Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mdZE19cAAz8JHUFYVur7qHAtn8M.roa
File: mdZE19cAAz8JHUFYVur7qHAtn8M.roa (raw, json)
Hash identifier: jxo8CcXdU7ulYJaootSyqdB9CHFZOdOcG06tBqDnDoI=
Subject key identifier: 99:D6:44:D7:D7:00:03:3F:09:1D:41:58:56:EA:FB:A8:70:2D:9F:C3
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 054F5300
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mdZE19cAAz8JHUFYVur7qHAtn8M.roa
Signing time: Sat 01 Jan 2022 06:56:02 +0000
ROA not before: Sat 01 Jan 2022 06:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4785
IP address blocks: 2a06:5040:13::/48 maxlen: 48
2a06:5040:11::/48 maxlen: 48
2a06:5040:14::/48 maxlen: 48
2a06:5040:12::/48 maxlen: 48
2a06:5040:5::/48 maxlen: 48
2a06:5040:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89084672 (0x54f5300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 06:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99d644d7d700033f091d415856eafba8702d9fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:07:9a:7c:dd:f3:d8:54:ce:b2:ae:02:ec:
96:08:de:21:39:89:48:c7:c8:3b:98:d0:21:05:90:
f2:b1:c5:47:e4:c0:7a:a4:ba:e5:95:26:0e:b1:f3:
b3:11:5b:31:02:89:f1:16:1a:11:bb:8c:7a:b8:81:
1d:da:55:ed:02:30:db:79:7a:1c:af:bf:21:af:b5:
e9:b3:50:73:25:e6:6e:c7:f4:9f:1e:76:70:0f:31:
5a:03:89:a4:19:de:36:5f:58:b8:1d:cb:4f:49:99:
4f:ab:9c:d0:80:4d:21:ac:04:fe:c0:9f:8d:40:78:
52:f1:a9:f1:17:0e:5a:a4:54:0c:7f:e3:1b:60:8f:
06:3e:bb:18:8d:5f:5d:f6:f2:70:40:59:e8:bd:97:
5d:94:ee:6d:7c:03:46:4d:6c:b0:7f:7d:53:24:fd:
8f:74:83:eb:bf:8d:0f:ad:96:c5:1e:66:0b:c8:37:
c7:22:07:fc:e1:a0:c7:29:08:29:5b:aa:60:48:6f:
0f:bd:d2:9a:fb:39:2a:27:68:3d:1f:bc:a8:e2:6b:
f9:72:88:58:5e:ee:00:af:b5:d3:41:2d:55:92:27:
e4:bb:94:8b:c0:5b:6a:5c:18:36:dd:9d:6b:29:20:
01:0d:42:31:de:29:8a:2b:44:6e:1e:90:1f:50:1c:
76:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D6:44:D7:D7:00:03:3F:09:1D:41:58:56:EA:FB:A8:70:2D:9F:C3
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mdZE19cAAz8JHUFYVur7qHAtn8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5040:5::/48
2a06:5040:10::-2a06:5040:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:93:a5:8e:19:71:87:f0:53:48:cc:50:9b:b9:45:c1:8b:f6:
a7:ee:84:81:eb:ef:e0:3d:f3:b4:d4:c7:8f:7d:0a:93:a6:21:
ac:97:d9:ee:93:4e:b2:48:00:6e:bd:d1:64:9e:98:aa:0e:f5:
6d:d2:bf:19:a7:8b:60:8a:48:1e:8b:41:44:e9:98:ae:c5:d0:
cd:b3:45:36:67:46:50:c9:94:dd:fa:d8:91:cb:94:22:04:77:
1e:6f:bd:50:67:45:c4:13:86:56:b1:a9:13:52:18:f6:ee:59:
b7:4d:7d:32:52:ed:24:66:81:43:74:81:57:b8:db:33:21:c9:
c6:3c:f9:3b:90:4a:b3:3a:7a:53:bf:9d:d9:36:82:72:92:ed:
e3:46:4e:f6:67:32:b6:81:df:f7:8c:5d:c8:3e:4f:e5:a2:4b:
e4:2b:b7:1b:2a:2e:5a:8e:ac:5e:43:a9:97:35:c2:ae:90:f1:
cf:fa:1b:83:87:3b:68:a6:14:11:49:7e:ec:df:7f:aa:36:4b:
5a:04:1c:23:97:8d:4b:a8:9a:fb:32:46:a6:35:a6:e3:df:85:
ae:92:08:07:bf:82:2a:74:0b:68:e6:f7:d2:d1:bc:f1:b1:2f:
73:2c:0b:58:cc:fa:21:0b:a8:48:9c:15:b1:15:cb:95:ab:c1:
ec:17:3c:a3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBU9TADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjJkZDlmZTYyOGI2YmMxMDE0MWRlMDI0MTc2NmExYjdhNjMxOTNmMB4XDTIyMDEw
MTA2NTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlkNjQ0ZDdkNzAw
MDMzZjA5MWQ0MTU4NTZlYWZiYTg3MDJkOWZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpGB5p83fPYVM6yrgLslgjeITmJSMfIO5jQIQWQ8rHFR+TA
eqS65ZUmDrHzsxFbMQKJ8RYaEbuMeriBHdpV7QIw23l6HK+/Ia+16bNQcyXmbsf0
nx52cA8xWgOJpBneNl9YuB3LT0mZT6uc0IBNIawE/sCfjUB4UvGp8RcOWqRUDH/j
G2CPBj67GI1fXfbycEBZ6L2XXZTubXwDRk1ssH99UyT9j3SD67+ND62WxR5mC8g3
xyIH/OGgxykIKVuqYEhvD73Smvs5KidoPR+8qOJr+XKIWF7uAK+100EtVZIn5LuU
i8BbalwYNt2daykgAQ1CMd4piitEbh6QH1Acdk0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSZ1kTX1wADPwkdQVhW6vuocC2fwzAfBgNVHSMEGDAWgBRbLdn+YotrwQFB
3gJBdmobemMZPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8x
L21kWkUxOWNBQXo4SkhVRllWdXI3cUhBdG44TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8xL1d5M1pfbUtMYThF
QlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwIwQCAAIwHQMHACoGUEAABTASAwcEKgZQQAAQAwcA
KgZQQAAUMA0GCSqGSIb3DQEBCwUAA4IBAQBwk6WOGXGH8FNIzFCbuUXBi/an7oSB
6+/gPfO01MePfQqTpiGsl9nuk06ySABuvdFknpiqDvVt0r8Zp4tgikgei0FE6Ziu
xdDNs0U2Z0ZQyZTd+tiRy5QiBHceb71QZ0XEE4ZWsakTUhj27lm3TX0yUu0kZoFD
dIFXuNszIcnGPPk7kEqzOnpTv53ZNoJyku3jRk72ZzK2gd/3jF3IPk/lokvkK7cb
Ki5ajqxeQ6mXNcKukPHP+huDhztophQRSX7s33+qNktaBBwjl41LqJr7MkamNabj
34WukggHv4IqdAto5vfS0bzxsS9zLAtYzPohC6hInBWxFcuVq8HsFzyj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:57 2023 by rpki-client on console-ams.rpki-client.org