Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/surRV5YrY7zsdLfR1B4oWATfsJA.roa
File: surRV5YrY7zsdLfR1B4oWATfsJA.roa (raw, json)
Hash identifier: Hg3aipZOrBg/EQx5HHejJ6Cn4mkVy2L0dSI0IvPVaN4=
Subject key identifier: B2:EA:D1:57:96:2B:63:BC:EC:74:B7:D1:D4:1E:28:58:04:DF:B0:90
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0183FE87BAE4993ABE63DCE12D4FDFAA69C3
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/surRV5YrY7zsdLfR1B4oWATfsJA.roa
Signing time: Sat 22 Oct 2022 07:10:51 +0000
ROA not before: Sat 22 Oct 2022 07:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:f000::/36 maxlen: 36
2a11:601:d000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:87:ba:e4:99:3a:be:63:dc:e1:2d:4f:df:aa:69:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Oct 22 07:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2ead157962b63bcec74b7d1d41e285804dfb090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:91:03:91:8f:89:14:83:90:7b:69:12:78:2e:
64:72:80:2f:53:37:ae:d3:4c:17:b9:27:41:12:2b:
ff:8e:94:ef:78:b2:93:d7:8e:14:91:ce:62:50:62:
60:7c:16:36:de:58:fc:1b:5d:b3:87:ae:78:3d:bc:
63:77:e7:ee:be:46:10:58:84:54:81:a8:90:cb:ac:
e7:7a:10:22:67:cc:6e:b8:e3:46:47:38:eb:40:9a:
4c:63:a9:6d:47:57:ce:c6:2c:3d:7d:69:c7:f2:a2:
e7:ed:17:d8:a2:fd:37:fd:e2:e2:a1:04:f1:5d:63:
8b:30:98:61:b9:ac:2a:08:5d:01:49:d8:1b:61:1e:
62:2c:eb:3f:80:da:76:5f:d2:e4:9d:de:93:d7:be:
ec:5a:1c:b4:46:a3:99:f4:a6:33:4c:3f:d8:a7:7d:
c9:4f:c6:2c:e0:ea:5c:aa:59:38:6b:31:89:2b:01:
4e:f7:5e:06:83:e1:1e:10:33:30:b4:38:16:b9:68:
9d:c1:cb:73:84:b3:be:a8:f7:84:23:11:ce:c6:ff:
23:3c:6d:b6:c1:5e:d3:aa:74:81:79:79:d9:81:a1:
f3:ac:4d:a0:c4:d1:96:b7:ce:e2:cf:53:81:4d:78:
ac:bf:f5:13:dc:d2:c6:e8:c1:f2:69:e4:4f:13:60:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EA:D1:57:96:2B:63:BC:EC:74:B7:D1:D4:1E:28:58:04:DF:B0:90
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/surRV5YrY7zsdLfR1B4oWATfsJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/48
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:44:57:6b:d9:5f:c3:fd:42:1c:80:08:f6:2c:ad:89:f4:e2:
f7:ad:af:56:06:6f:92:0e:f4:1c:d3:31:ed:1d:2f:6b:9d:44:
34:b6:18:fa:17:18:15:04:41:46:81:be:75:db:5b:2f:b6:49:
54:2c:05:12:88:a0:a2:66:0c:00:36:45:19:67:97:4d:94:17:
2a:aa:33:94:6c:fa:dd:db:80:61:49:8b:d1:b4:e7:8e:57:c6:
58:fe:b9:34:21:c7:6c:c8:12:a4:fa:1f:70:63:b5:4c:cd:54:
e3:91:fa:55:ae:e4:38:38:55:fe:6d:d8:ee:f2:97:f8:4e:cb:
a8:35:e4:1c:06:03:70:57:7b:db:da:44:9a:98:0b:01:c2:af:
8c:dd:35:b5:77:ec:cf:c1:fc:3e:fe:f7:e2:30:6f:28:f5:9c:
8b:f8:c2:aa:9f:36:4e:79:e3:ed:0a:a1:b9:2e:46:14:a3:21:
3b:06:c8:99:2b:d2:f0:98:2c:c2:d2:30:0e:ff:21:a8:85:6e:
53:69:e7:cd:e7:87:60:08:23:b0:7e:56:25:db:62:b7:39:dc:
ca:4e:42:4d:e5:ec:cc:aa:4d:f9:e1:90:e5:ee:9f:39:91:08:
1f:e6:70:fc:5e:75:7e:73:52:36:f8:cd:63:59:27:8f:d3:c9:
1f:bc:e2:e6
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYP+h7rkmTq+Y9zhLU/fqmnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjIxMDIyMDcxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVhZDE1Nzk2MmI2M2JjZWM3NGI3ZDFkNDFlMjg1ODA0ZGZiMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppEDkY+JFIOQe2kSeC5kcoAvUzeu
00wXuSdBEiv/jpTveLKT144Ukc5iUGJgfBY23lj8G12zh654Pbxjd+fuvkYQWIRU
gaiQy6znehAiZ8xuuONGRzjrQJpMY6ltR1fOxiw9fWnH8qLn7RfYov03/eLioQTx
XWOLMJhhuawqCF0BSdgbYR5iLOs/gNp2X9Lknd6T177sWhy0RqOZ9KYzTD/Yp33J
T8Ys4Opcqlk4azGJKwFO914Gg+EeEDMwtDgWuWidwctzhLO+qPeEIxHOxv8jPG22
wV7TqnSBeXnZgaHzrE2gxNGWt87iz1OBTXisv/UT3NLG6MHyaeRPE2AzZwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFLLq0VeWK2O87HS30dQeKFgE37CQMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvc3VyUlY1WXJZN3pzZExmUjFCNG9XQVRmc0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcAKhEGAAFQ
AwYEKhEGAdADBgQqEQYB8DANBgkqhkiG9w0BAQsFAAOCAQEATURXa9lfw/1CHIAI
9iytifTi962vVgZvkg70HNMx7R0va51ENLYY+hcYFQRBRoG+ddtbL7ZJVCwFEoig
omYMADZFGWeXTZQXKqozlGz63duAYUmL0bTnjlfGWP65NCHHbMgSpPofcGO1TM1U
45H6Va7kODhV/m3Y7vKX+E7LqDXkHAYDcFd729pEmpgLAcKvjN01tXfsz8H8Pv73
4jBvKPWci/jCqp82Tnnj7QqhuS5GFKMhOwbImSvS8JgswtIwDv8hqIVuU2nnzeeH
YAgjsH5WJdtitzncyk5CTeXszKpN+eGQ5e6fOZEIH+Zw/F51fnNSNvjNY1knj9PJ
H7zi5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:44 2023 by rpki-client on console-ams.rpki-client.org