Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/Za1jAlmj5jHGEnbDFUAAc2NbxoE.roa
File: Za1jAlmj5jHGEnbDFUAAc2NbxoE.roa (raw, json)
Hash identifier: bGLJ3sFcRpgbTcNnsFAqyBLRYHAZ3eQ2MK4JySvG9N0=
Subject key identifier: 65:AD:63:02:59:A3:E6:31:C6:12:76:C3:15:40:00:73:63:5B:C6:81
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 088F5BC7
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/Za1jAlmj5jHGEnbDFUAAc2NbxoE.roa
Signing time: Thu 21 Apr 2022 09:09:48 +0000
ROA not before: Thu 21 Apr 2022 09:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:607:1070::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143612871 (0x88f5bc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Apr 21 09:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65ad630259a3e631c61276c315400073635bc681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:33:aa:50:9d:c8:e1:ee:d6:ce:37:60:99:9d:
ca:f9:97:0b:a7:10:33:58:af:f1:9f:82:24:92:fb:
3f:da:37:e9:63:65:66:5a:46:f7:1e:91:bb:1d:65:
3b:a0:3f:b3:f9:38:6c:cd:c6:2f:c8:c8:1f:95:05:
2d:2e:4f:77:6e:e0:85:19:29:ab:dc:c9:7b:f8:4c:
3c:82:de:a9:7b:f8:92:13:5b:d8:c0:53:e6:85:3c:
98:67:a2:03:18:72:2d:7f:d0:23:1d:07:d7:8a:73:
76:7d:86:fe:50:82:da:be:5b:71:10:8b:98:f5:95:
87:a5:49:79:ba:94:b8:6f:9f:45:94:ee:72:f3:09:
b9:1b:70:c7:65:ca:2c:86:b3:42:7b:f4:36:44:54:
41:af:ef:17:a3:e4:11:1e:55:ed:a5:36:cd:69:f8:
85:c2:4a:64:9b:03:54:05:b7:56:91:1d:a1:74:e1:
fc:82:d0:16:a8:6b:91:84:ca:25:28:b1:ef:2b:ed:
a5:c7:48:37:dc:8d:da:87:ab:99:d1:2c:52:52:32:
44:dd:7d:91:9d:58:ab:cf:69:6f:3c:67:bb:01:f4:
44:fa:bd:33:c1:c9:75:1f:3f:df:03:68:90:d3:02:
17:eb:67:70:fe:61:fe:05:a3:5d:e4:9e:9a:84:64:
38:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AD:63:02:59:A3:E6:31:C6:12:76:C3:15:40:00:73:63:5B:C6:81
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/Za1jAlmj5jHGEnbDFUAAc2NbxoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1070::/48
Signature Algorithm: sha256WithRSAEncryption
2a:3c:0d:7a:fc:a1:32:a2:f7:60:14:5b:dc:b6:0d:38:3f:82:
dd:93:14:a2:e8:f9:06:6f:93:53:88:1a:21:30:55:9f:f3:e0:
94:c2:2d:06:84:d3:ea:67:83:f1:a2:34:17:35:f1:11:e3:f8:
e3:8f:7a:0d:71:d4:f9:43:e2:77:26:16:bf:dd:7b:01:34:4a:
2f:4e:55:40:50:2e:42:62:3c:90:eb:96:ad:db:bb:78:cc:3f:
86:48:a9:df:95:e1:19:a3:48:13:3f:bf:82:f4:e3:6e:18:33:
fd:7c:5f:2a:e4:d7:07:73:e1:78:ab:59:cc:ce:da:1d:24:89:
28:24:08:63:a3:5b:79:f3:77:57:18:d8:ae:f3:11:fc:32:07:
78:f0:d2:3f:b8:52:78:6e:b8:d6:a5:b1:09:a7:6d:42:05:c6:
21:1b:ba:47:6d:5f:0c:40:09:91:21:5e:35:40:3d:4e:ec:39:
84:2e:5c:fe:26:f7:ae:23:58:54:20:f7:a4:f7:8d:b9:35:e2:
e4:80:50:29:c6:d2:f5:91:73:cc:e9:a0:34:0c:28:f4:d6:a2:
a9:6b:66:b0:0b:87:16:61:1b:f0:7f:77:3d:76:c8:09:c0:22:
70:d7:50:30:ce:3a:b1:e9:9b:eb:34:8e:ed:c7:8c:8d:7e:03:
65:de:35:ef
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECI9bxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDQy
MTA5MDk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVhZDYzMDI1OWEz
ZTYzMWM2MTI3NmMzMTU0MDAwNzM2MzViYzY4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEzqlCdyOHu1s43YJmdyvmXC6cQM1iv8Z+CJJL7P9o36WNl
ZlpG9x6Rux1lO6A/s/k4bM3GL8jIH5UFLS5Pd27ghRkpq9zJe/hMPILeqXv4khNb
2MBT5oU8mGeiAxhyLX/QIx0H14pzdn2G/lCC2r5bcRCLmPWVh6VJebqUuG+fRZTu
cvMJuRtwx2XKLIazQnv0NkRUQa/vF6PkER5V7aU2zWn4hcJKZJsDVAW3VpEdoXTh
/ILQFqhrkYTKJSix7yvtpcdIN9yN2oermdEsUlIyRN19kZ1Yq89pbzxnuwH0RPq9
M8HJdR8/3wNokNMCF+tncP5h/gWjXeSemoRkOB8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRlrWMCWaPmMcYSdsMVQABzY1vGgTAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L1phMWpBbG1qNWpIR0VuYkRGVUFBYzJOYnhvRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPBgcQcDANBgkqhkiG9w0BAQsF
AAOCAQEAKjwNevyhMqL3YBRb3LYNOD+C3ZMUouj5Bm+TU4gaITBVn/PglMItBoTT
6meD8aI0FzXxEeP44496DXHU+UPidyYWv917ATRKL05VQFAuQmI8kOuWrdu7eMw/
hkip35XhGaNIEz+/gvTjbhgz/XxfKuTXB3PheKtZzM7aHSSJKCQIY6NbefN3VxjY
rvMR/DIHePDSP7hSeG641qWxCadtQgXGIRu6R21fDEAJkSFeNUA9Tuw5hC5c/ib3
riNYVCD3pPeNuTXi5IBQKcbS9ZFzzOmgNAwo9NaiqWtmsAuHFmEb8H93PXbICcAi
cNdQMM46semb6zSO7ceMjX4DZd417w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:28 2023 by rpki-client on console-fra.rpki-client.org