Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GhxAr8Dq0zPPYJKRYb9YjZ_sP-k.roa
File: GhxAr8Dq0zPPYJKRYb9YjZ_sP-k.roa (raw, json)
Hash identifier: J0fCBrBRi8w6mBvmlHwOdah4qgIAXFBFEzuPVXGQELE=
Subject key identifier: 1A:1C:40:AF:C0:EA:D3:33:CF:60:92:91:61:BF:58:8D:9F:EC:3F:E9
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 179EFCB5
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GhxAr8Dq0zPPYJKRYb9YjZ_sP-k.roa
Signing time: Sat 01 Jan 2022 13:03:27 +0000
ROA not before: Sat 01 Jan 2022 13:03:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 2a09:e1c1:efd0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396295349 (0x179efcb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a1c40afc0ead333cf60929161bf588d9fec3fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2e:ce:4e:7c:de:d3:19:25:2e:02:2b:18:d7:
c4:b0:c9:cd:37:2a:ce:20:82:45:39:5c:2e:1e:4c:
45:60:88:21:3b:87:d9:f8:81:03:f9:e0:be:c6:21:
22:76:9f:87:bd:b7:bf:ab:a3:6e:b4:cc:78:92:73:
ac:70:78:61:2a:14:50:40:e8:6e:38:bc:84:bb:61:
de:0d:ac:cd:78:58:6b:7c:12:91:c6:6c:20:83:82:
e9:b0:d6:7e:a5:c8:b2:2a:1d:ac:25:2e:3b:d0:bf:
64:d9:f6:6d:26:70:4b:cb:ba:6f:1e:04:c9:d2:24:
26:47:17:2a:54:f0:7f:14:4b:8b:35:20:4d:50:12:
1d:e2:c1:00:94:b5:a7:6e:82:d4:a1:d8:44:22:d3:
39:4d:03:34:0c:93:1c:5a:ba:4a:6c:a0:aa:e1:73:
7b:78:14:d4:be:d0:10:c1:53:86:c9:ce:18:df:6f:
9b:5b:d9:f3:af:6f:12:27:57:6e:c8:23:6d:48:b6:
da:99:16:15:3c:14:37:88:79:d3:80:c5:21:4c:6c:
97:b1:91:1b:2a:3c:4a:38:d3:34:1a:bf:91:cb:d6:
1e:0f:65:98:a3:f5:ac:c1:3c:03:d8:34:f0:7a:ce:
7e:eb:be:73:52:b0:aa:f6:79:98:72:61:fc:ab:39:
ae:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1C:40:AF:C0:EA:D3:33:CF:60:92:91:61:BF:58:8D:9F:EC:3F:E9
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GhxAr8Dq0zPPYJKRYb9YjZ_sP-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efd0::/44
Signature Algorithm: sha256WithRSAEncryption
6f:99:fa:18:01:bb:9e:06:2e:75:67:7b:7f:fc:9b:1d:89:25:
95:a5:73:89:6b:31:97:54:47:a5:d8:68:5c:f1:7d:db:a1:aa:
df:a5:54:d7:bf:91:b0:8d:40:a8:6e:bb:10:60:af:60:7b:1a:
b1:fa:55:03:d0:73:54:44:02:07:be:4d:08:8a:8a:a1:d3:1a:
30:5d:e8:51:21:21:99:10:d9:79:5a:61:f3:cd:14:c5:ef:bf:
24:1a:78:14:b5:87:65:61:15:57:68:c2:45:3c:bf:dc:d6:99:
62:08:fa:1c:31:1f:c3:e8:1b:91:c6:6a:44:4f:47:1b:e4:c9:
fc:e7:e1:62:33:ee:6b:65:33:32:1b:50:a9:d5:d1:82:10:cc:
be:f5:f1:f3:83:19:b8:ed:a7:6f:2e:32:cc:3c:a6:f4:f7:06:
50:1b:45:fe:dd:cd:9e:90:ba:27:97:40:d9:8b:4d:03:40:14:
39:14:5f:45:67:df:ec:8e:1a:21:56:a3:ad:81:39:fd:fd:9a:
71:50:f8:ee:0c:fa:d1:5f:1d:7c:9d:00:d1:91:52:72:c4:37:
6f:cb:75:9e:f5:30:6b:82:0f:a1:49:8d:7b:55:ee:04:74:30:
11:fc:52:04:ec:cf:5e:94:23:2e:a6:c2:8c:1f:93:1d:03:56:
e7:90:61:06
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEF578tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWExYzQwYWZjMGVh
ZDMzM2NmNjA5MjkxNjFiZjU4OGQ5ZmVjM2ZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYuzk583tMZJS4CKxjXxLDJzTcqziCCRTlcLh5MRWCIITuH
2fiBA/ngvsYhInafh723v6ujbrTMeJJzrHB4YSoUUEDobji8hLth3g2szXhYa3wS
kcZsIIOC6bDWfqXIsiodrCUuO9C/ZNn2bSZwS8u6bx4EydIkJkcXKlTwfxRLizUg
TVASHeLBAJS1p26C1KHYRCLTOU0DNAyTHFq6SmygquFze3gU1L7QEMFThsnOGN9v
m1vZ869vEidXbsgjbUi22pkWFTwUN4h504DFIUxsl7GRGyo8SjjTNBq/kcvWHg9l
mKP1rME8A9g08HrOfuu+c1KwqvZ5mHJh/Ks5rtsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQaHECvwOrTM89gkpFhv1iNn+w/6TAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L0doeEFyOERxMHpQUFlKS1JZYjlZalpfc1Atay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJ4cHv0DANBgkqhkiG9w0BAQsF
AAOCAQEAb5n6GAG7ngYudWd7f/ybHYkllaVziWsxl1RHpdhoXPF926Gq36VU17+R
sI1AqG67EGCvYHsasfpVA9BzVEQCB75NCIqKodMaMF3oUSEhmRDZeVph880Uxe+/
JBp4FLWHZWEVV2jCRTy/3NaZYgj6HDEfw+gbkcZqRE9HG+TJ/OfhYjPua2UzMhtQ
qdXRghDMvvXx84MZuO2nby4yzDym9PcGUBtF/t3NnpC6J5dA2YtNA0AUORRfRWff
7I4aIVajrYE5/f2acVD47gz60V8dfJ0A0ZFScsQ3b8t1nvUwa4IPoUmNe1XuBHQw
EfxSBOzPXpQjLqbCjB+THQNW55BhBg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org