Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/F9hVSq9kHruya9VokLsq4cscQoQ.roa
File: F9hVSq9kHruya9VokLsq4cscQoQ.roa (raw, json)
Hash identifier: Pdv4gSfEVEKLUbP9io478IkJBVu5nijy7LBHpfaoa9Q=
Subject key identifier: 17:D8:55:4A:AF:64:1E:BB:B2:6B:D5:68:90:BB:2A:E1:CB:1C:42:84
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 37D87EF3
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/F9hVSq9kHruya9VokLsq4cscQoQ.roa
Signing time: Sat 01 Jan 2022 00:57:39 +0000
ROA not before: Sat 01 Jan 2022 00:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35003
IP address blocks: 2001:1578:400::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936935155 (0x37d87ef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 00:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17d8554aaf641ebbb26bd56890bb2ae1cb1c4284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ea:7d:fa:99:d9:45:c7:0b:30:b5:cc:ff:53:
e1:7a:ce:f4:33:cf:f9:13:3a:b2:53:3c:21:bb:5c:
6c:99:ef:a1:93:7b:50:da:fc:90:29:15:6b:7c:eb:
f8:cb:d5:46:5e:5f:c9:10:58:dc:e4:77:51:37:50:
31:ea:78:94:ac:7d:2d:42:0c:4b:3c:66:66:54:59:
ab:30:80:88:98:16:22:0e:41:7e:35:72:46:a5:6d:
69:cc:ee:0f:b5:5e:5a:6a:c8:6b:cd:f3:d5:7a:ac:
3f:86:de:56:24:2a:b5:fa:42:fb:d1:c5:da:b5:9f:
e4:5d:29:8c:eb:aa:1b:71:39:15:e0:34:0f:5b:69:
c3:d3:48:5f:b4:94:a1:f6:ab:d6:11:7d:69:7a:8f:
19:bb:6a:aa:ea:71:27:7a:74:db:cf:c0:a1:ec:1e:
c7:55:44:f3:ba:26:73:97:00:d1:76:9f:04:92:23:
de:47:d9:71:a4:47:b5:16:12:95:61:36:73:e3:46:
eb:71:f4:de:7e:92:72:b5:5a:7a:ed:a7:2e:fa:07:
60:97:05:da:7a:7c:48:e0:09:2f:2e:c2:88:e8:2a:
a4:4e:5e:79:ef:ad:fa:0d:ac:8d:81:24:75:6f:d5:
57:17:54:26:93:e3:73:e8:01:45:6c:02:05:5d:e4:
9b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D8:55:4A:AF:64:1E:BB:B2:6B:D5:68:90:BB:2A:E1:CB:1C:42:84
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/F9hVSq9kHruya9VokLsq4cscQoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1578:400::/40
Signature Algorithm: sha256WithRSAEncryption
88:bb:5a:4c:c6:10:fa:e8:6f:2e:e6:95:dc:2e:63:d1:de:d4:
57:12:b2:9c:e5:98:94:75:ee:b1:10:3b:43:15:18:83:37:ff:
03:05:12:80:88:c7:98:68:58:0f:eb:4e:2d:34:8b:fd:f0:c0:
a8:2b:4b:a7:a2:8f:e9:ca:c9:0a:9e:3e:7c:9d:28:65:82:34:
1d:ea:81:e9:70:a3:a8:da:d2:a8:06:1b:52:c2:84:f3:a0:ff:
2b:c3:69:64:3d:26:eb:bd:71:a1:06:b0:1c:6b:0d:f2:3e:16:
c6:53:b2:5b:d8:5e:df:5f:fe:c9:0d:cc:81:45:82:8e:69:70:
4f:e1:28:a3:16:84:3d:6b:83:5e:40:57:68:7f:0d:fe:d0:1e:
10:ce:19:aa:4b:da:57:ec:8c:06:82:09:6b:85:00:ba:db:07:
ce:94:a4:28:b3:19:92:e5:fd:8a:0c:b5:13:d6:82:55:f5:95:
42:33:f7:42:a4:36:cc:bf:31:02:85:3f:4f:c8:3e:aa:e7:08:
e5:a8:c6:2e:b5:40:88:45:24:97:ac:95:7f:60:06:ef:10:ba:
a0:73:d7:37:23:8d:fb:0c:ce:05:65:ca:2a:e9:5a:52:a0:0e:
7d:fa:0e:c8:95:73:e4:19:a5:d5:0d:6b:06:73:fc:c7:94:2a:
8e:fe:6d:af
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEN9h+8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmQzNTFiMjc0ZmMyM2E0MjcyODMwMzYzOGEwZDYyYjYwNjQwMWI0MB4XDTIyMDEw
MTAwNTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdkODU1NGFhZjY0
MWViYmIyNmJkNTY4OTBiYjJhZTFjYjFjNDI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3qffqZ2UXHCzC1zP9T4XrO9DPP+RM6slM8IbtcbJnvoZN7
UNr8kCkVa3zr+MvVRl5fyRBY3OR3UTdQMep4lKx9LUIMSzxmZlRZqzCAiJgWIg5B
fjVyRqVtaczuD7VeWmrIa83z1XqsP4beViQqtfpC+9HF2rWf5F0pjOuqG3E5FeA0
D1tpw9NIX7SUofar1hF9aXqPGbtqqupxJ3p028/Aoewex1VE87omc5cA0XafBJIj
3kfZcaRHtRYSlWE2c+NG63H03n6ScrVaeu2nLvoHYJcF2np8SOAJLy7CiOgqpE5e
ee+t+g2sjYEkdW/VVxdUJpPjc+gBRWwCBV3km6MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQX2FVKr2Qeu7Jr1WiQuyrhyxxChDAfBgNVHSMEGDAWgBS701GydPwjpCco
MDY4oNYrYGQBtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U5TlJzblQ4STZRbktEQTJPS0RXSzJCa0FiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8x
L0Y5aFZTcTlrSHJ1eWE5Vm9rTHNxNGNzY1FvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
YzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8xL3U5TlJzblQ4STZR
bktEQTJPS0RXSzJCa0FiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABFXgEMA0GCSqGSIb3DQEBCwUA
A4IBAQCIu1pMxhD66G8u5pXcLmPR3tRXErKc5ZiUde6xEDtDFRiDN/8DBRKAiMeY
aFgP604tNIv98MCoK0unoo/pyskKnj58nShlgjQd6oHpcKOo2tKoBhtSwoTzoP8r
w2lkPSbrvXGhBrAcaw3yPhbGU7Jb2F7fX/7JDcyBRYKOaXBP4SijFoQ9a4NeQFdo
fw3+0B4QzhmqS9pX7IwGgglrhQC62wfOlKQosxmS5f2KDLUT1oJV9ZVCM/dCpDbM
vzEChT9PyD6q5wjlqMYutUCIRSSXrJV/YAbvELqgc9c3I437DM4FZcoq6VpSoA59
+g7IlXPkGaXVDWsGc/zHlCqO/m2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:21 2024 by rpki-client on console-ams.rpki-client.org