Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/i1EkoNJQttfDkO_rlaJKasXIbPQ.roa
File: i1EkoNJQttfDkO_rlaJKasXIbPQ.roa (raw, json)
Hash identifier: qJ9dTH8ZmXFuAIEKjJVHU9b6nyzsJxwVzN2G7C5dGq8=
Subject key identifier: 8B:51:24:A0:D2:50:B6:D7:C3:90:EF:EB:95:A2:4A:6A:C5:C8:6C:F4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 212748CE
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/i1EkoNJQttfDkO_rlaJKasXIbPQ.roa
Signing time: Sat 01 Jan 2022 13:00:35 +0000
ROA not before: Sat 01 Jan 2022 13:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58083
IP address blocks: 2a07:3500:10a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556222670 (0x212748ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 13:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b5124a0d250b6d7c390efeb95a24a6ac5c86cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:19:b8:a5:68:57:e3:00:23:78:fb:69:0b:
db:3d:b8:e5:80:58:0b:f2:07:71:3d:96:06:f7:3f:
d8:01:d6:ef:32:ff:4a:5b:0e:0b:78:95:f8:9a:00:
4b:88:eb:4a:44:4d:95:71:74:f4:ed:e4:c7:bb:61:
9d:74:b2:7e:9b:1e:60:8f:af:e8:44:53:90:93:aa:
3a:0c:4f:e4:ff:81:b1:7a:10:15:31:6b:2c:0a:20:
2b:3c:f5:c9:13:92:1f:b9:a3:0d:59:27:b1:e3:2c:
e8:47:48:18:6d:e0:50:41:af:f6:67:bf:44:f0:b4:
d7:b4:8c:51:94:98:e0:4f:fa:af:20:e1:67:63:21:
eb:ba:26:07:e3:ea:99:62:a6:bb:9d:53:b6:9d:8d:
23:1c:2e:1c:b8:10:eb:c4:f3:19:3a:20:ea:d3:1c:
4a:c1:79:07:42:5c:de:b4:78:59:4b:99:bb:2a:b0:
26:e1:3f:97:e1:7c:e8:18:6e:db:54:9b:cd:aa:a4:
19:83:c6:3c:da:68:f6:c9:5a:4b:f2:05:37:43:29:
cd:73:f5:72:be:90:2b:be:81:6e:66:fa:6d:3d:74:
ae:41:1c:0e:23:c8:03:13:5c:c4:08:12:bc:c5:6e:
4a:75:02:5f:3d:7f:3b:92:0f:1c:1f:34:ee:48:72:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:51:24:A0:D2:50:B6:D7:C3:90:EF:EB:95:A2:4A:6A:C5:C8:6C:F4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/i1EkoNJQttfDkO_rlaJKasXIbPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:10a0::/48
Signature Algorithm: sha256WithRSAEncryption
26:33:f3:27:34:c1:89:81:3c:eb:ce:df:17:7d:11:8b:14:4a:
d2:b7:2e:2e:86:d6:f7:a7:c2:99:18:47:14:e9:38:23:01:ef:
49:ac:1b:05:a5:e7:1a:55:0b:4d:ae:7d:2a:9d:2b:56:1a:7e:
73:7f:e1:cd:d6:15:f2:d1:7d:d3:bc:a3:af:f9:a1:dd:51:0d:
a9:ed:77:a4:65:3a:8e:07:9b:d1:06:42:83:ab:3e:dd:ac:fc:
c2:e9:21:1c:ce:3a:b2:26:0b:dc:80:41:e6:2b:33:d0:bf:e3:
23:57:58:3d:40:bc:c6:84:bf:c7:25:2c:8d:05:b7:b7:2c:34:
27:95:92:1d:bd:cc:fd:47:12:72:d3:20:27:f4:23:f3:9e:ce:
06:8e:d0:8e:df:35:1b:1d:15:f5:da:95:c9:18:a0:4f:20:50:
c0:64:e9:f5:df:e6:70:f6:7d:18:4b:88:47:93:bc:80:ec:71:
4f:b6:d2:21:40:40:a6:04:8b:70:a5:ae:3f:67:e8:78:0f:b3:
fa:3a:21:a6:a5:24:7e:b2:51:ea:90:a3:d8:87:85:52:2a:b6:
3d:34:78:f7:38:99:f0:da:b3:28:7b:87:5f:f7:e6:68:c6:f7:
33:9a:0a:47:b8:58:0a:b9:94:f6:56:d4:97:1c:6b:7e:f2:f3:
83:6a:1d:92
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEISdIzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDEw
MTEzMDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI1MTI0YTBkMjUw
YjZkN2MzOTBlZmViOTVhMjRhNmFjNWM4NmNmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHcGbilaFfjACN4+2kL2z245YBYC/IHcT2WBvc/2AHW7zL/
SlsOC3iV+JoAS4jrSkRNlXF09O3kx7thnXSyfpseYI+v6ERTkJOqOgxP5P+BsXoQ
FTFrLAogKzz1yROSH7mjDVknseMs6EdIGG3gUEGv9me/RPC017SMUZSY4E/6ryDh
Z2Mh67omB+PqmWKmu51Ttp2NIxwuHLgQ68TzGTog6tMcSsF5B0Jc3rR4WUuZuyqw
JuE/l+F86Bhu21SbzaqkGYPGPNpo9slaS/IFN0MpzXP1cr6QK76Bbmb6bT10rkEc
DiPIAxNcxAgSvMVuSnUCXz1/O5IPHB807khytiUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSLUSSg0lC218OQ7+uVokpqxchs9DAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
L2kxRWtvTkpRdHRmRGtPX3JsYUpLYXNYSWJQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoHNQAQoDANBgkqhkiG9w0BAQsF
AAOCAQEAJjPzJzTBiYE8687fF30RixRK0rcuLobW96fCmRhHFOk4IwHvSawbBaXn
GlULTa59Kp0rVhp+c3/hzdYV8tF907yjr/mh3VENqe13pGU6jgeb0QZCg6s+3az8
wukhHM46siYL3IBB5isz0L/jI1dYPUC8xoS/xyUsjQW3tyw0J5WSHb3M/UcSctMg
J/Qj857OBo7Qjt81Gx0V9dqVyRigTyBQwGTp9d/mcPZ9GEuIR5O8gOxxT7bSIUBA
pgSLcKWuP2foeA+z+johpqUkfrJR6pCj2IeFUiq2PTR49ziZ8NqzKHuHX/fmaMb3
M5oKR7hYCrmU9lbUlxxrfvLzg2odkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:49 2024 by rpki-client on console-ams.rpki-client.org