Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0a8b1b-bb69-48d7-8ca5-7dc225afe555/1/ayC5I7jtD8sh4M6AuIbWejG_g9A.roa
File: ayC5I7jtD8sh4M6AuIbWejG_g9A.roa (raw, json)
Hash identifier: j9XgMWaTlJDfj98mpB08W5KMBh2IaYwyn0kRZgVvWGI=
Subject key identifier: 6B:20:B9:23:B8:ED:0F:CB:21:E0:CE:80:B8:86:D6:7A:31:BF:83:D0
Certificate issuer: /CN=f22c8a99ada77fbd3e24014f5e24f1af69505c23
Certificate serial: 12FFA94C
Authority key identifier: F2:2C:8A:99:AD:A7:7F:BD:3E:24:01:4F:5E:24:F1:AF:69:50:5C:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iyKma2nf70-JAFPXiTxr2lQXCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0a8b1b-bb69-48d7-8ca5-7dc225afe555/1/ayC5I7jtD8sh4M6AuIbWejG_g9A.roa
Signing time: Sat 01 Jan 2022 06:53:55 +0000
ROA not before: Sat 01 Jan 2022 06:53:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203279
IP address blocks: 2001:67c:2fb0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 318744908 (0x12ffa94c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f22c8a99ada77fbd3e24014f5e24f1af69505c23
Validity
Not Before: Jan 1 06:53:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b20b923b8ed0fcb21e0ce80b886d67a31bf83d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:22:49:25:d9:22:d8:17:b3:6c:d4:1f:78:a7:
e0:8f:0e:4e:fe:5c:49:d1:2c:12:0c:65:a4:f2:1a:
95:ea:d1:ec:a2:55:f2:e1:12:86:f1:08:e0:1d:f2:
51:8d:d5:5b:77:7e:3b:f3:e0:9c:d6:05:fa:67:54:
df:b1:e9:42:f4:95:38:dd:88:03:73:db:1b:85:c3:
f2:11:52:cb:9a:fb:05:ff:a1:7d:b4:26:27:65:9c:
60:00:e6:85:80:f8:f8:8c:c0:35:0c:db:f6:a1:47:
55:71:71:ed:ed:a6:3d:b1:08:39:94:86:dd:62:04:
85:cb:c3:f5:83:b8:cd:18:98:b6:f5:51:46:83:de:
8a:15:84:5a:66:8b:b0:ad:c8:58:3d:50:1f:d7:ac:
f0:92:68:38:b9:8d:90:8b:8c:c5:8a:35:94:a9:74:
e7:52:bc:4b:4a:e5:41:9f:89:78:9a:31:ec:c5:db:
8b:99:98:ba:3f:ae:d3:51:1c:57:91:b4:f5:62:32:
fe:79:2b:9c:08:7b:f9:35:ef:a2:ae:64:b2:63:94:
40:b6:f0:9b:bc:a6:ad:75:af:7c:03:49:5a:39:45:
5b:68:3c:d1:3f:4e:7d:d0:99:14:f5:8b:44:a4:37:
a7:d7:bd:c8:e4:e4:3c:fe:4f:2d:2f:c8:e1:6a:6d:
04:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:20:B9:23:B8:ED:0F:CB:21:E0:CE:80:B8:86:D6:7A:31:BF:83:D0
X509v3 Authority Key Identifier:
keyid:F2:2C:8A:99:AD:A7:7F:BD:3E:24:01:4F:5E:24:F1:AF:69:50:5C:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iyKma2nf70-JAFPXiTxr2lQXCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0a8b1b-bb69-48d7-8ca5-7dc225afe555/1/ayC5I7jtD8sh4M6AuIbWejG_g9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0a8b1b-bb69-48d7-8ca5-7dc225afe555/1/8iyKma2nf70-JAFPXiTxr2lQXCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2fb0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:40:ff:72:a5:cc:d1:84:02:80:29:ad:98:d6:f2:c9:b2:57:
