Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-8Iar_W2HAr834hGy0kMY_Sgz1U.roa
File: 1-8Iar_W2HAr834hGy0kMY_Sgz1U.roa (raw, json)
Hash identifier: LW1+1/UFoQ+5P6ARlDlFole3M5j3qXK2z4RRyFAf5rY=
Subject key identifier: FB:C2:1A:AF:F5:B6:1C:0A:FC:DF:88:46:CB:49:0C:63:F4:A0:CF:55
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0184092071708BBDC70F82D02E03CECCEE44
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-8Iar_W2HAr834hGy0kMY_Sgz1U.roa
Signing time: Mon 24 Oct 2022 08:33:51 +0000
ROA not before: Mon 24 Oct 2022 08:33:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:d000::/36 maxlen: 36
2a11:601:f000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:20:71:70:8b:bd:c7:0f:82:d0:2e:03:ce:cc:ee:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Oct 24 08:33:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbc21aaff5b61c0afcdf8846cb490c63f4a0cf55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ee:30:81:0b:4c:42:e7:36:3f:da:45:69:a5:
d5:cb:ac:8f:17:c2:32:c1:69:0a:93:24:9b:d2:f3:
fc:a8:5b:69:b4:96:bd:e5:bd:6a:9a:86:72:ef:2b:
f6:21:a8:37:f3:fd:58:a2:fa:f4:eb:21:f8:0f:d8:
8c:46:7c:f8:8d:8b:4e:58:87:66:a3:1c:d4:51:52:
82:33:78:c6:8f:c4:d7:10:9c:b4:67:ce:6c:e6:d0:
b8:1f:10:bc:64:f2:d1:c7:26:57:11:ce:4f:9d:a4:
34:02:a0:14:ea:f5:bf:bb:fc:e7:38:4f:98:a4:1a:
8d:d7:3b:b2:03:92:ac:dc:93:81:95:8a:7f:87:ef:
6e:4b:90:65:b7:e2:42:79:39:de:17:b3:2d:d8:d4:
a9:ef:56:af:71:fd:0c:9c:b6:33:4d:72:57:f4:43:
5c:b2:f0:b4:67:e2:10:32:9e:1f:76:fb:10:aa:38:
29:c3:58:97:88:b3:db:be:4c:2a:d3:87:2d:cb:e2:
42:5e:8e:83:2e:db:54:5a:b7:e5:47:f0:50:c6:d7:
2c:0e:64:6b:6a:db:31:80:bb:1c:44:a7:a3:77:7b:
cf:d7:84:4c:9a:9e:6c:cd:9d:68:e0:3a:0d:36:26:
37:66:b9:3f:8f:7b:50:cd:03:5b:b5:79:f1:9f:28:
92:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C2:1A:AF:F5:B6:1C:0A:FC:DF:88:46:CB:49:0C:63:F4:A0:CF:55
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1-8Iar_W2HAr834hGy0kMY_Sgz1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
33:95:2f:df:f5:ad:e8:e8:01:7f:81:c6:b8:79:4b:61:9c:79:
45:92:7f:1f:53:dc:bf:38:d4:68:71:8a:15:b1:79:f7:de:01:
6f:c7:74:40:6c:5e:48:1d:66:5d:20:5c:53:8c:35:41:2c:4e:
d6:ee:99:66:59:72:9e:1f:b2:62:9b:5f:0b:98:87:3b:12:fa:
aa:31:eb:17:e5:eb:73:0c:7a:6d:82:94:9d:67:18:a2:7b:62:
14:97:01:3d:1b:6d:e1:19:a0:23:26:7c:67:c8:46:76:56:b4:
98:36:e3:f7:9c:14:de:60:32:ea:09:2a:23:cd:ce:01:19:d2:
e0:c7:94:02:fb:45:c4:3f:ce:f7:3d:db:a8:2b:12:4f:e8:a6:
1a:5b:53:50:05:b1:97:19:a7:ad:33:35:4c:9f:c5:15:03:50:
63:35:74:aa:d2:a2:e6:da:1e:5a:23:ef:d6:77:e1:d3:07:90:
f6:a7:d5:c3:bf:22:16:fa:e5:61:fa:ae:67:7b:7c:a6:cc:bb:
55:bf:76:31:ff:c3:4b:93:10:26:c8:24:8d:b0:60:b1:64:e0:
99:60:05:c0:ca:12:46:61:4b:16:37:36:26:0f:fc:2b:1b:6c:
82:01:c9:fe:aa:fd:09:e1:15:e4:ab:e2:05:1d:bf:42:cd:7e:
d1:1b:29:b9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQJIHFwi73HD4LQLgPOzO5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjIxMDI0MDgzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmMyMWFhZmY1YjYxYzBhZmNkZjg4NDZjYjQ5MGM2M2Y0YTBjZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe4wgQtMQuc2P9pFaaXVy6yPF8Iy
wWkKkySb0vP8qFtptJa95b1qmoZy7yv2Iag38/1Yovr06yH4D9iMRnz4jYtOWIdm
oxzUUVKCM3jGj8TXEJy0Z85s5tC4HxC8ZPLRxyZXEc5PnaQ0AqAU6vW/u/znOE+Y
pBqN1zuyA5Ks3JOBlYp/h+9uS5Blt+JCeTneF7Mt2NSp71avcf0MnLYzTXJX9ENc
svC0Z+IQMp4fdvsQqjgpw1iXiLPbvkwq04cty+JCXo6DLttUWrflR/BQxtcsDmRr
atsxgLscRKejd3vP14RMmp5szZ1o4DoNNiY3Zrk/j3tQzQNbtXnxnyiS5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPvCGq/1thwK/N+IRstJDGP0oM9VMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMS04SWFyX1cySEFyODM0aEd5MGtNWV9TZ3oxVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvZDlmOWE4LWRhMDEtNGQzNS04Mjg0LWI2NGViOGQ4MzY1
OC8xLzFUVkRJY0VsUTJBVVhxOGw5cGs0dU44MGV6RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAyBggrBgEFBQcBBwEB/wQjMCEwHwQCAAIwGQMHASoRBgAB
UAMGBCoRBgHQAwYEKhEGAfAwDQYJKoZIhvcNAQELBQADggEBADOVL9/1rejoAX+B
xrh5S2GceUWSfx9T3L841GhxihWxeffeAW/HdEBsXkgdZl0gXFOMNUEsTtbumWZZ
cp4fsmKbXwuYhzsS+qox6xfl63MMem2ClJ1nGKJ7YhSXAT0bbeEZoCMmfGfIRnZW
tJg24/ecFN5gMuoJKiPNzgEZ0uDHlAL7RcQ/zvc926grEk/ophpbU1AFsZcZp60z
NUyfxRUDUGM1dKrSoubaHloj79Z34dMHkPan1cO/Ihb65WH6rmd7fKbMu1W/djH/
w0uTECbIJI2wYLFk4JlgBcDKEkZhSxY3NiYP/CsbbIIByf6q/QnhFeSr4gUdv0LN
ftEbKbk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:53 2023 by rpki-client on console-fra.rpki-client.org