Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa
File: jrKTOOx548Gw8f8IvUNY3IkKf78.roa (raw, json)
Hash identifier: A/rPyobrm5ClTKHHqYL2x/gfZG0K83oxdCJGEYF84Uw=
Subject key identifier: 8E:B2:93:38:EC:79:E3:C1:B0:F1:FF:08:BD:43:58:DC:89:0A:7F:BF
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 018211F5B0044879411EA3A272A768F2A481
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa
Signing time: Mon 18 Jul 2022 15:38:10 +0000
ROA not before: Mon 18 Jul 2022 15:38:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133752
IP address blocks: 2a00:c6c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:11:f5:b0:04:48:79:41:1e:a3:a2:72:a7:68:f2:a4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Jul 18 15:38:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eb29338ec79e3c1b0f1ff08bd4358dc890a7fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:12:92:1a:ec:b7:d4:0b:85:41:6d:0d:95:4b:
80:dd:4f:ad:8a:1b:b3:92:bd:6a:f9:a5:41:39:0d:
3e:03:0d:a4:0a:49:32:73:aa:74:12:ea:ed:c8:63:
e0:ed:98:46:6e:35:50:8f:ab:ef:34:0c:be:df:9d:
51:23:cb:05:38:d6:cb:18:cd:af:29:ad:d0:07:a8:
ae:5e:27:f8:21:b5:ac:1e:62:d8:f3:44:d6:e4:3f:
c6:2a:26:85:ba:ba:f3:17:a7:a8:e8:9e:36:3c:7d:
fb:52:a0:d7:83:87:dd:fd:42:ea:cf:52:82:8b:f2:
62:86:7d:c3:e1:41:d6:ec:dc:6f:81:da:e7:5e:e8:
f5:be:fd:26:6f:d6:9e:16:24:e6:c5:87:c9:1e:c8:
ae:d6:69:c1:f9:e3:65:05:27:ab:a8:4e:ae:6d:54:
73:b5:b4:4e:2a:8c:aa:14:2e:16:41:7a:73:4b:33:
69:0d:59:cb:c1:ba:22:02:84:30:f9:36:73:2e:81:
77:f3:e5:ae:e5:81:24:f0:aa:bb:d3:66:ad:01:38:
b4:c0:cd:71:2b:5a:af:b2:68:93:a1:d5:09:89:a3:
1c:d5:00:4f:63:2b:01:1b:85:b7:23:f3:5b:0d:21:
e6:1d:4a:99:e7:b6:a8:c9:9d:7b:75:0d:df:ee:2b:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B2:93:38:EC:79:E3:C1:B0:F1:FF:08:BD:43:58:DC:89:0A:7F:BF
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:c6c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
30:4f:a7:34:c1:97:3f:2b:0a:92:a4:6f:14:75:91:a1:c8:eb:
bf:17:f8:d3:2b:91:f1:12:f3:97:93:33:67:48:fe:9c:34:1e:
5d:bc:a0:77:68:05:bf:2d:88:6b:58:ce:d8:3d:95:41:9f:6a:
e4:9a:da:b9:2a:37:0d:8b:c0:33:d4:40:86:ca:1e:aa:a1:cf:
c5:63:97:36:55:19:0c:80:32:bb:72:d5:ab:45:f1:ac:8a:6e:
42:bb:6b:30:af:92:15:7e:20:85:ed:42:eb:36:8d:02:bb:20:
7b:aa:3c:d0:eb:59:25:d0:5e:bc:9c:34:16:b5:9d:e3:e0:78:
b0:3d:82:d4:75:98:43:fd:48:5f:3b:7a:f9:ae:55:a2:3b:14:
7f:22:d6:ab:65:ff:6d:39:40:bc:f7:c3:d4:6e:36:d2:17:bb:
00:cc:ad:86:a7:51:c5:9c:80:ee:c3:11:3b:59:e8:fa:a6:f8:
60:a2:a5:60:4f:d2:1a:76:33:8b:02:f9:c3:20:51:5e:71:3c:
23:29:2a:c4:ac:f4:d1:96:e3:1f:45:df:65:b3:0e:f4:72:b4:
6a:53:53:38:0f:e0:14:5d:ed:bc:c9:5a:90:ab:d9:4a:1b:86:
3e:34:63:28:91:85:a0:25:bf:5a:07:d9:d8:ca:80:6b:5d:07:
f9:9b:20:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIR9bAESHlBHqOicqdo8qSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjIwNzE4MTUzODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIyOTMzOGVjNzllM2MxYjBmMWZmMDhiZDQzNThkYzg5MGE3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRKSGuy31AuFQW0NlUuA3U+tihuz
kr1q+aVBOQ0+Aw2kCkkyc6p0EurtyGPg7ZhGbjVQj6vvNAy+351RI8sFONbLGM2v
Ka3QB6iuXif4IbWsHmLY80TW5D/GKiaFurrzF6eo6J42PH37UqDXg4fd/ULqz1KC
i/Jihn3D4UHW7NxvgdrnXuj1vv0mb9aeFiTmxYfJHsiu1mnB+eNlBSerqE6ubVRz
tbROKoyqFC4WQXpzSzNpDVnLwboiAoQw+TZzLoF38+Wu5YEk8Kq702atATi0wM1x
K1qvsmiTodUJiaMc1QBPYysBG4W3I/NbDSHmHUqZ57aoyZ17dQ3f7itiDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI6ykzjseePBsPH/CL1DWNyJCn+/MB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvanJLVE9PeDU0OEd3OGY4SXZVTlkzSWtLZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDGwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAwT6c0wZc/KwqSpG8UdZGhyOu/F/jTK5HxEvOX
kzNnSP6cNB5dvKB3aAW/LYhrWM7YPZVBn2rkmtq5KjcNi8Az1ECGyh6qoc/FY5c2
VRkMgDK7ctWrRfGsim5Cu2swr5IVfiCF7ULrNo0CuyB7qjzQ61kl0F68nDQWtZ3j
4HiwPYLUdZhD/UhfO3r5rlWiOxR/ItarZf9tOUC898PUbjbSF7sAzK2Gp1HFnIDu
wxE7Wej6pvhgoqVgT9IadjOLAvnDIFFecTwjKSrErPTRluMfRd9lsw70crRqU1M4
D+AUXe28yVqQq9lKG4Y+NGMokYWgJb9aB9nYyoBrXQf5myAx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:01 2023 by rpki-client on console-fra.rpki-client.org