Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/R9CjJbD89365sTm61UqbpZDAFYI.roa
File: R9CjJbD89365sTm61UqbpZDAFYI.roa (raw, json)
Hash identifier: cpSrWVaOkCyH+yzNx6Y9dmv+zVIvj3f9eaPPGNGxvRM=
Subject key identifier: 47:D0:A3:25:B0:FC:F7:7E:B9:B1:39:BA:D5:4A:9B:A5:90:C0:15:82
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 37D77BA8
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/R9CjJbD89365sTm61UqbpZDAFYI.roa
Signing time: Sat 01 Jan 2022 00:57:39 +0000
ROA not before: Sat 01 Jan 2022 00:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12817
IP address blocks: 2001:1578:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936868776 (0x37d77ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 00:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47d0a325b0fcf77eb9b139bad54a9ba590c01582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:e4:b9:ef:2d:28:1d:3f:a9:64:65:da:94:
59:02:ae:3b:5e:8a:40:b7:8b:9f:44:d4:77:97:0c:
72:c2:99:77:ac:8b:5c:5d:05:40:95:29:45:e5:f5:
28:3d:00:29:36:13:64:99:8e:43:b1:16:12:62:ab:
40:ae:50:be:f5:db:ec:5c:06:21:e1:e7:bd:84:66:
2b:9f:e4:2e:d2:b1:a5:0a:a9:a6:91:e4:9b:30:89:
a7:ca:d7:58:35:94:43:57:34:72:98:d6:fe:55:c1:
98:42:88:c4:ab:85:33:e7:3a:81:81:93:c1:0d:84:
66:8b:16:e2:c9:1c:7a:40:5b:8a:99:59:65:08:b5:
98:29:90:ed:a0:21:64:01:93:77:bd:76:de:83:55:
5e:10:30:bf:8e:be:78:8e:c8:93:3e:79:80:16:30:
be:c2:5a:68:51:3d:66:98:a8:3f:0d:26:f4:2d:e4:
37:68:97:03:0a:e2:2f:0b:80:35:b2:66:f0:8a:d2:
43:97:55:c0:28:49:2e:b5:19:a0:bb:9b:d6:29:61:
ff:56:47:16:97:aa:76:1f:e1:e5:ba:7c:3a:09:9a:
4c:36:2b:d2:4b:04:b2:12:db:dd:d8:98:17:d7:68:
c4:99:79:0d:0b:ba:7b:5d:bc:5e:37:89:5b:89:91:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D0:A3:25:B0:FC:F7:7E:B9:B1:39:BA:D5:4A:9B:A5:90:C0:15:82
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/R9CjJbD89365sTm61UqbpZDAFYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1578:200::/40
Signature Algorithm: sha256WithRSAEncryption
7c:0d:13:cd:8b:6c:9e:88:2a:6e:03:dd:d9:cd:a9:c6:d0:8e:
20:be:01:8d:e5:76:83:85:c1:16:10:7d:d7:cf:bc:e4:0c:e5:
33:10:e8:8d:cc:94:28:82:82:24:4e:b9:38:00:22:f0:56:cf:
d8:8a:bc:36:20:a4:65:53:24:a0:8b:d1:12:3d:27:35:83:99:
5d:5f:99:03:f0:68:af:bf:77:af:f1:a7:01:d8:b0:3f:62:67:
f2:e3:1c:35:37:2c:67:60:a6:ef:e4:6c:e9:09:69:1e:02:93:
2f:bc:3f:79:e6:f2:69:c7:f4:ce:e9:3b:f1:f2:8e:ba:14:bf:
65:07:5a:cd:a4:67:a5:c2:4a:5a:1f:a6:1f:d6:24:b0:c6:04:
b3:56:89:0b:00:6e:fc:a2:33:03:95:8c:3c:e1:05:c4:54:6d:
20:c8:3b:54:9b:10:1e:43:e9:cd:05:e3:2e:2f:af:1f:af:d4:
57:eb:01:c2:0d:12:a8:e3:1a:1c:40:ac:52:39:f5:55:3b:07:
23:85:6d:42:38:d3:64:de:eb:13:69:af:47:a8:3b:f9:75:8a:
2f:55:3e:e0:82:11:00:b0:29:dd:88:50:9c:13:9e:7d:61:e8:
c6:b8:b1:95:90:62:97:0a:c2:ef:b1:03:1f:e1:83:a5:41:15:
f3:24:f6:1b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEN9d7qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmQzNTFiMjc0ZmMyM2E0MjcyODMwMzYzOGEwZDYyYjYwNjQwMWI0MB4XDTIyMDEw
MTAwNTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdkMGEzMjViMGZj
Zjc3ZWI5YjEzOWJhZDU0YTliYTU5MGMwMTU4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsB5LnvLSgdP6lkZdqUWQKuO16KQLeLn0TUd5cMcsKZd6yL
XF0FQJUpReX1KD0AKTYTZJmOQ7EWEmKrQK5QvvXb7FwGIeHnvYRmK5/kLtKxpQqp
ppHkmzCJp8rXWDWUQ1c0cpjW/lXBmEKIxKuFM+c6gYGTwQ2EZosW4skcekBbiplZ
ZQi1mCmQ7aAhZAGTd7123oNVXhAwv46+eI7Ikz55gBYwvsJaaFE9ZpioPw0m9C3k
N2iXAwriLwuANbJm8IrSQ5dVwChJLrUZoLub1ilh/1ZHFpeqdh/h5bp8OgmaTDYr
0ksEshLb3diYF9doxJl5DQu6e128XjeJW4mRDCUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRH0KMlsPz3frmxObrVSpulkMAVgjAfBgNVHSMEGDAWgBS701GydPwjpCco
MDY4oNYrYGQBtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U5TlJzblQ4STZRbktEQTJPS0RXSzJCa0FiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8x
L1I5Q2pKYkQ4OTM2NXNUbTYxVXFicFpEQUZZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
YzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8xL3U5TlJzblQ4STZR
bktEQTJPS0RXSzJCa0FiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABFXgCMA0GCSqGSIb3DQEBCwUA
A4IBAQB8DRPNi2yeiCpuA93ZzanG0I4gvgGN5XaDhcEWEH3Xz7zkDOUzEOiNzJQo
goIkTrk4ACLwVs/Yirw2IKRlUySgi9ESPSc1g5ldX5kD8Givv3ev8acB2LA/Ymfy
4xw1NyxnYKbv5GzpCWkeApMvvD955vJpx/TO6Tvx8o66FL9lB1rNpGelwkpaH6Yf
1iSwxgSzVokLAG78ojMDlYw84QXEVG0gyDtUmxAeQ+nNBeMuL68fr9RX6wHCDRKo
4xocQKxSOfVVOwcjhW1CONNk3usTaa9HqDv5dYovVT7gghEAsCndiFCcE559YejG
uLGVkGKXCsLvsQMf4YOlQRXzJPYb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:55 2023 by rpki-client on console-ams.rpki-client.org