Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/jBVCg0LSnfguQ11uuedJWyLYVtE.roa
File: jBVCg0LSnfguQ11uuedJWyLYVtE.roa (raw, json)
Hash identifier: 2Y8JMmu0w+kMdMqM9XzCniXbGev1+GAXjx4Dnjfg43o=
Subject key identifier: 8C:15:42:83:42:D2:9D:F8:2E:43:5D:6E:B9:E7:49:5B:22:D8:56:D1
Certificate issuer: /CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Certificate serial: 0282E356
Authority key identifier: 3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/jBVCg0LSnfguQ11uuedJWyLYVtE.roa
Signing time: Thu 02 Jun 2022 16:43:20 +0000
ROA not before: Thu 02 Jun 2022 16:43:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 2a11:1680:21::/48 maxlen: 48
2a11:1680:11::/48 maxlen: 48
2a11:1680:19::/48 maxlen: 48
2a11:1680:12::/48 maxlen: 48
2a11:1680:22::/48 maxlen: 48
2a11:1680:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42132310 (0x282e356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Validity
Not Before: Jun 2 16:43:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c15428342d29df82e435d6eb9e7495b22d856d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:ea:a8:3d:3b:e9:5a:e6:6c:49:cb:fd:9c:
63:ab:05:43:bc:34:a9:13:bf:1b:08:99:ec:da:7c:
f1:61:1b:7d:15:cd:87:63:86:07:c9:f7:60:ef:96:
d0:fa:ee:cc:ce:65:e7:02:c3:21:41:60:a6:7d:bc:
9b:43:ca:6d:f8:fa:bb:0a:55:78:a5:06:66:68:3b:
7c:48:cc:aa:82:82:26:ca:6c:56:56:1d:5a:dd:99:
67:34:24:5f:25:4f:0f:af:e3:ee:61:6b:7d:ff:1a:
26:b1:e8:5b:8d:a8:5d:19:ff:58:31:e0:10:1f:49:
94:2a:4f:8b:02:7e:1f:e3:81:b1:e0:89:51:88:e7:
f6:49:6f:05:26:ef:a1:9c:4e:ed:86:d7:37:b3:ff:
a6:1f:ab:09:2d:8e:08:d0:ac:e6:90:46:35:db:dd:
a7:ed:b6:cb:65:27:c7:9a:81:c7:84:73:fd:ca:01:
62:66:18:c2:2d:17:4a:a1:6e:08:08:db:4c:29:a4:
f4:36:3e:a7:b9:b4:64:59:9f:61:17:bd:83:e7:51:
dd:9c:c5:62:06:7c:f0:1a:c4:3b:40:a7:8c:21:ca:
64:a6:bd:9f:be:24:03:22:52:9e:0e:f2:36:66:3a:
b0:71:51:77:18:63:4b:3f:a2:46:84:cf:31:cc:6d:
c7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:15:42:83:42:D2:9D:F8:2E:43:5D:6E:B9:E7:49:5B:22:D8:56:D1
X509v3 Authority Key Identifier:
keyid:3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/jBVCg0LSnfguQ11uuedJWyLYVtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1680:11::-2a11:1680:12:ffff:ffff:ffff:ffff:ffff
2a11:1680:19::/48
2a11:1680:20::-2a11:1680:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:71:f8:21:0f:6d:3f:00:25:a1:79:ee:ef:fc:a5:90:fc:97:
58:f3:8c:a1:f7:cc:2f:a8:f9:93:43:d4:8e:ca:75:6f:d5:e1:
