Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Sbl3TbkRuwBxFvvQfdURvfMZdpU.roa
File: Sbl3TbkRuwBxFvvQfdURvfMZdpU.roa (raw, json)
Hash identifier: dxT+2Cn88LZP/ftzO+BvyVmrMKRomGVNaftA+VV9/KE=
Subject key identifier: 49:B9:77:4D:B9:11:BB:00:71:16:FB:D0:7D:D5:11:BD:F3:19:76:95
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 1791707C
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Sbl3TbkRuwBxFvvQfdURvfMZdpU.roa
Signing time: Sat 01 Jan 2022 13:03:20 +0000
ROA not before: Sat 01 Jan 2022 13:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62874
IP address blocks: 2a00:f826:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395407484 (0x1791707c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49b9774db911bb007116fbd07dd511bdf3197695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f1:9f:d5:d6:f3:c6:25:0b:eb:68:97:bf:70:
55:23:ec:77:a9:21:d1:95:ed:ac:a0:b1:e3:3b:68:
5b:3b:5e:bc:fb:1d:34:b0:dc:43:83:61:f1:fd:85:
4a:4d:7b:5a:f9:42:c1:3f:d2:62:04:7a:55:1e:6f:
26:5e:1a:17:ae:f1:59:fb:c2:91:3a:b7:3b:2f:ee:
90:36:a4:69:2f:5e:91:fb:c5:28:bf:ca:ea:b6:51:
46:f8:ca:a5:4a:2d:95:e7:12:71:da:27:73:6c:ef:
16:44:f3:67:34:75:17:a9:f0:5f:db:17:03:53:b3:
f7:fc:2c:9f:b8:cb:f6:e5:78:be:06:9a:d2:e6:40:
35:fa:27:03:8f:f0:0b:b6:fd:94:11:29:69:9f:dc:
73:e2:04:73:40:14:a6:d1:b0:e9:55:a4:da:6c:3b:
06:f5:0d:0c:58:d9:d8:0e:a5:40:c0:c6:b0:c3:c0:
ad:d3:4a:4c:f8:ba:83:c2:46:ae:77:fd:a0:cc:74:
d7:85:90:25:c0:ea:fe:68:a9:fb:5a:61:26:db:3d:
39:4c:f4:5a:02:29:a7:98:85:1f:f1:c7:81:71:32:
c8:c1:3f:47:d7:72:6b:5f:ae:a9:01:d3:ce:62:d0:
3f:0e:4a:dd:fc:7a:d0:b1:e5:01:eb:8a:1b:d8:3b:
d7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B9:77:4D:B9:11:BB:00:71:16:FB:D0:7D:D5:11:BD:F3:19:76:95
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Sbl3TbkRuwBxFvvQfdURvfMZdpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f826:11::/48
Signature Algorithm: sha256WithRSAEncryption
04:bb:11:d0:4b:1e:cf:34:74:0b:c5:fd:f8:4c:72:20:f0:6d:
01:c7:44:e6:9a:e7:a0:b8:e4:d1:9a:17:e3:58:eb:06:e9:0b:
18:4b:f5:0c:f4:80:31:59:a1:aa:58:d0:45:cb:90:e9:0c:8e:
09:a6:62:fe:36:5a:c6:06:87:99:95:a6:bb:68:0a:30:37:af:
e0:33:75:54:85:22:18:97:76:78:b0:b1:1a:93:b7:a5:63:4a:
c8:32:51:d1:9a:73:fa:7a:d2:c5:78:88:31:1a:b5:38:93:11:
75:75:ff:67:6c:45:eb:e0:11:17:dd:fe:36:8f:f4:ca:6c:66:
9d:08:e8:f0:88:5c:1a:f0:ff:34:9a:e7:32:46:d7:ef:d6:73:
b8:c2:65:7c:c7:f7:9a:3f:c6:3e:ca:80:99:99:d6:b9:75:f3:
fb:5a:02:fd:77:a5:0d:00:ab:1c:d5:97:4c:9c:2a:b7:06:df:
d8:15:ce:1a:fc:ad:ff:2a:30:d2:8e:56:cd:d0:a3:bb:99:a1:
d1:87:bf:eb:20:c6:1a:fa:ac:57:1b:1c:bf:69:49:df:3d:dc:
e6:2b:7b:5c:ef:fc:95:da:05:0d:e1:23:f5:e8:6c:28:91:05:
f1:d0:e1:c2:94:15:ad:86:56:41:f0:dd:02:21:71:ef:49:a7:
93:18:c4:e6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEF5FwfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDliOTc3NGRiOTEx
YmIwMDcxMTZmYmQwN2RkNTExYmRmMzE5NzY5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrxn9XW88YlC+tol79wVSPsd6kh0ZXtrKCx4ztoWztevPsd
NLDcQ4Nh8f2FSk17WvlCwT/SYgR6VR5vJl4aF67xWfvCkTq3Oy/ukDakaS9ekfvF
KL/K6rZRRvjKpUotlecScdonc2zvFkTzZzR1F6nwX9sXA1Oz9/wsn7jL9uV4vgaa
0uZANfonA4/wC7b9lBEpaZ/cc+IEc0AUptGw6VWk2mw7BvUNDFjZ2A6lQMDGsMPA
rdNKTPi6g8JGrnf9oMx014WQJcDq/mip+1phJts9OUz0WgIpp5iFH/HHgXEyyME/
R9dya1+uqQHTzmLQPw5K3fx60LHlAeuKG9g7150CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRJuXdNuRG7AHEW+9B91RG98xl2lTAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L1NibDNUYmtSdXdCeEZ2dlFmZFVSdmZNWmRwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA+CYAETANBgkqhkiG9w0BAQsF
AAOCAQEABLsR0EsezzR0C8X9+ExyIPBtAcdE5prnoLjk0ZoX41jrBukLGEv1DPSA
MVmhqljQRcuQ6QyOCaZi/jZaxgaHmZWmu2gKMDev4DN1VIUiGJd2eLCxGpO3pWNK
yDJR0Zpz+nrSxXiIMRq1OJMRdXX/Z2xF6+ARF93+No/0ymxmnQjo8IhcGvD/NJrn
MkbX79ZzuMJlfMf3mj/GPsqAmZnWuXXz+1oC/XelDQCrHNWXTJwqtwbf2BXOGvyt
/yow0o5WzdCju5mh0Ye/6yDGGvqsVxscv2lJ3z3c5it7XO/8ldoFDeEj9ehsKJEF
8dDhwpQVrYZWQfDdAiFx70mnkxjE5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org