Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/eErylO40_mMA8zuK0I8AQxl0U3g.roa
File: eErylO40_mMA8zuK0I8AQxl0U3g.roa (raw, json)
Hash identifier: 1dnVxj6Upe+gtz8eTYV/sPCIChUkflLLMoV1dOnExPg=
Subject key identifier: 78:4A:F2:94:EE:34:FE:63:00:F3:3B:8A:D0:8F:00:43:19:74:53:78
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0824D985
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/eErylO40_mMA8zuK0I8AQxl0U3g.roa
Signing time: Sat 01 Jan 2022 05:54:58 +0000
ROA not before: Sat 01 Jan 2022 05:54:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46516
IP address blocks: 2a05:6700::/29 maxlen: 32
2a06:2700::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136632709 (0x824d985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 1 05:54:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=784af294ee34fe6300f33b8ad08f004319745378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:30:98:97:46:90:7d:37:08:42:82:d3:15:
f7:fa:c0:d3:ff:46:79:b1:ec:00:aa:a8:28:2b:16:
57:6d:a4:85:71:0a:76:04:2d:b8:4a:8d:34:b3:5e:
5b:df:93:26:ec:f4:78:2d:b5:97:39:29:bd:2c:69:
81:ef:56:af:13:ca:0f:03:31:5e:e5:b0:2a:47:b5:
a8:1d:73:d4:d9:7c:c2:ce:44:b6:ae:68:a6:84:83:
27:e2:68:0c:fb:9b:0f:45:46:34:b2:78:c3:b3:b1:
7b:4f:fb:b7:be:b9:f6:9e:c6:a7:a9:82:28:cd:91:
ef:aa:0a:d4:cb:ed:4b:a4:c5:85:80:be:4d:3f:40:
1c:02:df:de:b5:5c:cf:d9:b7:d7:9c:35:67:82:b1:
81:ff:c0:dd:2c:a3:52:50:5d:11:4c:97:d6:f4:b2:
24:5d:d1:a4:b4:e0:f3:f6:a7:ee:43:d8:f9:56:e1:
b8:78:de:64:23:d7:35:10:cd:52:37:a5:e6:a6:3c:
8a:d8:87:18:8c:68:d6:98:ca:34:eb:d5:fd:5d:ee:
12:f9:73:7c:d1:2b:0b:00:73:bd:1d:99:d5:42:ca:
89:da:8c:ba:40:01:8a:17:81:51:c3:e4:6c:67:17:
57:2e:50:a7:2e:e2:e3:b5:65:4c:dc:e0:4a:6c:9b:
55:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4A:F2:94:EE:34:FE:63:00:F3:3B:8A:D0:8F:00:43:19:74:53:78
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/eErylO40_mMA8zuK0I8AQxl0U3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6700::/29
2a06:2700::/29
Signature Algorithm: sha256WithRSAEncryption
73:52:24:20:7c:e3:d6:a5:78:c8:99:de:a4:91:ac:23:55:91:
69:c9:a5:68:27:4b:b4:49:79:f7:1a:b7:ea:09:35:2b:14:be:
6e:04:2b:ad:60:d3:b0:75:16:9d:98:67:6a:71:5c:69:81:20:
fd:a3:84:1e:64:81:a4:c2:6b:b7:06:77:ee:16:c0:4b:f2:4b:
07:a8:27:01:8c:73:23:97:74:2b:ca:d0:1e:19:03:fe:e5:c7:
28:fe:28:be:2e:34:c5:83:4c:15:5f:95:27:7a:d8:ca:ae:bd:
55:f2:52:b7:a0:4e:70:d9:c6:10:ea:a1:5b:e0:ec:c7:dd:9f:
53:69:c8:39:e8:33:32:de:89:64:88:55:4e:46:ff:6f:de:55:
95:01:1b:0b:75:c6:24:0a:d0:81:86:0e:3c:e0:81:77:0a:d8:
8c:a4:47:36:a0:58:e0:9a:14:83:87:77:70:52:ae:83:29:f9:
08:eb:8d:e5:a3:8e:30:db:31:32:6b:9c:10:dc:b9:dd:aa:e6:
d9:52:e2:a5:3b:88:9a:b4:44:16:12:29:a6:80:7f:94:5f:9f:
ca:14:c2:2b:9e:33:cb:22:7e:9c:4a:bc:65:0d:41:f9:7a:67:
52:5b:a3:e6:7e:4c:d1:6f:55:be:ce:69:0c:e5:06:98:af:fe:
14:5c:28:b7
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECCTZhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjIyMDhiNDdiNmE4NjRkOWQxZmYzM2UwNmFhODFkMTM4MTlhNzRlMB4XDTIyMDEw
MTA1NTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg0YWYyOTRlZTM0
ZmU2MzAwZjMzYjhhZDA4ZjAwNDMxOTc0NTM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrsMJiXRpB9NwhCgtMV9/rA0/9GebHsAKqoKCsWV22khXEK
dgQtuEqNNLNeW9+TJuz0eC21lzkpvSxpge9WrxPKDwMxXuWwKke1qB1z1Nl8ws5E
tq5opoSDJ+JoDPubD0VGNLJ4w7Oxe0/7t7659p7Gp6mCKM2R76oK1MvtS6TFhYC+
TT9AHALf3rVcz9m315w1Z4Kxgf/A3SyjUlBdEUyX1vSyJF3RpLTg8/an7kPY+Vbh
uHjeZCPXNRDNUjel5qY8itiHGIxo1pjKNOvV/V3uEvlzfNErCwBzvR2Z1ULKidqM
ukABiheBUcPkbGcXVy5Qpy7i47VlTNzgSmybVSUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBR4SvKU7jT+YwDzO4rQjwBDGXRTeDAfBgNVHSMEGDAWgBSSIgi0e2qGTZ0f
8z4GqoHROBmnTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpSUl0SHRxaGsyZEhfTS1CcXFCMFRnWnAwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNjk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8x
L2VFcnlsTzQwX21NQTh6dUswSThBUXhsMFUzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
Njk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8xL2tpSUl0SHRxaGsy
ZEhfTS1CcXFCMFRnWnAwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoFZwADBQMqBicAMA0GCSqGSIb3
DQEBCwUAA4IBAQBzUiQgfOPWpXjImd6kkawjVZFpyaVoJ0u0SXn3GrfqCTUrFL5u
BCutYNOwdRadmGdqcVxpgSD9o4QeZIGkwmu3BnfuFsBL8ksHqCcBjHMjl3QrytAe
GQP+5cco/ii+LjTFg0wVX5UnetjKrr1V8lK3oE5w2cYQ6qFb4OzH3Z9Tacg56DMy
3olkiFVORv9v3lWVARsLdcYkCtCBhg484IF3CtiMpEc2oFjgmhSDh3dwUq6DKfkI
643lo44w2zEya5wQ3LndqubZUuKlO4iatEQWEimmgH+UX5/KFMIrnjPLIn6cSrxl
DUH5emdSW6PmfkzRb1W+zmkM5QaYr/4UXCi3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:22 2023 by rpki-client on console-ams.rpki-client.org