Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/dsZHkIfzurnYLObK_sj6dLOkpAo.roa
File: dsZHkIfzurnYLObK_sj6dLOkpAo.roa (raw, json)
Hash identifier: vqaR7XyK/ttwmg7KsnXNlaKrlYkUS3NPSFhIeru54c8=
Subject key identifier: 76:C6:47:90:87:F3:BA:B9:D8:2C:E6:CA:FE:C8:FA:74:B3:A4:A4:0A
Certificate issuer: /CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
Certificate serial: 01DB0B4A
Authority key identifier: 5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/dsZHkIfzurnYLObK_sj6dLOkpAo.roa
Signing time: Sat 01 Jan 2022 04:57:03 +0000
ROA not before: Sat 01 Jan 2022 04:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209589
IP address blocks: 2a07:9cc5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31132490 (0x1db0b4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
Validity
Not Before: Jan 1 04:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76c6479087f3bab9d82ce6cafec8fa74b3a4a40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:e3:cd:63:a8:24:2c:72:38:5c:d4:96:c0:
c4:12:c4:95:b5:25:16:09:cb:51:dd:db:61:48:ac:
5b:88:da:b1:bc:17:c2:90:c1:30:90:da:0a:62:c9:
5e:07:31:96:37:6a:1f:75:1c:97:17:48:47:a8:c7:
c6:30:19:bc:c7:d7:5b:85:39:4a:73:12:bc:81:33:
8e:c9:21:c4:3f:d6:af:bb:7f:e0:33:86:76:4f:c2:
43:27:c4:a6:64:d0:5b:b9:f5:76:4b:99:b6:f3:3f:
2e:b7:c6:dc:8b:d3:04:e6:6a:7d:8e:c8:d6:dd:dc:
6e:fe:78:81:2f:5a:ed:fa:14:a5:b6:5f:61:5a:9b:
4b:ae:89:4d:21:5c:a7:1b:df:f4:1c:4c:a4:3f:18:
99:c5:91:a6:9a:f1:74:fa:88:fe:99:b2:6b:29:61:
af:08:ec:d2:4f:2c:df:50:5d:79:33:69:a9:75:ea:
9d:62:b4:97:42:f5:34:86:e5:e2:5d:8b:a0:53:0f:
6b:24:50:23:e1:ad:a7:3d:56:ef:5c:30:92:5c:1f:
ab:d5:a0:a4:b8:83:cb:dc:01:e4:5e:93:05:ff:aa:
81:47:8e:9d:7a:69:bd:9c:5c:cb:cc:7f:31:eb:c3:
bd:8a:83:13:1c:6a:06:77:eb:a2:5d:01:36:bf:86:
56:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C6:47:90:87:F3:BA:B9:D8:2C:E6:CA:FE:C8:FA:74:B3:A4:A4:0A
X509v3 Authority Key Identifier:
keyid:5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/dsZHkIfzurnYLObK_sj6dLOkpAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/XWNz9d-Z2CHctXx_uSAvtGhuXWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:9cc5::/32
Signature Algorithm: sha256WithRSAEncryption
11:a4:04:0c:d8:8f:3b:2d:5a:66:a3:96:7e:ba:93:42:28:ce:
fc:ee:b0:7e:07:60:04:ff:c0:d4:22:7c:54:a0:71:06:d6:42:
2e:0f:06:32:2c:b0:16:e1:5e:5c:6e:fc:2e:68:a5:1e:3c:2f:
00:8c:79:d9:b4:06:bd:5e:ad:6a:dc:cf:ad:9d:9b:31:57:b1:
30:d2:59:48:50:e7:40:9d:98:0f:2d:b1:cc:b8:fb:c2:63:86:
21:61:70:56:4b:fe:ae:a5:07:13:5d:21:d5:86:c2:7b:13:52:
90:89:a7:fb:f2:22:df:9e:80:36:79:ca:fe:1e:9d:15:e2:4a:
3f:24:a6:81:ec:d0:5c:35:96:29:21:d7:3d:ef:2a:48:b0:95:
3d:16:53:b8:7f:0a:03:6e:63:8c:f2:61:dc:6e:8e:87:e8:f4:
34:50:e8:c3:e1:53:e6:68:8f:41:d2:72:1c:ce:58:bb:a4:5f:
34:c3:94:78:a3:21:62:0b:79:9c:eb:77:6d:29:3f:30:22:23:
72:fc:8e:03:f6:00:10:8a:dc:6e:44:fc:03:97:68:74:ac:ae:
9b:7a:47:ab:bf:eb:34:6f:7e:78:92:80:de:9e:2b:4d:fe:b5:
f6:94:44:ba:a2:c9:b1:62:95:e3:6b:55:1e:f9:8f:6e:74:e1:
42:37:d9:6a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAdsLSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDYzNzNmNWRmOTlkODIxZGNiNTdjN2ZiOTIwMmZiNDY4NmU1ZDYxMB4XDTIyMDEw
MTA0NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjNjQ3OTA4N2Yz
YmFiOWQ4MmNlNmNhZmVjOGZhNzRiM2E0YTQwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpA481jqCQscjhc1JbAxBLElbUlFgnLUd3bYUisW4jasbwX
wpDBMJDaCmLJXgcxljdqH3UclxdIR6jHxjAZvMfXW4U5SnMSvIEzjskhxD/Wr7t/
4DOGdk/CQyfEpmTQW7n1dkuZtvM/LrfG3IvTBOZqfY7I1t3cbv54gS9a7foUpbZf
YVqbS66JTSFcpxvf9BxMpD8YmcWRpprxdPqI/pmyaylhrwjs0k8s31BdeTNpqXXq
nWK0l0L1NIbl4l2LoFMPayRQI+Gtpz1W71wwklwfq9WgpLiDy9wB5F6TBf+qgUeO
nXppvZxcy8x/MevDvYqDExxqBnfrol0BNr+GVscCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR2xkeQh/O6udgs5sr+yPp0s6SkCjAfBgNVHSMEGDAWgBRdY3P135nYIdy1
fH+5IC+0aG5dYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hXTno5ZC1aMkNIY3RYeF91U0F2dEdodVhXRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvMGM5MTI4LWEwNDMtNDc4Yy05OTIwLWFkMjE1Mjg1Yzg2NC8x
L2RzWkhrSWZ6dXJuWUxPYktfc2o2ZExPa3BBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
MGM5MTI4LWEwNDMtNDc4Yy05OTIwLWFkMjE1Mjg1Yzg2NC8xL1hXTno5ZC1aMkNI
Y3RYeF91U0F2dEdodVhXRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHnMUwDQYJKoZIhvcNAQELBQAD
ggEBABGkBAzYjzstWmajln66k0IozvzusH4HYAT/wNQifFSgcQbWQi4PBjIssBbh
Xlxu/C5opR48LwCMedm0Br1erWrcz62dmzFXsTDSWUhQ50CdmA8tscy4+8JjhiFh
cFZL/q6lBxNdIdWGwnsTUpCJp/vyIt+egDZ5yv4enRXiSj8kpoHs0Fw1likh1z3v
KkiwlT0WU7h/CgNuY4zyYdxujofo9DRQ6MPhU+Zoj0HSchzOWLukXzTDlHijIWIL
eZzrd20pPzAiI3L8jgP2ABCK3G5E/AOXaHSsrpt6R6u/6zRvfniSgN6eK03+tfaU
RLqiybFileNrVR75j2504UI32Wo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:33 2025 by rpki-client