Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/x8pVdtVNl0KeFiTONDJDrIBvofA.roa
File: x8pVdtVNl0KeFiTONDJDrIBvofA.roa (raw, json)
Hash identifier: hCylVIpH9rf8+5egKHAVIg6FgXywyCBt1gjF9SyTXpo=
Subject key identifier: C7:CA:55:76:D5:4D:97:42:9E:16:24:CE:34:32:43:AC:80:6F:A1:F0
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 09BF0654
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/x8pVdtVNl0KeFiTONDJDrIBvofA.roa
Signing time: Sat 01 Jan 2022 12:05:45 +0000
ROA not before: Sat 01 Jan 2022 12:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212981
IP address blocks: 2a0a:d6c0:186::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163513940 (0x9bf0654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 1 12:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7ca5576d54d97429e1624ce343243ac806fa1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:2e:fa:6c:c3:24:e9:45:d5:76:40:1a:83:
d1:66:01:bd:d4:29:bb:69:a9:48:e2:5a:d7:36:fc:
58:2e:f4:16:78:3e:0d:d8:4b:9c:d7:7e:2b:f1:07:
92:68:0b:a4:61:a4:72:84:42:d2:28:30:15:19:cc:
eb:1c:70:2f:73:e8:07:c5:71:58:9a:0f:a3:30:3c:
b7:9f:3b:a8:a1:6f:9b:23:7a:b4:99:1a:a8:09:0a:
28:4d:54:af:c0:67:cd:de:6c:c4:68:96:35:2c:1e:
ee:34:26:1e:cc:ca:2c:bb:6e:21:66:4f:67:19:35:
13:b2:5a:04:12:54:0d:0e:25:09:52:95:b4:f8:48:
d3:46:51:32:93:88:eb:88:ce:9c:ac:15:bc:f9:40:
0a:28:ca:d0:3e:a8:d5:35:fa:eb:84:60:18:9c:8a:
35:d0:e1:e9:89:fc:e9:8e:3b:d7:8d:73:8b:03:90:
a6:26:95:81:cc:40:ed:26:60:2c:c8:6c:ce:5d:42:
95:c0:4a:3c:07:8d:d7:2b:37:0c:5f:77:3c:b2:68:
61:00:a1:5f:1e:f8:e5:9f:b9:5f:2f:5f:f5:ee:88:
38:8c:4b:2f:22:95:b2:0e:3b:33:ad:c0:35:9f:f6:
5d:13:ba:ca:32:6d:f5:b5:ad:ed:f0:e2:0a:5e:16:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CA:55:76:D5:4D:97:42:9E:16:24:CE:34:32:43:AC:80:6F:A1:F0
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/x8pVdtVNl0KeFiTONDJDrIBvofA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d6c0:186::/48
Signature Algorithm: sha256WithRSAEncryption
69:bc:b5:7b:6a:92:ca:fc:05:41:69:e1:65:82:3f:f3:12:27:
56:37:31:59:98:2d:0e:a9:0c:3d:58:8d:17:27:8c:9d:aa:c4:
8e:cb:1f:a1:2e:20:2f:22:3d:29:71:99:3c:fc:d3:74:2b:b2:
b0:2e:6f:80:5f:e7:ab:1e:a4:63:6f:d7:22:38:54:93:83:a9:
f5:7d:20:ed:c6:ef:5d:f0:ec:0c:9b:4b:70:86:7d:a0:55:7f:
39:fc:26:94:b9:2a:8f:97:fc:42:28:e3:c5:77:73:70:6d:89:
c9:81:db:8e:fc:b7:09:fc:aa:87:e3:91:1c:61:bb:77:6a:58:
b0:d8:95:60:0a:6c:dd:7d:01:f9:9c:ed:3f:25:6e:f5:d4:e6:
dd:3b:78:2d:c4:8b:97:a3:38:9c:bb:b8:f3:de:5f:d8:d4:53:
4f:0c:98:b2:bd:8b:4e:fd:03:0e:0d:48:07:d0:b5:c2:f4:eb:
fc:48:56:8f:1d:63:c8:a5:62:3e:b3:09:74:49:f9:7f:36:6c:
4a:4c:a7:8f:d2:76:c3:64:7a:d8:cc:24:a8:f0:a8:b1:6c:2d:
5c:b2:d4:d2:0d:7f:8e:02:88:f0:61:18:ea:4d:28:7d:a2:83:
52:64:ac:29:74:2f:a5:a8:ef:a8:be:81:73:36:fe:e0:e1:63:
65:a4:19:59
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECb8GVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODdkNmRmN2ViNzU0MmUwMzMzYWVlZGQxNGFkZmY4ZjUxZjhjYmQ4MB4XDTIyMDEw
MTEyMDU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdjYTU1NzZkNTRk
OTc0MjllMTYyNGNlMzQzMjQzYWM4MDZmYTFmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZsLvpswyTpRdV2QBqD0WYBvdQpu2mpSOJa1zb8WC70Fng+
DdhLnNd+K/EHkmgLpGGkcoRC0igwFRnM6xxwL3PoB8VxWJoPozA8t587qKFvmyN6
tJkaqAkKKE1Ur8Bnzd5sxGiWNSwe7jQmHszKLLtuIWZPZxk1E7JaBBJUDQ4lCVKV
tPhI00ZRMpOI64jOnKwVvPlACijK0D6o1TX664RgGJyKNdDh6Yn86Y47141ziwOQ
piaVgcxA7SZgLMhszl1ClcBKPAeN1ys3DF93PLJoYQChXx745Z+5Xy9f9e6IOIxL
LyKVsg47M63ANZ/2XRO6yjJt9bWt7fDiCl4WGdECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTHylV21U2XQp4WJM40MkOsgG+h8DAfBgNVHSMEGDAWgBQ4fW3363VC4DM6
7t0Urf+PUfjL2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09IMXQ5LXQxUXVBek91N2RGSzNfajFINHk5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvZDRhODljLTU0YjItNDQ1Yi1iYjdjLTYwOWE0OGIyYjE0ZC8x
L3g4cFZkdFZObDBLZUZpVE9OREpEcklCdm9mQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
ZDRhODljLTU0YjItNDQ1Yi1iYjdjLTYwOWE0OGIyYjE0ZC8xL09IMXQ5LXQxUXVB
ek91N2RGSzNfajFINHk5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoK1sABhjANBgkqhkiG9w0BAQsF
AAOCAQEAaby1e2qSyvwFQWnhZYI/8xInVjcxWZgtDqkMPViNFyeMnarEjssfoS4g
LyI9KXGZPPzTdCuysC5vgF/nqx6kY2/XIjhUk4Op9X0g7cbvXfDsDJtLcIZ9oFV/
OfwmlLkqj5f8QijjxXdzcG2JyYHbjvy3Cfyqh+ORHGG7d2pYsNiVYAps3X0B+Zzt
PyVu9dTm3Tt4LcSLl6M4nLu4895f2NRTTwyYsr2LTv0DDg1IB9C1wvTr/EhWjx1j
yKViPrMJdEn5fzZsSkynj9J2w2R62MwkqPCosWwtXLLU0g1/jgKI8GEY6k0ofaKD
UmSsKXQvpajvqL6Bczb+4OFjZaQZWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:53 2024 by rpki-client on console-ams.rpki-client.org