Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/981095-e07b-4415-8ff7-a8e31b93be72/1/pyVxYcmIeX6qxXcKtguk1pNMwAM.roa
File: pyVxYcmIeX6qxXcKtguk1pNMwAM.roa (raw, json)
Hash identifier: qjT+vzKFA3oi81sEol9pDhhgtjSZht2U6aavCvZvWhE=
Subject key identifier: A7:25:71:61:C9:88:79:7E:AA:C5:77:0A:B6:0B:A4:D6:93:4C:C0:03
Certificate issuer: /CN=0cd55613dd54cd7d0516f77b86d19d8b6701a1ee
Certificate serial: 018486AC3A8B17866EAE8DCE25D98B6BE962
Authority key identifier: 0C:D5:56:13:DD:54:CD:7D:05:16:F7:7B:86:D1:9D:8B:67:01:A1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNVWE91UzX0FFvd7htGdi2cBoe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/981095-e07b-4415-8ff7-a8e31b93be72/1/pyVxYcmIeX6qxXcKtguk1pNMwAM.roa
Signing time: Thu 17 Nov 2022 17:39:04 +0000
ROA not before: Thu 17 Nov 2022 17:39:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:9240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:ac:3a:8b:17:86:6e:ae:8d:ce:25:d9:8b:6b:e9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd55613dd54cd7d0516f77b86d19d8b6701a1ee
Validity
Not Before: Nov 17 17:39:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7257161c988797eaac5770ab60ba4d6934cc003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5e:77:5b:cf:83:e4:f3:c0:aa:9a:d1:9d:92:
29:e5:9f:b6:18:c7:19:3f:9c:2b:a8:03:97:97:1b:
9f:80:9f:78:78:5e:73:70:aa:4a:a8:98:d5:fc:6c:
4c:c4:6b:39:1d:ab:a3:d1:13:b4:54:b6:e8:d2:2b:
de:44:44:d0:2a:05:35:f9:08:09:bd:a0:71:2b:00:
ae:f5:39:ba:3c:ad:5a:3b:fe:d3:90:26:93:0a:42:
27:96:bc:e7:34:75:7f:ae:57:64:14:41:4a:62:b6:
0a:0d:f1:a8:9f:2d:29:b9:f8:f1:27:5b:a9:9b:f4:
36:b4:16:ce:b4:48:95:38:1d:21:40:31:cb:21:db:
66:1c:af:71:be:01:9f:2c:44:98:8d:eb:55:08:66:
85:e4:a0:9f:cf:de:b8:ef:fb:d3:b9:ae:df:77:7e:
ac:ff:9b:96:db:e6:1e:98:02:df:b8:60:10:ba:96:
ab:26:fc:96:96:64:85:4d:14:a9:85:be:1c:de:6f:
2c:03:e6:9e:e4:66:4d:f2:85:d0:4f:17:ee:5c:76:
38:18:71:72:e3:10:23:93:6c:22:d5:55:ee:a6:41:
60:98:95:62:7a:06:c8:5c:e1:38:10:72:42:27:fa:
fe:34:88:57:06:0f:d3:71:d5:5d:92:9b:f3:c1:8c:
f3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:25:71:61:C9:88:79:7E:AA:C5:77:0A:B6:0B:A4:D6:93:4C:C0:03
X509v3 Authority Key Identifier:
keyid:0C:D5:56:13:DD:54:CD:7D:05:16:F7:7B:86:D1:9D:8B:67:01:A1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNVWE91UzX0FFvd7htGdi2cBoe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/981095-e07b-4415-8ff7-a8e31b93be72/1/pyVxYcmIeX6qxXcKtguk1pNMwAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/981095-e07b-4415-8ff7-a8e31b93be72/1/DNVWE91UzX0FFvd7htGdi2cBoe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9240::/29
