Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9zTYK0ofJ2BwSlTCqDjVeIZCAoA.roa
File: 9zTYK0ofJ2BwSlTCqDjVeIZCAoA.roa (raw, json)
Hash identifier: BCzp66bCTTOPj3Uamj07aFAXtGN/DJ6wM7c+POi/wPA=
Subject key identifier: F7:34:D8:2B:4A:1F:27:60:70:4A:54:C2:A8:38:D5:78:86:42:02:80
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08C16A11
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9zTYK0ofJ2BwSlTCqDjVeIZCAoA.roa
Signing time: Sat 01 Jan 2022 07:04:29 +0000
ROA not before: Sat 01 Jan 2022 07:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31400
IP address blocks: 2a09:7900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146893329 (0x8c16a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f734d82b4a1f2760704a54c2a838d57886420280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dc:7f:f7:b0:55:4b:90:4d:de:f7:26:d4:1c:
cd:8b:e5:64:9d:8b:cc:43:3a:d3:f4:17:36:61:2b:
b1:3b:85:92:ab:32:91:4b:79:93:23:2b:af:c8:ef:
e0:7b:2e:9b:31:88:20:21:9a:fa:1e:7e:3a:ff:aa:
e2:77:90:67:19:78:51:d5:02:c7:93:36:1f:cc:8a:
9d:59:85:d7:f8:5e:30:71:e1:27:04:87:e5:41:a3:
f0:52:f6:17:19:68:c1:b2:ad:8e:fe:f3:21:58:61:
7a:1f:05:80:58:e5:83:09:cd:08:62:7e:11:d7:d5:
81:42:05:49:3b:1d:ec:7e:b3:92:39:8b:d5:33:15:
19:6e:0c:25:ef:a7:82:d1:13:b3:de:2b:2f:f8:c5:
de:d5:47:09:70:0f:06:aa:91:a7:41:5e:3b:90:db:
91:6e:95:51:06:f9:4e:9c:e9:13:9f:25:38:bc:7d:
9a:55:88:49:6e:0c:48:cc:b7:a1:49:1d:5b:2e:6d:
b9:79:f2:cc:e8:0a:c5:eb:fd:44:68:de:3e:d5:6c:
80:15:bc:fd:cf:c7:78:46:84:8e:a7:6d:88:9c:de:
4e:07:21:f4:f7:3d:2e:de:30:4b:e2:25:e1:54:04:
e8:ee:1f:27:8b:03:0b:83:61:2e:de:10:42:fb:fe:
a5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:34:D8:2B:4A:1F:27:60:70:4A:54:C2:A8:38:D5:78:86:42:02:80
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9zTYK0ofJ2BwSlTCqDjVeIZCAoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7900::/29
Signature Algorithm: sha256WithRSAEncryption
40:dc:e1:b0:c4:08:62:cf:94:a8:00:b3:19:2a:2f:62:62:a0:
d1:ec:22:4f:ee:c9:8f:ae:e8:46:01:23:42:46:ed:2a:8f:9c:
ff:3f:8d:25:d1:7a:03:c1:23:98:e9:0f:4c:41:78:31:4a:ef:
92:3b:10:c5:a3:f5:14:64:ce:09:31:38:2b:cd:f4:0d:c4:53:
a1:ae:9e:31:5c:57:1f:2f:f4:6d:9c:1f:bd:7d:55:1e:11:94:
87:1e:3c:ff:77:17:92:26:52:dc:d2:dc:6d:00:38:33:2d:c3:
ed:61:1e:b0:a7:02:f7:8f:c2:ac:c1:40:f6:f2:a3:8c:fa:1b:
c8:f7:66:49:ac:fa:48:d0:3e:05:76:2d:b5:7f:4a:0a:5c:b1:
b0:72:d0:15:37:86:de:38:6b:f5:25:78:86:65:49:82:c9:95:
e4:1c:44:84:74:d7:b1:e8:97:fd:bd:4e:c4:ce:ca:09:3c:ef:
38:46:c0:ab:d0:c4:3c:16:70:c7:4a:16:54:ed:27:44:ea:db:
6d:83:26:32:e8:7f:01:0b:70:c1:ec:84:69:d0:43:43:08:a4:
aa:08:c4:57:65:ed:f5:b0:4c:0d:37:38:3f:f9:08:55:75:d4:
8e:42:cf:6a:7a:ab:ba:f4:d2:04:26:e2:06:6b:d4:1f:86:1b:
87:73:57:2a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECMFqETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjczNGQ4MmI0YTFm
Mjc2MDcwNGE1NGMyYTgzOGQ1Nzg4NjQyMDI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPcf/ewVUuQTd73JtQczYvlZJ2LzEM60/QXNmErsTuFkqsy
kUt5kyMrr8jv4HsumzGIICGa+h5+Ov+q4neQZxl4UdUCx5M2H8yKnVmF1/heMHHh
JwSH5UGj8FL2FxlowbKtjv7zIVhheh8FgFjlgwnNCGJ+EdfVgUIFSTsd7H6zkjmL
1TMVGW4MJe+ngtETs94rL/jF3tVHCXAPBqqRp0FeO5DbkW6VUQb5TpzpE58lOLx9
mlWISW4MSMy3oUkdWy5tuXnyzOgKxev9RGjePtVsgBW8/c/HeEaEjqdtiJzeTgch
9Pc9Lt4wS+Il4VQE6O4fJ4sDC4NhLt4QQvv+pV0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT3NNgrSh8nYHBKVMKoONV4hkICgDAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
Lzl6VFlLMG9mSjJCd1NsVENxRGpWZUlaQ0FvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoJeQAwDQYJKoZIhvcNAQELBQAD
ggEBAEDc4bDECGLPlKgAsxkqL2JioNHsIk/uyY+u6EYBI0JG7SqPnP8/jSXRegPB
I5jpD0xBeDFK75I7EMWj9RRkzgkxOCvN9A3EU6GunjFcVx8v9G2cH719VR4RlIce
PP93F5ImUtzS3G0AODMtw+1hHrCnAvePwqzBQPbyo4z6G8j3Zkms+kjQPgV2LbV/
SgpcsbBy0BU3ht44a/UleIZlSYLJleQcRIR017Hol/29TsTOygk87zhGwKvQxDwW
cMdKFlTtJ0Tq222DJjLofwELcMHshGnQQ0MIpKoIxFdl7fWwTA03OD/5CFV11I5C
z2p6q7r00gQm4gZr1B+GG4dzVyo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org