Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/0EYM1EnygcKf6XH1s1S8fq32Ha0.roa
File: 0EYM1EnygcKf6XH1s1S8fq32Ha0.roa (raw, json)
Hash identifier: AAWYoLvzHRkkjbsiMJQoF9gXHXF4uyBNtcURHRLeLB0=
Subject key identifier: D0:46:0C:D4:49:F2:81:C2:9F:E9:71:F5:B3:54:BC:7E:AD:F6:1D:AD
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018405B0A07BEC3E2286733AF1E026F9ABDA
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/0EYM1EnygcKf6XH1s1S8fq32Ha0.roa
Signing time: Sun 23 Oct 2022 16:32:52 +0000
ROA not before: Sun 23 Oct 2022 16:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207781
IP address blocks: 2a09:e1c1:efce::/48 maxlen: 48
2a09:e1c1:efc3::/48 maxlen: 48
2a09:e1c1:efc4::/48 maxlen: 48
2a09:e1c1:efc9::/48 maxlen: 48
2a09:e1c1:efca::/48 maxlen: 48
2a09:e1c1:efcf::/48 maxlen: 48
2a09:e1c1:efc0::/48 maxlen: 48
2a09:e1c1:efc5::/48 maxlen: 48
2a09:e1c1:efc6::/48 maxlen: 48
2a09:e1c1:efcb::/48 maxlen: 48
2a09:e1c1:efcc::/48 maxlen: 48
2a09:e1c1:efc1::/48 maxlen: 48
2a09:e1c1:efc2::/48 maxlen: 48
2a09:e1c1:efc7::/48 maxlen: 48
2a09:e1c1:efc8::/48 maxlen: 48
2a09:e1c1:efcd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:05:b0:a0:7b:ec:3e:22:86:73:3a:f1:e0:26:f9:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Oct 23 16:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0460cd449f281c29fe971f5b354bc7eadf61dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b0:eb:20:36:ff:9c:68:10:1c:d2:bf:a4:01:
12:f9:dc:e9:e3:6f:e1:92:cf:4b:51:9a:b2:d5:5a:
e0:71:e0:ce:f8:9d:31:a1:c1:1a:5c:80:48:5b:da:
db:ef:8e:3b:9f:2d:3f:ec:59:4f:20:e8:34:40:6a:
6a:9a:00:fe:02:98:eb:b4:ae:1d:2d:5d:45:53:5d:
16:bd:56:f7:d6:f6:e6:ae:c5:a1:8d:30:25:d5:a7:
09:6e:83:69:b7:f2:75:0a:24:70:b2:76:9c:f8:70:
01:76:20:16:d6:82:fe:ee:17:37:be:0e:c2:d4:b9:
05:07:e6:30:65:f6:03:5f:5a:61:a4:ca:0d:5d:e4:
e1:f7:92:1c:37:fa:de:34:95:d9:e1:3f:66:e3:09:
e7:3b:d9:27:69:f3:71:b0:52:98:1f:2e:6d:e6:94:
a1:ac:87:2f:c3:e5:0b:3a:ba:32:8c:e7:9c:d4:f9:
b8:56:a7:bb:80:30:72:db:0d:d8:28:e5:58:76:51:
21:f3:66:b4:b5:14:f9:96:e2:a6:de:ee:c4:f8:92:
10:45:07:2a:0b:2e:4f:f4:8b:38:89:7a:37:b1:d8:
ad:ac:54:2b:f6:55:dd:91:7d:2d:ee:47:31:37:75:
52:49:b9:48:aa:5a:fb:55:45:80:e5:f1:54:f3:57:
58:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:46:0C:D4:49:F2:81:C2:9F:E9:71:F5:B3:54:BC:7E:AD:F6:1D:AD
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/0EYM1EnygcKf6XH1s1S8fq32Ha0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efc0::/44
Signature Algorithm: sha256WithRSAEncryption
1c:4d:e1:9a:84:ea:de:f7:ac:7f:87:65:f7:3d:72:a7:e8:72:
2a:93:38:a4:41:20:8b:27:13:6d:fb:76:af:bd:61:6a:d8:8e:
c1:b3:a6:eb:07:4a:63:f2:6a:c1:1d:cd:46:a6:4c:2c:1d:6f:
8b:b5:c5:96:93:61:77:0f:d8:35:9d:59:82:b4:ee:7f:0e:57:
a5:39:0a:8f:93:ab:31:32:98:3f:b1:8e:bc:c6:52:74:04:91:
5f:7a:1b:93:3b:85:e2:ab:be:19:c6:0f:ae:54:c5:27:ed:09:
3c:c5:cd:cc:9a:a7:32:dc:4b:bb:41:a8:f4:0e:64:a0:fd:2a:
ad:11:a8:c4:7a:38:b8:ab:87:86:34:8a:39:d5:22:3f:7d:ab:
41:e8:62:09:d4:6b:15:48:1f:7a:22:26:53:7c:9a:c1:c5:b5:
76:7c:e7:ce:34:57:89:60:14:a6:55:8e:71:ca:ad:96:6e:a2:
f0:64:d7:44:a2:94:2a:07:c3:17:67:c6:e3:5f:9c:7c:0a:86:
dd:e3:4b:e3:75:8c:55:14:cf:a5:8e:46:4e:f9:62:47:1d:b8:
88:ca:71:d9:8b:4c:36:24:fb:23:33:9e:c8:eb:e9:e5:1d:45:
bd:75:a0:f2:e5:66:48:0d:ae:7d:2d:0d:b4:b8:c6:fe:aa:2d:
6e:a7:58:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQFsKB77D4ihnM68eAm+avaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMDIzMTYzMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQ2MGNkNDQ5ZjI4MWMyOWZlOTcxZjViMzU0YmM3ZWFkZjYxZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLDrIDb/nGgQHNK/pAES+dzp42/h
ks9LUZqy1VrgceDO+J0xocEaXIBIW9rb7447ny0/7FlPIOg0QGpqmgD+ApjrtK4d
LV1FU10WvVb31vbmrsWhjTAl1acJboNpt/J1CiRwsnac+HABdiAW1oL+7hc3vg7C
1LkFB+YwZfYDX1phpMoNXeTh95IcN/reNJXZ4T9m4wnnO9knafNxsFKYHy5t5pSh
rIcvw+ULOroyjOec1Pm4Vqe7gDBy2w3YKOVYdlEh82a0tRT5luKm3u7E+JIQRQcq
Cy5P9Is4iXo3sditrFQr9lXdkX0t7kcxN3VSSblIqlr7VUWA5fFU81dY4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNBGDNRJ8oHCn+lx9bNUvH6t9h2tMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMEVZTTFFbnlnY0tmNlhIMXMxUzhmcTMySGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAcTeGahOre96x/h2X3PXKn6HIqkzikQSCLJxNt
+3avvWFq2I7Bs6brB0pj8mrBHc1GpkwsHW+LtcWWk2F3D9g1nVmCtO5/DlelOQqP
k6sxMpg/sY68xlJ0BJFfehuTO4Xiq74Zxg+uVMUn7Qk8xc3Mmqcy3Eu7Qaj0DmSg
/SqtEajEeji4q4eGNIo51SI/fatB6GIJ1GsVSB96IiZTfJrBxbV2fOfONFeJYBSm
VY5xyq2WbqLwZNdEopQqB8MXZ8bjX5x8Cobd40vjdYxVFM+ljkZO+WJHHbiIynHZ
i0w2JPsjM57I6+nlHUW9daDy5WZIDa59LQ20uMb+qi1up1iz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org