Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Hb1V-kg-2SiTsQktOTpJpg8_soQ.roa
File: Hb1V-kg-2SiTsQktOTpJpg8_soQ.roa (raw, json)
Hash identifier: uJv53/CiuAKd8cd/AaC0bjC9xHV7xvZ23gxnxEjb50M=
Subject key identifier: 1D:BD:55:FA:48:3E:D9:28:93:B1:09:2D:39:3A:49:A6:0F:3F:B2:84
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08BFC512
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Hb1V-kg-2SiTsQktOTpJpg8_soQ.roa
Signing time: Sat 01 Jan 2022 07:04:28 +0000
ROA not before: Sat 01 Jan 2022 07:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23470
IP address blocks: 2a09:ff00:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146785554 (0x8bfc512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dbd55fa483ed92893b1092d393a49a60f3fb284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:60:a2:d4:69:ec:fc:95:af:e5:84:ad:88:
84:54:35:60:3c:08:76:ee:4e:2c:80:ce:04:94:e1:
25:72:c7:79:bc:f9:97:5d:49:71:a0:a3:18:b8:2f:
7a:2a:24:58:2a:68:86:27:89:17:ae:f2:44:33:8e:
46:91:b1:fa:e6:39:b6:b7:b9:3a:63:3b:2f:af:3b:
fb:38:68:b8:ff:16:43:33:5c:5c:6c:42:6b:a1:23:
d8:d7:b7:27:45:df:54:c7:d0:40:03:66:a7:d0:ef:
00:05:4d:0e:86:9d:6d:fc:03:83:19:99:5a:e2:f2:
94:0d:66:d7:cc:d4:89:26:ab:c0:16:31:78:91:72:
2b:fb:f1:d5:f6:ff:90:ac:da:d6:3d:00:5f:c4:04:
17:73:93:c1:c3:22:e1:ac:54:85:73:56:8f:75:05:
71:21:38:98:46:14:71:f8:a8:89:6f:99:0c:06:39:
ed:e9:05:c3:76:7e:52:20:a2:c4:bd:c8:29:f8:a0:
b0:c8:e8:53:38:db:bc:da:65:7b:9e:03:ab:6b:65:
fc:83:52:0a:9d:d9:a6:17:5f:10:39:e9:dd:26:f3:
ab:52:af:d0:cf:a3:68:d5:e6:01:67:d4:7b:5d:0c:
12:dd:d1:c6:dc:83:cf:53:fa:09:89:65:41:19:e4:
63:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BD:55:FA:48:3E:D9:28:93:B1:09:2D:39:3A:49:A6:0F:3F:B2:84
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Hb1V-kg-2SiTsQktOTpJpg8_soQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:101::/48
Signature Algorithm: sha256WithRSAEncryption
5c:1f:08:e7:6f:ad:bc:e3:4a:47:7d:5f:ae:58:43:c9:45:36:
96:d4:a8:2e:bb:14:17:6b:a2:61:c8:19:95:1e:9b:43:ef:d5:
d3:d2:01:a9:78:f6:65:0e:73:db:09:27:16:3c:cf:4e:ec:23:
7e:b4:48:17:a7:a7:78:43:7b:e2:57:d8:91:d8:66:81:5d:d1:
76:74:68:3e:43:81:57:ba:8a:1c:95:c1:4b:e2:3e:43:c0:c3:
d6:5f:8d:e8:e5:13:4d:4b:bb:c7:0a:ce:db:27:b4:b0:11:6c:
97:3f:d4:22:49:59:91:4e:55:17:ce:4f:65:2e:62:62:2c:55:
31:98:7f:e4:f8:ef:20:5b:2c:88:d0:c8:db:05:4e:82:60:9d:
75:e2:0a:1b:17:37:d5:30:28:6c:d9:4c:8d:95:62:e3:7f:f0:
3f:50:25:25:c2:ef:53:1b:38:a8:b0:34:ce:31:39:63:81:11:
f3:e3:9c:78:a0:c1:12:da:62:a5:7f:93:f2:a0:3d:9f:61:f2:
43:8c:c9:b4:8f:45:9c:dd:32:39:85:4d:b2:77:f6:01:ac:6f:
7f:46:36:21:75:6d:b9:90:fe:ca:84:44:ba:45:c5:5f:8b:89:
5d:c9:2f:a0:14:2e:86:eb:ee:89:d5:61:53:eb:2a:54:0c:aa:
4c:79:65:73
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECL/FEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRiZDU1ZmE0ODNl
ZDkyODkzYjEwOTJkMzkzYTQ5YTYwZjNmYjI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6pYKLUaez8la/lhK2IhFQ1YDwIdu5OLIDOBJThJXLHebz5
l11JcaCjGLgveiokWCpohieJF67yRDOORpGx+uY5tre5OmM7L687+zhouP8WQzNc
XGxCa6Ej2Ne3J0XfVMfQQANmp9DvAAVNDoadbfwDgxmZWuLylA1m18zUiSarwBYx
eJFyK/vx1fb/kKza1j0AX8QEF3OTwcMi4axUhXNWj3UFcSE4mEYUcfioiW+ZDAY5
7ekFw3Z+UiCixL3IKfigsMjoUzjbvNple54Dq2tl/INSCp3ZphdfEDnp3Sbzq1Kv
0M+jaNXmAWfUe10MEt3RxtyDz1P6CYllQRnkY1UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQdvVX6SD7ZKJOxCS05OkmmDz+yhDAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L0hiMVYta2ctMlNpVHNRa3RPVHBKcGc4X3NvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJ/wABATANBgkqhkiG9w0BAQsF
AAOCAQEAXB8I52+tvONKR31frlhDyUU2ltSoLrsUF2uiYcgZlR6bQ+/V09IBqXj2
ZQ5z2wknFjzPTuwjfrRIF6eneEN74lfYkdhmgV3RdnRoPkOBV7qKHJXBS+I+Q8DD
1l+N6OUTTUu7xwrO2ye0sBFslz/UIklZkU5VF85PZS5iYixVMZh/5PjvIFssiNDI
2wVOgmCddeIKGxc31TAobNlMjZVi43/wP1AlJcLvUxs4qLA0zjE5Y4ER8+OceKDB
EtpipX+T8qA9n2HyQ4zJtI9FnN0yOYVNsnf2Aaxvf0Y2IXVtuZD+yoREukXFX4uJ
XckvoBQuhuvuidVhU+sqVAyqTHllcw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org