:CD:83:F6:D6:50:B4
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 06A039B2
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/dDbn1lLiVKhO8pjtaKDNg_bWULQ.roa
Signing time: Sat 01 Jan 2022 13:59:31 +0000
ROA not before: Sat 01 Jan 2022 13:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20446
IP address blocks: 2001:4de0:2310:1::/64 maxlen: 64
2001:4de0:ac12::/48 maxlen: 48
2001:4de0:ac18::/48 maxlen: 48
2001:4de0:ac10::/48 maxlen: 48
2001:4de0:ac19::/48 maxlen: 48
2001:4de0:ac11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111163826 (0x6a039b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 13:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7436e7d652e254a84ef298ed68a0cd83f6d650b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d7:5f:c4:1c:c0:a8:29:d3:13:99:df:0c:de:
3d:cc:ce:88:a1:8b:4a:d0:b1:7f:01:f5:7f:94:01:
0a:15:4c:ab:f0:75:65:73:83:40:75:73:e8:51:c0:
d0:57:ba:d5:55:9d:bb:f2:ad:ea:3d:45:c2:e4:ba:
e7:b0:32:e3:9c:ab:84:b8:03:98:72:9b:ee:5e:88:
6d:c5:4a:2d:9b:90:5c:cf:71:2c:81:38:95:76:3c:
c9:b4:8a:4e:04:16:4e:57:e1:a0:1d:4d:9c:05:20:
cf:e7:a4:34:a4:2c:be:7d:4b:02:4e:dd:c0:e8:57:
de:f4:f4:fd:2d:b2:24:bc:98:56:fa:1d:57:54:ba:
84:ce:75:f2:d9:1c:02:b5:08:e3:52:ba:3c:4d:dc:
dd:6e:50:1d:f1:e9:e9:55:33:ef:ec:0d:91:57:cf:
b6:f4:04:2e:28:cc:7f:41:c1:9f:27:1b:c2:f1:4f:
e3:0d:d7:d4:bb:45:38:3b:23:1d:73:90:47:88:b3:
dd:dc:a5:4f:58:57:f7:44:1f:d3:e2:10:a6:a7:f6:
ac:c4:d9:6b:5e:28:12:df:f5:60:e8:5d:9a:3a:6e:
d0:95:5c:0b:c6:18:bb:9e:8e:de:21:c1:de:aa:79:
9c:27:03:3b:48:01:df:21:7c:bb:81:41:f2:30:a6:
55:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:36:E7:D6:52:E2:54:A8:4E:F2:98:ED:68:A0:CD:83:F6:D6:50:B4
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/dDbn1lLiVKhO8pjtaKDNg_bWULQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2310:1::/64
2001:4de0:ac10::-2001:4de0:ac12:ffff:ffff:ffff:ffff:ffff
2001:4de0:ac18::/47
Signature Algorithm: sha256WithRSAEncryption
c1:6a:c3:b5:94:79:6f:5f:95:e1:8c:a0:10:89:f6:51:a8:7a:
ae:df:2f:38:7c:90:e9:94:cc:68:b6:cc:42:72:e9:6a:1b:e4:
8b:06:ff:02:ed:7b:4c:f6:29:4a:fa:7d:5d:e4:e6:d1:f3:33:
b0:9e:87:9d:80:cf:98:e4:fb:c5:ed:b8:ed:ba:a6:a1:e9:45:
32:3d:c2:b6:68:54:30:ef:0f:21:89:b5:b2:2c:99:45:a2:f6:
85:65:74:98:6f:38:b9:8c:ad:8e:f8:95:91:d4:69:60:f1:a8:
6b:c5:c5:ff:6c:9a:88:de:76:49:1e:5b:cd:4b:10:b5:8b:c4:
38:7f:1e:a1:75:07:96:04:f6:3e:40:65:ed:f8:88:90:5c:fe:
85:e6:07:6b:96:48:5f:ac:e2:fb:ee:77:65:13:62:c7:23:85:
8d:32:e9:19:80:db:b5:86:41:85:c9:3a:57:88:42:3c:73:6b:
45:06:11:97:50:74:3a:3b:3a:b7:de:61:a8:0d:10:58:66:99:
a0:52:5d:42:af:15:8d:e2:6b:c2:a3:44:90:97:dd:8d:9a:e1:
fd:05:9e:2f:f1:e7:ff:b7:03:7f:de:84:45:19:af:a1:a2:89:
dd:85:c7:1a:48:98:f8:ea:44:d8:14:ad:7e:29:6d:9e:c8:50:
1f:1c:3e:bf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBqA5sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzliYmEyODA1YTk4ODk1NGU0ZmVjNDI1NzA1MzBmMTZmOWU3MDkzMB4XDTIyMDEw
MTEzNTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQzNmU3ZDY1MmUy
NTRhODRlZjI5OGVkNjhhMGNkODNmNmQ2NTBiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7XX8QcwKgp0xOZ3wzePczOiKGLStCxfwH1f5QBChVMq/B1
ZXODQHVz6FHA0Fe61VWdu/Kt6j1FwuS657Ay45yrhLgDmHKb7l6IbcVKLZuQXM9x
LIE4lXY8ybSKTgQWTlfhoB1NnAUgz+ekNKQsvn1LAk7dwOhX3vT0/S2yJLyYVvod
V1S6hM518tkcArUI41K6PE3c3W5QHfHp6VUz7+wNkVfPtvQELijMf0HBnycbwvFP
4w3X1LtFODsjHXOQR4iz3dylT1hX90Qf0+IQpqf2rMTZa14oEt/1YOhdmjpu0JVc
C8YYu56O3iHB3qp5nCcDO0gB3yF8u4FB8jCmVSMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBR0NufWUuJUqE7ymO1ooM2D9tZQtDAfBgNVHSMEGDAWgBSnm7ooBamIlU5P
7EJXBTDxb55wkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A1dTZLQVdwaUpWT1QteENWd1V3OFctZWNKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvZDE0MGZiLTAzYWUtNDVkOS04ZGRjLWUxZWQ5ZGQyYTAyYS8x
L2REYm4xbExpVktoTzhwanRhS0ROZ19iV1VMUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
ZDE0MGZiLTAzYWUtNDVkOS04ZGRjLWUxZWQ5ZGQyYTAyYS8xL3A1dTZLQVdwaUpW
T1QteENWd1V3OFctZWNKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAIwKAMJACABTeAjEAABMBIDBwQgAU3grBAD
BwAgAU3grBIDBwEgAU3grBgwDQYJKoZIhvcNAQELBQADggEBAMFqw7WUeW9fleGM
oBCJ9lGoeq7fLzh8kOmUzGi2zEJy6Wob5IsG/wLte0z2KUr6fV3k5tHzM7Ceh52A
z5jk+8XtuO26pqHpRTI9wrZoVDDvDyGJtbIsmUWi9oVldJhvOLmMrY74lZHUaWDx
qGvFxf9smojedkkeW81LELWLxDh/HqF1B5YE9j5AZe34iJBc/oXmB2uWSF+s4vvu
d2UTYscjhY0y6RmA27WGQYXJOleIQjxza0UGEZdQdDo7OrfeYagNEFhmmaBSXUKv
FY3ia8KjRJCX3Y2a4f0Fni/x5/+3A3/ehEUZr6Giid2FxxpImPjqRNgUrX4pbZ7I
UB8cPr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:17 2024 by rpki-client on console-ams.rpki-client.org