Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/98qVtrhr-RnFYpZIihGqvAPlmvI.roa
File: 98qVtrhr-RnFYpZIihGqvAPlmvI.roa (raw, json)
Hash identifier: AhX9TRgW8TGiqzeokWD0RwW2/9+nEN88vae0qKAMGk4=
Subject key identifier: F7:CA:95:B6:B8:6B:F9:19:C5:62:96:48:8A:11:AA:BC:03:E5:9A:F2
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 0890D2BD
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/98qVtrhr-RnFYpZIihGqvAPlmvI.roa
Signing time: Sat 01 Jan 2022 05:05:52 +0000
ROA not before: Sat 01 Jan 2022 05:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213081
IP address blocks: 2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143708861 (0x890d2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 1 05:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7ca95b6b86bf919c56296488a11aabc03e59af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:45:17:39:da:92:ab:0c:77:58:d4:46:d1:
2d:04:26:f6:ae:24:22:df:d0:c9:9d:67:c9:a3:4a:
95:f9:6f:a7:7c:09:2f:d3:34:0d:37:b8:ca:9b:e3:
7f:6b:37:45:70:26:e4:7f:6d:d5:1b:c5:92:ea:15:
c1:8b:48:bb:0e:d9:11:64:57:89:1d:da:9b:25:0a:
76:f8:ba:25:c4:b9:a3:77:76:8e:e9:40:cd:0d:f0:
ad:f9:da:68:0c:dc:74:cd:05:ce:72:96:ed:92:c4:
c3:cb:2d:40:d9:06:87:e5:8b:2c:ff:3c:c5:3c:db:
ce:23:08:fa:d2:d6:ce:02:be:93:20:a2:c7:7d:8e:
86:ee:b1:8a:e3:ab:6b:f7:de:eb:93:e9:49:c8:30:
a2:ef:01:8b:2b:0c:5a:3f:4a:f8:74:8f:9f:6d:5b:
8f:75:a9:30:49:2c:28:ca:24:73:dd:69:92:66:bc:
c0:17:f9:7a:a6:78:d5:64:f7:b5:ec:21:58:db:71:
a6:b8:cf:20:a2:c0:db:b8:0b:3f:bb:5c:ca:fb:ca:
e1:fc:5c:1d:fd:36:2f:a0:09:b2:18:6b:9d:78:9a:
ce:ad:93:c5:bd:90:c7:1f:49:62:9a:9b:5f:77:fb:
c3:56:20:83:cc:8a:aa:8a:13:32:78:7d:2c:35:cb:
c7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CA:95:B6:B8:6B:F9:19:C5:62:96:48:8A:11:AA:BC:03:E5:9A:F2
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/98qVtrhr-RnFYpZIihGqvAPlmvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:b1:ac:34:55:32:f0:99:40:05:63:21:02:60:37:ea:17:fc:
7e:38:7f:57:67:fb:73:f2:c1:36:9b:ff:7f:ae:81:ff:63:3d:
16:2b:8a:72:b8:96:ae:c1:b1:34:72:ec:05:9e:61:53:94:c7:
3f:c7:a9:56:d9:b1:a0:cf:43:89:07:02:1d:72:74:6f:78:f3:
6f:e8:c9:51:c9:c0:4f:79:ce:2c:ef:0d:5e:12:a1:16:2d:8e:
83:4a:37:3c:9a:06:6c:80:b8:a9:4e:97:be:bc:b3:06:c9:31:
34:af:2b:dc:7a:d9:f7:3c:06:f3:a7:04:54:1d:76:87:00:04:
05:8e:b4:f4:0e:33:a9:bb:25:d4:c8:d4:0a:eb:cd:f0:43:8d:
1f:0b:15:d4:b0:42:d0:c5:0f:a8:f8:e1:64:02:04:dc:c5:54:
66:3e:07:7e:f1:64:f6:38:87:85:c5:e4:56:3a:09:c8:77:00:
c9:5b:bd:45:cb:40:99:70:03:ee:10:37:f6:84:3c:1a:0d:df:
00:08:29:15:f1:be:6d:bc:82:03:ee:60:5d:6e:fa:3f:8c:56:
6a:27:4a:d2:50:ec:c2:9a:56:31:92:f1:d3:d0:30:06:b5:a8:
27:e2:eb:6f:4a:f2:2d:1e:00:47:ac:55:f7:d3:da:4d:4f:55:
5d:bb:a6:8c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECJDSvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmJmYzVhMTcyNjU0ZGQ2MDA5ZGIxZDgyZDkyZmZhZjcxMjM0MTIwMB4XDTIyMDEw
MTA1MDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjYTk1YjZiODZi
ZjkxOWM1NjI5NjQ4OGExMWFhYmMwM2U1OWFmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUMRRc52pKrDHdY1EbRLQQm9q4kIt/QyZ1nyaNKlflvp3wJ
L9M0DTe4ypvjf2s3RXAm5H9t1RvFkuoVwYtIuw7ZEWRXiR3amyUKdvi6JcS5o3d2
julAzQ3wrfnaaAzcdM0FznKW7ZLEw8stQNkGh+WLLP88xTzbziMI+tLWzgK+kyCi
x32Ohu6xiuOra/fe65PpScgwou8BiysMWj9K+HSPn21bj3WpMEksKMokc91pkma8
wBf5eqZ41WT3tewhWNtxprjPIKLA27gLP7tcyvvK4fxcHf02L6AJshhrnXiazq2T
xb2Qxx9JYpqbX3f7w1Ygg8yKqooTMnh9LDXLx+kCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBT3ypW2uGv5GcVilkiKEaq8A+Wa8jAfBgNVHSMEGDAWgBSWv8WhcmVN1gCd
sdgtkv+vcSNBIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xyX0ZvWEpsVGRZQW5iSFlMWkxfcjNFalFTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8x
Lzk4cVZ0cmhyLVJuRllwWklpaEdxdkFQbG12SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8xL2xyX0ZvWEpsVGRZ
QW5iSFlMWkxfcjNFalFTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoJKUADBQMqCuXAMA0GCSqGSIb3
DQEBCwUAA4IBAQBzsaw0VTLwmUAFYyECYDfqF/x+OH9XZ/tz8sE2m/9/roH/Yz0W
K4pyuJauwbE0cuwFnmFTlMc/x6lW2bGgz0OJBwIdcnRvePNv6MlRycBPec4s7w1e
EqEWLY6DSjc8mgZsgLipTpe+vLMGyTE0ryvcetn3PAbzpwRUHXaHAAQFjrT0DjOp
uyXUyNQK683wQ40fCxXUsELQxQ+o+OFkAgTcxVRmPgd+8WT2OIeFxeRWOgnIdwDJ
W71Fy0CZcAPuEDf2hDwaDd8ACCkV8b5tvIID7mBdbvo/jFZqJ0rSUOzCmlYxkvHT
0DAGtagn4utvSvItHgBHrFX309pNT1Vdu6aM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org