Signature Algorithm: sha256WithRSAEncryption
81:f9:8a:f2:11:93:90:c3:8e:6a:a1:9a:4e:a4:e8:61:b8:38:
5f:74:54:84:1b:0c:6b:ab:4c:0e:68:00:3a:60:06:a5:c6:2a:
52:e0:94:15:dc:e4:c7:2e:14:08:4f:4a:82:f0:19:07:ee:1f:
93:03:8e:03:e3:cc:08:d1:c1:77:6d:29:1b:29:ce:f1:da:fc:
6c:b6:69:91:fe:51:18:4c:12:f2:58:73:8b:7d:1d:3e:f7:e6:
94:f3:65:eb:f6:df:b6:42:78:0b:6c:f0:85:7f:d6:4d:2f:0c:
37:6f:6d:9e:d9:76:90:e1:fb:4b:5f:16:c8:f4:e9:c7:ca:b0:
5d:be:37:fb:b3:20:97:f2:90:60:a7:00:aa:62:30:e0:bb:ce:
12:ff:99:c2:9e:07:45:ee:73:90:a3:ac:47:b7:ea:5e:f8:3a:
e8:6b:b5:e3:ad:16:19:14:e0:3c:96:a7:e2:48:56:b2:72:20:
64:f5:53:75:00:8f:e5:38:d9:63:34:97:1e:8f:db:85:5f:6b:
38:42:27:4a:67:e7:8e:08:57:d4:dd:a5:1d:15:ff:8a:81:df:
cd:36:7b:0c:ee:0a:ee:cd:a8:62:c9:d0:e5:e8:4d:bc:c3:62:
09:1a:43:c9:ef:de:fb:cc:21:f1:9c:f3:02:9e:30:c6:8e:5c:
80:a7:03:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSGrDqLF4Zuro3OJdmLa+liMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDU1NjEzZGQ1NGNkN2QwNTE2Zjc3Yjg2ZDE5ZDhiNjcw
MWExZWUwHhcNMjIxMTE3MTczOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI1NzE2MWM5ODg3OTdlYWFjNTc3MGFiNjBiYTRkNjkzNGNjMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp153W8+D5PPAqprRnZIp5Z+2GMcZ
P5wrqAOXlxufgJ94eF5zcKpKqJjV/GxMxGs5Hauj0RO0VLbo0iveRETQKgU1+QgJ
vaBxKwCu9Tm6PK1aO/7TkCaTCkInlrznNHV/rldkFEFKYrYKDfGony0pufjxJ1up
m/Q2tBbOtEiVOB0hQDHLIdtmHK9xvgGfLESYjetVCGaF5KCfz9647/vTua7fd36s
/5uW2+YemALfuGAQuparJvyWlmSFTRSphb4c3m8sA+ae5GZN8oXQTxfuXHY4GHFy
4xAjk2wi1VXupkFgmJViegbIXOE4EHJCJ/r+NIhXBg/TcdVdkpvzwYzzzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKclcWHJiHl+qsV3CrYLpNaTTMADMB8GA1UdIwQY
MBaAFAzVVhPdVM19BRb3e4bRnYtnAaHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5WV0U5MVV6WDBGRnZkN2h0R2RpMmNCb2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85ODEwOTUtZTA3Yi00NDE1LThmZjct
YThlMzFiOTNiZTcyLzEvcHlWeFljbUllWDZxeFhjS3RndWsxcE5Nd0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85ODEwOTUtZTA3Yi00NDE1LThmZjctYThlMzFiOTNiZTcy
LzEvRE5WV0U5MVV6WDBGRnZkN2h0R2RpMmNCb2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGSQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgfmK8hGTkMOOaqGaTqToYbg4X3RUhBsMa6tMDmgA
OmAGpcYqUuCUFdzkxy4UCE9KgvAZB+4fkwOOA+PMCNHBd20pGynO8dr8bLZpkf5R
GEwS8lhzi30dPvfmlPNl6/bftkJ4C2zwhX/WTS8MN29tntl2kOH7S18WyPTpx8qw
Xb43+7Mgl/KQYKcAqmIw4LvOEv+Zwp4HRe5zkKOsR7fqXvg66Gu1460WGRTgPJan
4khWsnIgZPVTdQCP5TjZYzSXHo/bhV9rOEInSmfnjghX1N2lHRX/ioHfzTZ7DO4K
7s2oYsnQ5ehNvMNiCRpDye/e+8wh8ZzzAp4wxo5cgKcDTA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org