2b:e4:6c:a0:0c:e5:82:40:01:b6:b9:f8:74:24:a8:fa:e1:83:
70:db:7b:e9:ff:30:0f:08:8e:1b:a9:24:d5:b5:4c:29:f9:ce:
83:66:58:65:b9:76:5c:60:a9:96:50:74:ea:9a:54:8e:cd:b0:
62:74:14:72:a8:ab:94:98:93:fb:44:7f:8b:dc:6a:84:1c:80:
f3:14:89:c8:58:6d:0e:f6:42:b1:d8:a5:1e:08:36:a2:2f:04:
c9:ed:65:56:8d:0b:b7:bb:50:51:e5:5b:49:d4:14:35:c8:1c:
d6:d2:cc:8b:91:0c:17:a1:6d:3a:33:bb:07:19:ef:9e:7e:80:
9f:bd:09:74:80:bf:83:eb:0a:89:51:0c:cc:e1:f1:5b:ab:83:
e9:fc:41:72:6f:13:3b:67:8d:2e:8b:01:d5:72:d8:16:b7:e0:
b0:b1:ec:32:56:9d:c9:ed:14:54:7c:ba:ed:64:ed:be:f6:de:
0a:84:b8:66:dc:09:ad:b4:b0:f6:6a:8d:ad:6c:02:d3:9f:1a:
24:a9:45:78:0b:65:aa:17:3a:1b:1b:72:db:50:c5:61:7a:7b:
ec:94:95:cd:55:07:56:62:37:ca:fb:c0:dc:59:90:79:1c:77:
ea:a4:d2:60
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEv+pTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjJjOGE5OWFkYTc3ZmJkM2UyNDAxNGY1ZTI0ZjFhZjY5NTA1YzIzMB4XDTIyMDEw
MTA2NTM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIyMGI5MjNiOGVk
MGZjYjIxZTBjZTgwYjg4NmQ2N2EzMWJmODNkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgiSSXZItgXs2zUH3in4I8OTv5cSdEsEgxlpPIalerR7KJV
8uEShvEI4B3yUY3VW3d+O/PgnNYF+mdU37HpQvSVON2IA3PbG4XD8hFSy5r7Bf+h
fbQmJ2WcYADmhYD4+IzANQzb9qFHVXFx7e2mPbEIOZSG3WIEhcvD9YO4zRiYtvVR
RoPeihWEWmaLsK3IWD1QH9es8JJoOLmNkIuMxYo1lKl051K8S0rlQZ+JeJox7MXb
i5mYuj+u01EcV5G09WIy/nkrnAh7+TXvoq5ksmOUQLbwm7ymrXWvfANJWjlFW2g8
0T9OfdCZFPWLRKQ3p9e9yOTkPP5PLS/I4WptBOECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRrILkjuO0PyyHgzoC4htZ6Mb+D0DAfBgNVHSMEGDAWgBTyLIqZrad/vT4k
AU9eJPGvaVBcIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhpeUttYTJuZjcwLUpBRlBYaVR4cjJsUVhDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvMGE4YjFiLWJiNjktNDhkNy04Y2E1LTdkYzIyNWFmZTU1NS8x
L2F5QzVJN2p0RDhzaDRNNkF1SWJXZWpHX2c5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
MGE4YjFiLWJiNjktNDhkNy04Y2E1LTdkYzIyNWFmZTU1NS8xLzhpeUttYTJuZjcw
LUpBRlBYaVR4cjJsUVhDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwvsDANBgkqhkiG9w0BAQsF
AAOCAQEAoUD/cqXM0YQCgCmtmNbyybJXK+RsoAzlgkABtrn4dCSo+uGDcNt76f8w
DwiOG6kk1bVMKfnOg2ZYZbl2XGCpllB06ppUjs2wYnQUcqirlJiT+0R/i9xqhByA
8xSJyFhtDvZCsdilHgg2oi8Eye1lVo0Lt7tQUeVbSdQUNcgc1tLMi5EMF6FtOjO7
Bxnvnn6An70JdIC/g+sKiVEMzOHxW6uD6fxBcm8TO2eNLosB1XLYFrfgsLHsMlad
ye0UVHy67WTtvvbeCoS4ZtwJrbSw9mqNrWwC058aJKlFeAtlqhc6Gxty21DFYXp7
7JSVzVUHVmI3yvvA3FmQeRx36qTSYA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:24 2023 by rpki-client on console-fra.rpki-client.org