Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/UZjki_yFKlg_AIna8XoZs2ntBbk.roa
File: UZjki_yFKlg_AIna8XoZs2ntBbk.roa (raw, json)
Hash identifier: OS/+O7ReP0mqILeK8wWq/mDz2iT5csBcWe/49QIpP1o=
Subject key identifier: 51:98:E4:8B:FC:85:2A:58:3F:00:89:DA:F1:7A:19:B3:69:ED:05:B9
Certificate issuer: /CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Certificate serial: 126F8902
Authority key identifier: DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/UZjki_yFKlg_AIna8XoZs2ntBbk.roa
Signing time: Sat 01 Jan 2022 10:00:28 +0000
ROA not before: Sat 01 Jan 2022 10:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a0a:2b00:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309299458 (0x126f8902)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Validity
Not Before: Jan 1 10:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5198e48bfc852a583f0089daf17a19b369ed05b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:7f:67:ee:bc:ed:9a:cc:86:f0:3a:d7:dd:
04:58:32:83:2b:91:96:d5:18:a0:32:66:81:60:55:
5f:5a:9e:18:e1:47:57:d5:0d:a5:1b:9e:c1:d0:19:
d5:5c:6a:44:88:d7:7e:c7:0d:cb:50:9c:9b:14:c6:
a2:2f:ee:48:2a:b1:fb:91:82:a7:9d:31:40:dc:dd:
a4:78:66:fb:c2:7e:3e:79:39:9a:11:b8:95:46:98:
81:30:22:08:c5:68:f7:c5:ef:dc:64:c3:c3:b0:df:
d9:34:b5:a4:e0:0b:7b:b5:72:91:2c:1e:42:45:bc:
8b:bf:a5:3b:61:29:d1:af:f2:36:3f:34:b2:e6:61:
12:be:0e:2d:36:04:18:87:48:ed:76:6b:4e:bf:a0:
6e:44:08:5e:85:ad:10:da:39:ef:91:d4:a9:6c:30:
2e:41:e7:01:b2:11:0b:fc:24:23:c2:11:4b:fe:e5:
52:18:f1:aa:43:89:27:8a:ec:65:26:91:e9:93:80:
9e:41:6a:96:43:57:21:7c:f1:42:90:11:e4:3b:55:
d7:8e:88:ad:1a:c4:92:74:f9:34:37:e4:6e:71:65:
9a:56:25:c3:f7:65:a7:e1:97:fa:04:0c:6b:b5:2b:
ef:e3:b1:bc:26:39:11:b9:50:f4:62:6a:0c:c4:9f:
43:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:98:E4:8B:FC:85:2A:58:3F:00:89:DA:F1:7A:19:B3:69:ED:05:B9
X509v3 Authority Key Identifier:
keyid:DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/UZjki_yFKlg_AIna8XoZs2ntBbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2b00:20::/48
Signature Algorithm: sha256WithRSAEncryption
39:d6:c2:69:b9:d4:a2:61:6a:dc:c0:2a:0c:9a:19:14:d0:1c:
32:19:75:e3:93:21:3c:91:02:b9:4c:fb:49:29:bb:ff:66:a4:
7b:56:bd:a4:fb:03:78:23:14:77:2a:ae:c5:64:67:13:9e:a4:
56:8d:9b:1b:96:ea:d9:5b:15:7e:da:78:44:4b:d8:a8:e3:ab:
2e:59:53:b3:6a:c7:0a:41:9f:96:2d:51:92:1e:a9:a5:aa:db:
22:2f:00:b2:94:0f:86:55:84:a2:32:67:50:bd:36:42:36:4e:
60:e0:ae:93:4f:dc:db:40:67:6f:b4:38:55:39:82:38:27:91:
c6:ba:64:cf:7d:72:b7:30:51:17:ef:4e:5f:4f:e9:ef:bc:47:
f4:2e:ce:56:a7:9e:9c:75:09:91:6e:cf:f1:14:95:57:88:6f:
f9:87:b1:79:1b:b6:7f:cc:15:b1:56:fd:82:9e:07:00:f8:1b:
24:99:10:6c:95:2a:d7:a1:04:d5:41:b0:83:9f:ef:7e:52:d1:
8f:8e:38:e9:57:60:99:51:30:17:d7:d5:41:fe:f7:44:cb:54:
cb:a4:a3:8b:c2:e0:6f:0c:b3:12:00:32:ae:bd:6e:ff:75:b1:
18:e4:bc:ed:32:32:62:73:f1:d2:a2:0f:be:c6:4d:d9:af:6f:
54:01:1f:c7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEm+JAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmI4ZmYyZjNhMGJmYzQxZWFkYzE4YWY5ZTUyYWNkMTAwNTI0MTQ5MB4XDTIyMDEw
MTEwMDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE5OGU0OGJmYzg1
MmE1ODNmMDA4OWRhZjE3YTE5YjM2OWVkMDViOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9Zf2fuvO2azIbwOtfdBFgygyuRltUYoDJmgWBVX1qeGOFH
V9UNpRuewdAZ1VxqRIjXfscNy1CcmxTGoi/uSCqx+5GCp50xQNzdpHhm+8J+Pnk5
mhG4lUaYgTAiCMVo98Xv3GTDw7Df2TS1pOALe7VykSweQkW8i7+lO2Ep0a/yNj80
suZhEr4OLTYEGIdI7XZrTr+gbkQIXoWtENo575HUqWwwLkHnAbIRC/wkI8IRS/7l
UhjxqkOJJ4rsZSaR6ZOAnkFqlkNXIXzxQpAR5DtV146IrRrEknT5NDfkbnFlmlYl
w/dlp+GX+gQMa7Ur7+OxvCY5EblQ9GJqDMSfQ3MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRRmOSL/IUqWD8Aidrxehmzae0FuTAfBgNVHSMEGDAWgBTfuP8vOgv8Qerc
GK+eUqzRAFJBSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM3al9Mem9MX0VIcTNCaXZubEtzMFFCU1FVay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNmI4N2FmLWEyMTItNDgwZC1hNGQ0LWEzZGYzYjY5Y2U1YS8x
L1VaamtpX3lGS2xnX0FJbmE4WG9aczJudEJiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NmI4N2FmLWEyMTItNDgwZC1hNGQ0LWEzZGYzYjY5Y2U1YS8xLzM3al9Mem9MX0VI
cTNCaXZubEtzMFFCU1FVay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoKKwAAIDANBgkqhkiG9w0BAQsF
AAOCAQEAOdbCabnUomFq3MAqDJoZFNAcMhl145MhPJECuUz7SSm7/2ake1a9pPsD
eCMUdyquxWRnE56kVo2bG5bq2VsVftp4REvYqOOrLllTs2rHCkGfli1Rkh6pparb
Ii8AspQPhlWEojJnUL02QjZOYOCuk0/c20Bnb7Q4VTmCOCeRxrpkz31ytzBRF+9O
X0/p77xH9C7OVqeenHUJkW7P8RSVV4hv+YexeRu2f8wVsVb9gp4HAPgbJJkQbJUq
16EE1UGwg5/vflLRj4446VdgmVEwF9fVQf73RMtUy6Sji8LgbwyzEgAyrr1u/3Wx
GOS87TIyYnPx0qIPvsZN2a9vVAEfxw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:52 2023 by rpki-client on console-ams.rpki-client.org