4a:cf:cf:ea:35:55:af:89:94:02:a2:fe:8c:15:2d:6d:82:f6:
51:dd:b6:23:3d:80:8a:a6:56:52:4d:9a:24:e6:84:ee:1e:44:
8f:15:5a:a3:85:80:99:50:bb:66:7c:ab:51:2d:af:a2:6c:db:
8a:91:2f:d8:c5:ae:56:ff:57:89:47:53:b6:44:63:61:fa:20:
d0:e7:fb:de:19:86:bc:0f:d3:42:5c:71:d3:73:b0:de:53:a4:
4b:45:02:64:39:e8:a4:f1:08:0c:7e:16:f9:ea:dd:df:a0:2e:
fc:11:ec:f0:4a:77:61:48:04:9d:26:2b:ea:89:7f:fd:3e:5d:
11:5b:c2:64:0b:c5:79:0a:b5:75:67:64:4c:0f:5f:d3:d1:39:
87:79:c4:a6:81:32:1b:6e:9c:e6:53:bf:c2:a7:dc:3d:9c:d9:
9d:1e:69:d9:76:05:fc:54:8d:76:a2:ce:84:8a:c4:c8:27:fb:
90:93:74:b6:5c:de:74:7e:af:70:67:a7:57:f7:8e:6c:a2:fa:
d6:46:be:26:ba:86:c2:02:48:ed:75:a4:37:0b:78:4d:70:6d:
87:1d:60:26
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEAoLjVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDkyYmMwNDVhYjljYzlmMDE3ZThiZjdmZmU0MjNkYTgwNGE2MTRmMB4XDTIyMDYw
MjE2NDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMxNTQyODM0MmQy
OWRmODJlNDM1ZDZlYjllNzQ5NWIyMmQ4NTZkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTv6qg9O+la5mxJy/2cY6sFQ7w0qRO/GwiZ7Np88WEbfRXN
h2OGB8n3YO+W0PruzM5l5wLDIUFgpn28m0PKbfj6uwpVeKUGZmg7fEjMqoKCJsps
VlYdWt2ZZzQkXyVPD6/j7mFrff8aJrHoW42oXRn/WDHgEB9JlCpPiwJ+H+OBseCJ
UYjn9klvBSbvoZxO7YbXN7P/ph+rCS2OCNCs5pBGNdvdp+22y2Unx5qBx4Rz/coB
YmYYwi0XSqFuCAjbTCmk9DY+p7m0ZFmfYRe9g+dR3ZzFYgZ88BrEO0CnjCHKZKa9
n74kAyJSng7yNmY6sHFRdxhjSz+iRoTPMcxtx1cCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBSMFUKDQtKd+C5DXW6550lbIthW0TAfBgNVHSMEGDAWgBQ9krwEWrnMnwF+
i/f/5CPagEphTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BaSzhCRnE1eko4QmZvdjNfLVFqMm9CS1lVOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMzYyNmRjLTIyMWYtNGI5YS1iYjY4LTNlMzgxMmZmYTE0Ny8x
L2pCVkNnMExTbmZndVExMXV1ZWRKV3lMWVZ0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MzYyNmRjLTIyMWYtNGI5YS1iYjY4LTNlMzgxMmZmYTE0Ny8xL1BaSzhCRnE1eko4
QmZvdjNfLVFqMm9CS1lVOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwNwQCAAIwMTASAwcAKhEWgAARAwcAKhEWgAASAwcA
KhEWgAAZMBIDBwUqERaAACADBwAqERaAACIwDQYJKoZIhvcNAQELBQADggEBAChx
+CEPbT8AJaF57u/8pZD8l1jzjKH3zC+o+ZND1I7KdW/V4UrPz+o1Va+JlAKi/owV
LW2C9lHdtiM9gIqmVlJNmiTmhO4eRI8VWqOFgJlQu2Z8q1Etr6Js24qRL9jFrlb/
V4lHU7ZEY2H6INDn+94ZhrwP00JccdNzsN5TpEtFAmQ56KTxCAx+Fvnq3d+gLvwR
7PBKd2FIBJ0mK+qJf/0+XRFbwmQLxXkKtXVnZEwPX9PROYd5xKaBMhtunOZTv8Kn
3D2c2Z0eadl2BfxUjXaizoSKxMgn+5CTdLZc3nR+r3Bnp1f3jmyi+tZGvia6hsIC
SO11pDcLeE1wbYcdYCY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:21 2023 by rpki-client on console-ams.rpki-client.org