Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7FNMz46MnC1EPzbzpsElsbrSAuc.roa
File: 7FNMz46MnC1EPzbzpsElsbrSAuc.roa (raw, json)
Hash identifier: 5dCryveYOh9dGqXapgKfuB2+tRzZccQKYIvj6gjhzNE=
Subject key identifier: EC:53:4C:CF:8E:8C:9C:2D:44:3F:36:F3:A6:C1:25:B1:BA:D2:02:E7
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 01820DE1FBA9919D02C6F70D9F19511F3CBF
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7FNMz46MnC1EPzbzpsElsbrSAuc.roa
Signing time: Sun 17 Jul 2022 20:38:09 +0000
ROA not before: Sun 17 Jul 2022 20:38:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211071
IP address blocks: 2a0a:d6c0:202::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0d:e1:fb:a9:91:9d:02:c6:f7:0d:9f:19:51:1f:3c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jul 17 20:38:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec534ccf8e8c9c2d443f36f3a6c125b1bad202e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:cc:4c:f5:08:20:51:bc:7a:f1:0b:35:f5:
78:56:c2:8f:0f:e3:7e:00:56:9e:4f:7d:fc:d0:0d:
7e:21:56:fa:1e:56:6d:3e:1c:34:19:28:42:d3:2d:
86:2b:0a:2b:66:d4:3e:70:b8:93:23:1b:11:33:88:
91:59:06:56:09:10:bd:b6:28:f6:fb:0a:87:70:ce:
45:4e:57:91:d4:9a:f5:fe:ff:55:71:51:de:d2:72:
b3:80:64:9b:82:49:b9:86:d0:f1:59:28:a1:d7:5b:
af:4d:c3:6a:e4:7a:a5:4a:66:09:30:e1:07:5f:a6:
d1:a1:75:13:c8:f1:ad:7f:74:9c:8d:0e:92:cf:cf:
11:13:f1:b1:bd:bf:c4:d2:61:a4:6e:99:c7:b6:55:
e0:87:93:a5:49:69:70:bd:9a:76:7f:03:be:b0:39:
f1:a3:d1:d2:31:0c:68:85:32:a0:64:65:d3:48:43:
8d:1d:cc:c0:51:0b:39:bb:98:8d:10:b6:53:88:9a:
b5:6d:6f:a7:2b:ed:71:45:40:1d:8c:85:84:7a:5b:
8d:a4:1c:b1:ae:7f:c1:7f:49:c0:a1:a1:f1:c1:66:
d0:d8:52:5b:7a:9b:78:d2:48:9f:21:b4:91:78:21:
17:5b:ee:c6:80:3b:d1:58:9b:9b:5c:e1:62:2d:07:
34:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:53:4C:CF:8E:8C:9C:2D:44:3F:36:F3:A6:C1:25:B1:BA:D2:02:E7
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7FNMz46MnC1EPzbzpsElsbrSAuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d6c0:202::/48
Signature Algorithm: sha256WithRSAEncryption
67:e5:ab:dc:c3:68:dc:fe:ec:f5:c3:c6:ed:03:35:28:6c:5d:
a9:4f:4a:11:33:2a:77:72:91:c8:eb:1e:ef:e6:bf:9b:b9:92:
8f:45:38:73:9a:c6:3c:1e:0f:80:64:0d:22:c9:ca:fc:58:41:
15:43:01:63:86:66:bf:d1:03:7b:92:30:a6:26:0e:15:8c:a0:
68:95:74:46:36:f6:02:d7:12:27:99:6f:7e:b1:4f:ed:21:f5:
7c:5b:50:32:7a:b5:aa:be:b6:51:c6:bd:55:1b:a2:15:f6:cc:
24:c3:22:a6:cb:e6:72:8c:5e:4a:dc:2f:c3:fc:6c:9c:57:d1:
77:05:06:21:e8:26:1b:94:87:f4:76:19:fa:32:df:8b:26:ed:
41:f2:92:95:fb:a1:d5:ae:7c:23:71:2f:00:52:33:5b:56:aa:
33:1a:0b:4c:56:c6:93:60:12:ef:b6:dc:4f:23:ec:e0:b8:e1:
cc:fc:02:57:c0:8e:13:f8:b4:9e:9f:f6:91:f0:be:52:51:48:
c6:48:48:13:5b:74:4f:f7:cd:34:0d:cb:60:73:fa:c8:41:20:
73:cd:9f:21:41:a1:60:65:91:b1:72:1d:f3:59:bd:c7:7d:ab:
90:b7:9c:4a:1f:43:28:a3:32:ab:ee:24:62:2a:63:43:ca:ba:
80:1f:c2:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIN4fupkZ0CxvcNnxlRHzy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjIwNzE3MjAzODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzUzNGNjZjhlOGM5YzJkNDQzZjM2ZjNhNmMxMjViMWJhZDIwMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4zMTPUIIFG8evELNfV4VsKPD+N+
AFaeT3380A1+IVb6HlZtPhw0GShC0y2GKworZtQ+cLiTIxsRM4iRWQZWCRC9tij2
+wqHcM5FTleR1Jr1/v9VcVHe0nKzgGSbgkm5htDxWSih11uvTcNq5HqlSmYJMOEH
X6bRoXUTyPGtf3ScjQ6Sz88RE/Gxvb/E0mGkbpnHtlXgh5OlSWlwvZp2fwO+sDnx
o9HSMQxohTKgZGXTSEONHczAUQs5u5iNELZTiJq1bW+nK+1xRUAdjIWEeluNpByx
rn/Bf0nAoaHxwWbQ2FJbept40kifIbSReCEXW+7GgDvRWJubXOFiLQc0BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOxTTM+OjJwtRD8286bBJbG60gLnMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvN0ZOTXo0Nk1uQzFFUHpienBzRWxzYnJTQXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgrWwAIC
MA0GCSqGSIb3DQEBCwUAA4IBAQBn5avcw2jc/uz1w8btAzUobF2pT0oRMyp3cpHI
6x7v5r+buZKPRThzmsY8Hg+AZA0iycr8WEEVQwFjhma/0QN7kjCmJg4VjKBolXRG
NvYC1xInmW9+sU/tIfV8W1AyerWqvrZRxr1VG6IV9swkwyKmy+ZyjF5K3C/D/Gyc
V9F3BQYh6CYblIf0dhn6Mt+LJu1B8pKV+6HVrnwjcS8AUjNbVqozGgtMVsaTYBLv
ttxPI+zguOHM/AJXwI4T+LSen/aR8L5SUUjGSEgTW3RP9800Dctgc/rIQSBzzZ8h
QaFgZZGxch3zWb3HfauQt5xKH0MoozKr7iRiKmNDyrqAH8JI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:53 2024 by rpki-client on console-ams.rpki-client.org