Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/Twt6MZapScovwS3l45za0uAqKA8.roa
File: Twt6MZapScovwS3l45za0uAqKA8.roa (raw, json)
Hash identifier: 6QlgZmN5aXOR7yb3z1M131rJbYF6TPp8ej0dTGy/fa8=
Subject key identifier: 4F:0B:7A:31:96:A9:49:CA:2F:C1:2D:E5:E3:9C:DA:D2:E0:2A:28:0F
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 018237110EA6C1E609D17429A58A3597283E
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/Twt6MZapScovwS3l45za0uAqKA8.roa
Signing time: Mon 25 Jul 2022 20:34:00 +0000
ROA not before: Mon 25 Jul 2022 20:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a0a:cd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:11:0e:a6:c1:e6:09:d1:74:29:a5:8a:35:97:28:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Jul 25 20:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f0b7a3196a949ca2fc12de5e39cdad2e02a280f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:86:12:4f:59:90:8e:3c:ad:11:5b:7b:05:
96:6d:83:da:67:07:46:7b:23:c7:dd:9a:4b:ea:c1:
99:f6:26:11:fb:2e:ae:3f:22:cf:61:81:90:05:bc:
9a:74:3a:48:bc:8c:fb:a2:89:6b:58:7d:b9:84:a1:
54:e3:6d:19:c2:c2:c6:05:35:81:27:d6:58:ab:d9:
76:d7:96:8e:48:79:90:1c:f0:ec:21:1b:58:bc:e5:
7e:0f:e6:5e:e1:c1:b7:ff:25:0b:0d:7d:0a:50:fc:
f0:2a:f1:e0:7e:5f:8d:8e:6b:e4:42:58:43:a6:b3:
1a:0b:e9:fb:86:a2:29:9b:51:0a:16:88:36:b9:06:
98:0c:d5:37:cb:ca:27:8d:36:e6:35:cc:b2:6b:59:
0f:49:30:cb:e0:15:c7:7e:a4:4f:bb:b2:ef:6e:fb:
31:5b:90:3b:4e:64:cf:b6:66:0e:8a:ff:6b:48:ec:
f2:db:4b:7e:de:8e:fe:b4:10:e4:92:c2:d0:46:4e:
df:8c:9f:5c:6d:fe:4d:e4:63:e5:b6:17:fd:b6:e1:
1c:0e:85:33:f9:74:91:5c:02:6f:21:98:60:08:31:
5f:cd:c0:5e:ff:a6:e2:88:6e:ca:b4:e1:23:d5:6d:
07:89:38:f7:c5:7e:9e:14:90:10:fb:7c:ce:45:18:
2e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0B:7A:31:96:A9:49:CA:2F:C1:2D:E5:E3:9C:DA:D2:E0:2A:28:0F
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/Twt6MZapScovwS3l45za0uAqKA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
43:5f:d3:be:14:97:2f:7e:dc:7c:b3:7f:9c:44:ad:e9:f6:25:
a8:14:29:dc:37:59:37:bf:67:37:3e:18:6b:ff:99:2a:56:d6:
74:31:30:13:be:52:40:42:b2:d4:3d:5b:19:ef:5e:d9:1e:61:
d7:97:42:4a:38:28:60:2f:55:d0:cf:e3:54:3a:64:d9:75:12:
33:b5:d9:96:70:17:aa:47:b3:30:b9:01:aa:8c:c7:cb:b8:3c:
91:e1:b2:9f:4b:ff:97:ad:57:0c:e4:50:05:ef:3b:04:bd:23:
52:e8:92:a4:8c:c6:7e:ce:02:97:58:d0:7a:8e:b4:a9:3b:f4:
d7:0d:3f:b7:f8:4c:53:d0:18:45:5c:87:29:e7:be:ce:5c:86:
45:ab:62:e4:62:32:2d:26:cd:da:75:09:e8:5a:2a:d7:80:77:
c4:c9:4f:6e:2e:e6:66:f4:3c:d0:c2:1f:b3:f7:1c:63:06:5b:
96:30:0d:da:96:44:5f:ff:11:1d:79:32:25:2a:c3:2e:d2:d7:
dd:74:9c:fa:b6:08:c3:24:d5:8a:72:e2:7b:de:a8:de:2f:58:
a7:ad:83:e6:ab:5e:0c:0d:f4:39:fa:4e:cd:19:ec:3a:ef:f1:
8e:32:00:b0:d9:5e:86:b5:d9:23:95:1f:94:d0:a6:35:f6:0c:
4e:8c:07:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3EQ6mweYJ0XQppYo1lyg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjIwNzI1MjAzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBiN2EzMTk2YTk0OWNhMmZjMTJkZTVlMzljZGFkMmUwMmEyODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1iGEk9ZkI48rRFbewWWbYPaZwdG
eyPH3ZpL6sGZ9iYR+y6uPyLPYYGQBbyadDpIvIz7oolrWH25hKFU420ZwsLGBTWB
J9ZYq9l215aOSHmQHPDsIRtYvOV+D+Ze4cG3/yULDX0KUPzwKvHgfl+NjmvkQlhD
prMaC+n7hqIpm1EKFog2uQaYDNU3y8onjTbmNcyya1kPSTDL4BXHfqRPu7Lvbvsx
W5A7TmTPtmYOiv9rSOzy20t+3o7+tBDkksLQRk7fjJ9cbf5N5GPlthf9tuEcDoUz
+XSRXAJvIZhgCDFfzcBe/6biiG7KtOEj1W0HiTj3xX6eFJAQ+3zORRguTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE8LejGWqUnKL8Et5eOc2tLgKigPMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEvVHd0Nk1aYXBTY292d1MzbDQ1emEwdUFxS0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgrNQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ1/TvhSXL37cfLN/nESt6fYlqBQp3DdZN79nNz4Y
a/+ZKlbWdDEwE75SQEKy1D1bGe9e2R5h15dCSjgoYC9V0M/jVDpk2XUSM7XZlnAX
qkezMLkBqozHy7g8keGyn0v/l61XDORQBe87BL0jUuiSpIzGfs4Cl1jQeo60qTv0
1w0/t/hMU9AYRVyHKee+zlyGRati5GIyLSbN2nUJ6Foq14B3xMlPbi7mZvQ80MIf
s/ccYwZbljAN2pZEX/8RHXkyJSrDLtLX3XSc+rYIwyTVinLie96o3i9Yp62D5qte
DA30OfpOzRnsOu/xjjIAsNlehrXZI5UflNCmNfYMTowHbg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:01 2023 by rpki-client on console-fra.rpki-client.org