Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/p1odZCfscKk3Sx2Li0EZYVtvsL4.roa
File: p1odZCfscKk3Sx2Li0EZYVtvsL4.roa (raw, json)
Hash identifier: 0a6v4ggv7IvmhFVY2pTGZ4xSII6J3x8Fz7EdPakwLhs=
Subject key identifier: A7:5A:1D:64:27:EC:70:A9:37:4B:1D:8B:8B:41:19:61:5B:6F:B0:BE
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018921BB
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/p1odZCfscKk3Sx2Li0EZYVtvsL4.roa
Signing time: Sat 01 Jan 2022 11:54:23 +0000
ROA not before: Sat 01 Jan 2022 11:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210542
IP address blocks: 2a11:9c00:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25764283 (0x18921bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 1 11:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a75a1d6427ec70a9374b1d8b8b4119615b6fb0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ae:23:e0:80:b4:5b:39:e2:99:72:6d:a9:fc:
ea:49:c6:55:b4:2b:bc:3a:d9:8e:cd:0c:01:32:22:
20:f0:c2:e6:a3:b6:92:e7:67:e1:e9:72:85:c4:18:
c8:29:22:82:25:73:c6:18:c8:7e:6c:3f:61:ec:ff:
3a:22:fc:62:53:6a:6c:35:20:2f:9a:49:0a:1f:03:
36:2d:d5:3a:07:d2:da:7c:0d:95:e9:47:fb:46:0c:
fc:0b:5a:e6:37:62:a0:35:a3:e5:c8:b3:f3:f9:d9:
83:33:be:74:52:e5:c6:d9:a7:50:5d:f8:35:78:0d:
49:59:ac:9c:82:e3:3d:02:1b:02:14:17:a5:39:bf:
51:96:1b:88:6e:0d:f3:7f:f0:ff:52:b6:6a:9a:2d:
6d:fc:26:69:ae:a3:4c:55:a3:4c:56:73:e4:77:5a:
ef:63:2f:17:b1:e2:bf:d9:ac:7b:05:c7:c1:3f:42:
e9:c5:2e:fb:1c:78:c8:1e:4e:fe:83:d8:06:4e:f3:
b6:fb:e4:c0:47:f3:8b:08:34:e3:53:1c:18:da:d4:
c4:3c:2d:db:59:11:71:8d:7f:db:b0:c3:60:07:d5:
72:81:70:e4:db:a9:1b:9c:9c:bf:7c:84:13:37:92:
9f:a6:4d:5f:88:b3:43:ba:43:dd:97:63:44:8e:26:
ba:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5A:1D:64:27:EC:70:A9:37:4B:1D:8B:8B:41:19:61:5B:6F:B0:BE
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/p1odZCfscKk3Sx2Li0EZYVtvsL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c00:100::/40
Signature Algorithm: sha256WithRSAEncryption
41:70:80:3e:75:f0:b0:68:35:80:4f:15:35:99:b8:15:36:13:
af:d1:a9:1e:1c:88:15:ec:9e:19:56:20:da:d7:5f:b7:ce:8f:
a0:f4:f3:7c:f0:48:ab:ef:d1:3a:85:9a:49:c2:46:a2:c6:47:
04:86:fa:93:ff:ba:3e:48:67:d7:7a:e6:0b:f1:50:6a:6c:1c:
67:5c:84:fe:25:09:71:37:fd:6c:f1:a3:0b:59:ed:40:30:07:
20:1d:84:87:d3:fa:f2:62:7b:36:b6:b7:33:97:d3:f1:98:9d:
a1:cf:7c:d7:1f:f6:f7:7f:57:cd:09:2a:b9:05:aa:83:01:ad:
ee:08:12:cd:cb:75:96:2f:2f:d9:09:45:b3:6f:85:59:5f:1a:
1d:9c:b9:a5:c0:78:2f:53:c7:e6:61:2a:2b:32:81:37:f6:ba:
30:35:70:e9:7f:d4:75:a7:4d:b8:9d:b7:17:56:df:5c:c9:59:
dd:fd:93:a7:18:bd:e3:60:3d:d1:60:d2:fc:81:e3:42:83:2b:
9b:76:e7:46:72:88:bf:5b:87:cb:0a:eb:5f:f6:9a:7a:32:94:
e4:b5:01:49:0e:78:88:fb:b3:1e:79:33:d7:20:b4:f4:2c:69:
b5:06:3b:3b:bb:a5:42:3d:26:92:da:e5:2e:a8:5c:90:20:91:
c0:eb:be:81
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAYkhuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWRjOWM1NWUxNTk3ZTg4NTY0ZGFmNTY3ZTVhNDY2NTk3OGM3Yjg1MB4XDTIyMDEw
MTExNTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc1YTFkNjQyN2Vj
NzBhOTM3NGIxZDhiOGI0MTE5NjE1YjZmYjBiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmuI+CAtFs54plyban86knGVbQrvDrZjs0MATIiIPDC5qO2
kudn4elyhcQYyCkigiVzxhjIfmw/Yez/OiL8YlNqbDUgL5pJCh8DNi3VOgfS2nwN
lelH+0YM/Ata5jdioDWj5ciz8/nZgzO+dFLlxtmnUF34NXgNSVmsnILjPQIbAhQX
pTm/UZYbiG4N83/w/1K2apotbfwmaa6jTFWjTFZz5Hda72MvF7Hiv9msewXHwT9C
6cUu+xx4yB5O/oPYBk7ztvvkwEfziwg041McGNrUxDwt21kRcY1/27DDYAfVcoFw
5NupG5ycv3yEEzeSn6ZNX4izQ7pD3ZdjRI4mulECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSnWh1kJ+xwqTdLHYuLQRlhW2+wvjAfBgNVHSMEGDAWgBSF3JxV4Vl+iFZN
r1Z+WkZll4x7hTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hkeWNWZUZaZm9oV1RhOVdmbHBHWlplTWU0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8x
L3Axb2RaQ2ZzY0trM1N4MkxpMEVaWVZ0dnNMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8xL2hkeWNWZUZaZm9o
V1RhOVdmbHBHWlplTWU0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoRnAABMA0GCSqGSIb3DQEBCwUA
A4IBAQBBcIA+dfCwaDWATxU1mbgVNhOv0akeHIgV7J4ZViDa11+3zo+g9PN88Eir
79E6hZpJwkaixkcEhvqT/7o+SGfXeuYL8VBqbBxnXIT+JQlxN/1s8aMLWe1AMAcg
HYSH0/ryYns2trczl9PxmJ2hz3zXH/b3f1fNCSq5BaqDAa3uCBLNy3WWLy/ZCUWz
b4VZXxodnLmlwHgvU8fmYSorMoE39rowNXDpf9R1p024nbcXVt9cyVnd/ZOnGL3j
YD3RYNL8geNCgyubdudGcoi/W4fLCutf9pp6MpTktQFJDniI+7MeeTPXILT0LGm1
Bjs7u6VCPSaS2uUuqFyQIJHA676B
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-ams.rpki-client.org