Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/tABw8StJIQcH7Ln34KzSZbzYfaI.roa
File: tABw8StJIQcH7Ln34KzSZbzYfaI.roa (raw, json)
Hash identifier: WeLHQsxLpclYCIWLlK+4PouiXSjZPB/fW0sjUzCjPP8=
Subject key identifier: B4:00:70:F1:2B:49:21:07:07:EC:B9:F7:E0:AC:D2:65:BC:D8:7D:A2
Certificate issuer: /CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Certificate serial: 0183D05C0A6DF7FCAC5647F2B88A6BBD9624
Authority key identifier: 9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/tABw8StJIQcH7Ln34KzSZbzYfaI.roa
Signing time: Thu 13 Oct 2022 08:00:36 +0000
ROA not before: Thu 13 Oct 2022 08:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398559
IP address blocks: 2a0f:103::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:5c:0a:6d:f7:fc:ac:56:47:f2:b8:8a:6b:bd:96:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Validity
Not Before: Oct 13 08:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b40070f12b49210707ecb9f7e0acd265bcd87da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:df:03:93:14:fb:b9:53:90:8b:7f:04:5f:bf:
6e:af:46:65:b5:92:f7:6b:f6:0f:19:29:10:f2:3a:
4a:0b:67:19:2f:f6:0d:56:b2:f0:e3:9b:db:8a:8b:
77:3e:8a:61:6f:15:0f:14:71:74:cc:66:38:97:6b:
77:46:74:c0:ec:1e:f2:8b:e0:b4:33:7b:0c:e1:79:
fe:62:2e:6d:73:e8:f6:63:d4:ae:c3:c2:f3:4d:5d:
ac:e0:b3:70:26:25:77:e2:3a:e3:9a:8f:2e:96:2d:
c6:10:e9:16:42:da:46:55:9f:53:cd:cf:0e:05:28:
5b:54:f1:28:31:10:53:b9:d4:0b:13:ce:1f:b8:6e:
32:a8:d5:00:97:90:a0:e1:fb:b5:d2:6f:83:a2:ec:
48:8f:10:fd:0f:12:1e:74:f4:f8:96:31:2b:cc:c8:
a2:56:2c:62:15:56:df:9a:96:ff:c7:2e:06:b3:db:
a3:e4:ce:e8:16:9a:44:c0:4a:eb:87:45:12:ff:5d:
f4:15:5a:68:29:0e:eb:a9:fa:00:15:2c:f0:ad:7f:
a1:35:be:0c:28:e1:2c:3f:7e:3b:29:12:c9:53:d3:
46:08:d0:a1:27:d7:84:85:d6:92:e8:fe:d3:f7:0c:
43:02:a2:4f:25:05:7d:e5:e9:52:19:f6:9f:10:4b:
d1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:00:70:F1:2B:49:21:07:07:EC:B9:F7:E0:AC:D2:65:BC:D8:7D:A2
X509v3 Authority Key Identifier:
keyid:9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/tABw8StJIQcH7Ln34KzSZbzYfaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/nuw0uvkiAow0Mvj48ivaavhrd7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:103::/32
Signature Algorithm: sha256WithRSAEncryption
df:36:d9:65:d6:f4:04:d4:da:38:c0:d2:01:a0:b5:5b:fa:12:
42:35:24:e9:70:18:42:13:95:e1:20:73:34:94:7d:77:13:d1:
ec:bb:76:84:ae:75:db:54:fe:8c:3a:72:ab:dc:ef:4d:96:00:
1b:c6:88:cb:e7:02:52:e1:39:10:f5:3f:ee:80:e0:97:48:f2:
5d:2c:d7:db:67:c2:b5:26:6d:bb:6e:28:93:40:e7:0d:d6:8b:
3c:a4:f8:3d:10:e7:d8:5e:6a:f8:08:33:ba:13:09:2f:13:78:
84:49:0f:3a:a9:2a:41:44:91:a2:56:9b:4e:1d:88:44:62:43:
d3:33:4a:4a:d7:93:1c:a1:0e:49:44:ed:6c:dc:ae:38:d8:bc:
c5:1a:a5:e0:55:dc:ee:f2:72:84:d4:17:ad:aa:64:e1:46:d6:
8e:be:6d:8c:de:02:3a:a2:cb:0c:61:dc:ab:89:28:1f:9f:aa:
b1:94:2a:ef:e2:10:94:d6:18:12:ea:15:b6:f0:69:f5:5d:3a:
f5:4c:0b:52:23:a2:e3:3c:08:67:fd:58:bb:69:e7:bb:05:a9:
62:9f:ae:9d:48:32:40:b1:a7:27:bd:63:28:27:32:c8:5e:fa:
eb:14:7c:b0:fe:a3:98:4a:ce:43:83:d0:28:71:85:95:5a:6f:
ba:21:fb:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPQXApt9/ysVkfyuIprvZYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWMzNGJhZjkyMjAyOGMzNDMyZjhmOGYyMmJkYTZhZjg2
Yjc3YjIwHhcNMjIxMDEzMDgwMDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAwNzBmMTJiNDkyMTA3MDdlY2I5ZjdlMGFjZDI2NWJjZDg3ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt8DkxT7uVOQi38EX79ur0ZltZL3
a/YPGSkQ8jpKC2cZL/YNVrLw45vbiot3PophbxUPFHF0zGY4l2t3RnTA7B7yi+C0
M3sM4Xn+Yi5tc+j2Y9Suw8LzTV2s4LNwJiV34jrjmo8uli3GEOkWQtpGVZ9Tzc8O
BShbVPEoMRBTudQLE84fuG4yqNUAl5Cg4fu10m+DouxIjxD9DxIedPT4ljErzMii
VixiFVbfmpb/xy4Gs9uj5M7oFppEwErrh0US/130FVpoKQ7rqfoAFSzwrX+hNb4M
KOEsP347KRLJU9NGCNChJ9eEhdaS6P7T9wxDAqJPJQV95elSGfafEEvRHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLQAcPErSSEHB+y59+Cs0mW82H2iMB8GA1UdIwQY
MBaAFJ7sNLr5IgKMNDL4+PIr2mr4a3eyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzkt
YWM4NzE3MWY0ZTVjLzEvdEFCdzhTdEpJUWNIN0xuMzRLelNaYnpZZmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzktYWM4NzE3MWY0ZTVj
LzEvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg8BAzAN
BgkqhkiG9w0BAQsFAAOCAQEA3zbZZdb0BNTaOMDSAaC1W/oSQjUk6XAYQhOV4SBz
NJR9dxPR7Lt2hK5121T+jDpyq9zvTZYAG8aIy+cCUuE5EPU/7oDgl0jyXSzX22fC
tSZtu24ok0DnDdaLPKT4PRDn2F5q+AgzuhMJLxN4hEkPOqkqQUSRolabTh2IRGJD
0zNKSteTHKEOSUTtbNyuONi8xRql4FXc7vJyhNQXrapk4UbWjr5tjN4COqLLDGHc
q4koH5+qsZQq7+IQlNYYEuoVtvBp9V069UwLUiOi4zwIZ/1Yu2nnuwWpYp+unUgy
QLGnJ71jKCcyyF766xR8sP6jmErOQ4PQKHGFlVpvuiH7Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:56 2024 by rpki-client on console-ams.rpki-client.org