Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bnK7oXUbXTmQqgu3-k528SELa8Q.roa
File: bnK7oXUbXTmQqgu3-k528SELa8Q.roa (raw, json)
Hash identifier: u8iVjE39ALr59VEdOpCm8yoeq+FmgXqUoP7J9f2Tkfc=
Subject key identifier: 6E:72:BB:A1:75:1B:5D:39:90:AA:0B:B7:FA:4E:76:F1:21:0B:6B:C4
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 078BFCDF
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bnK7oXUbXTmQqgu3-k528SELa8Q.roa
Signing time: Sat 01 Jan 2022 05:52:20 +0000
ROA not before: Sat 01 Jan 2022 05:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210932
IP address blocks: 2a0f:607:1500::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126614751 (0x78bfcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e72bba1751b5d3990aa0bb7fa4e76f1210b6bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:32:b1:18:d6:70:23:86:b7:57:44:87:bb:48:
a5:89:4a:9d:e6:56:8f:19:1e:52:f3:77:f2:b3:ba:
24:91:61:b7:09:6b:04:00:72:07:dc:f9:eb:b7:0c:
19:a9:2c:7d:0b:a3:13:0a:10:a8:d8:5d:32:2e:11:
75:38:20:9e:c7:6a:b9:be:79:dd:96:d5:ee:5e:ca:
57:7d:30:ce:f6:76:47:14:a2:6a:cf:8c:17:00:9a:
ed:b9:69:69:fb:d4:9f:67:ce:b6:32:78:5e:10:96:
26:59:fe:de:80:10:e1:84:a7:98:86:4e:47:8e:26:
61:b7:e2:5d:40:57:29:c3:d5:08:42:16:2b:ac:df:
34:dc:4b:c5:4a:86:49:5b:42:33:ea:f9:bb:79:db:
29:e6:f7:19:51:1f:ac:15:89:ef:5e:be:87:90:09:
bd:a3:67:e5:2f:1d:62:ef:3f:0b:06:d4:d0:e4:5d:
a7:24:ce:f7:d1:ec:89:ad:91:24:2b:a7:5c:dd:ac:
5c:b0:cf:9d:84:37:f5:48:62:c4:92:d4:d4:23:79:
72:74:fa:9c:3a:87:36:08:93:cc:44:2f:7e:0f:ea:
5f:46:5f:c6:9f:a5:d5:d4:a7:ab:00:20:6d:08:b7:
99:36:f9:9d:45:69:57:fa:73:67:6d:8c:63:08:65:
26:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:72:BB:A1:75:1B:5D:39:90:AA:0B:B7:FA:4E:76:F1:21:0B:6B:C4
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bnK7oXUbXTmQqgu3-k528SELa8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1500::/44
Signature Algorithm: sha256WithRSAEncryption
9d:4a:0a:97:33:18:a5:36:25:a8:6d:81:60:0a:1e:fa:12:22:
b6:1e:6f:1a:bf:5b:5c:10:4a:b4:53:05:94:e5:5c:58:ed:18:
63:3c:39:5f:1b:52:07:c0:57:61:d9:bc:8b:72:d2:03:9f:64:
17:f6:b2:74:72:e8:ed:a8:57:3c:2d:59:da:b4:92:ba:7c:04:
d9:f4:27:88:a8:8f:fe:01:9d:04:d0:33:30:c7:7d:c0:cc:24:
2c:0c:54:00:d5:b4:ea:1a:3c:e1:38:1a:82:53:af:cc:a9:33:
f7:ee:ff:a5:f2:63:f5:5a:c7:eb:8d:99:93:48:05:e8:3f:c2:
55:a1:d1:26:a6:69:6f:17:cb:30:86:65:1e:7c:2b:d5:f1:e4:
47:c6:dc:ab:c0:01:7a:44:5a:b7:dd:7b:6f:df:b1:e9:78:56:
0d:f6:04:49:68:e6:fc:b3:20:19:4b:4a:5c:30:cf:44:a2:4f:
bc:2a:24:9c:45:34:1b:89:cc:18:04:98:ef:51:26:db:1d:72:
8b:81:13:55:0f:4a:d5:8e:fe:bd:e5:9c:0a:4d:9f:6c:83:05:
1e:f2:89:5e:bc:da:31:c0:21:db:78:4c:53:98:53:0c:29:89:
0b:b0:cf:bb:9c:39:f1:48:23:63:8b:ce:58:d6:6e:ee:c9:97:
77:81:1c:22
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB4v83zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDEw
MTA1NTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU3MmJiYTE3NTFi
NWQzOTkwYWEwYmI3ZmE0ZTc2ZjEyMTBiNmJjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUysRjWcCOGt1dEh7tIpYlKneZWjxkeUvN38rO6JJFhtwlr
BAByB9z567cMGaksfQujEwoQqNhdMi4RdTggnsdqub553ZbV7l7KV30wzvZ2RxSi
as+MFwCa7blpafvUn2fOtjJ4XhCWJln+3oAQ4YSnmIZOR44mYbfiXUBXKcPVCEIW
K6zfNNxLxUqGSVtCM+r5u3nbKeb3GVEfrBWJ716+h5AJvaNn5S8dYu8/CwbU0ORd
pyTO99Hsia2RJCunXN2sXLDPnYQ39UhixJLU1CN5cnT6nDqHNgiTzEQvfg/qX0Zf
xp+l1dSnqwAgbQi3mTb5nUVpV/pzZ22MYwhlJpcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRucruhdRtdOZCqC7f6TnbxIQtrxDAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L2JuSzdvWFViWFRtUXFndTMtazUyOFNFTGE4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoPBgcVADANBgkqhkiG9w0BAQsF
AAOCAQEAnUoKlzMYpTYlqG2BYAoe+hIith5vGr9bXBBKtFMFlOVcWO0YYzw5XxtS
B8BXYdm8i3LSA59kF/aydHLo7ahXPC1Z2rSSunwE2fQniKiP/gGdBNAzMMd9wMwk
LAxUANW06ho84TgaglOvzKkz9+7/pfJj9VrH642Zk0gF6D/CVaHRJqZpbxfLMIZl
Hnwr1fHkR8bcq8ABekRat917b9+x6XhWDfYESWjm/LMgGUtKXDDPRKJPvCoknEU0
G4nMGASY71Em2x1yi4ETVQ9K1Y7+veWcCk2fbIMFHvKJXrzaMcAh23hMU5hTDCmJ
C7DPu5w58UgjY4vOWNZu7smXd4EcIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:28 2023 by rpki-client on console-fra.rpki-client.org