Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/G9ahTY0mOUndqKk6IY0INqEZiUw.roa
File: G9ahTY0mOUndqKk6IY0INqEZiUw.roa (raw, json)
Hash identifier: 0Bye70iRpUmuhHmPdb0vROlRDeN2tShogXvjDcQx24g=
Subject key identifier: 1B:D6:A1:4D:8D:26:39:49:DD:A8:A9:3A:21:8D:08:36:A1:19:89:4C
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 07A10319
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/G9ahTY0mOUndqKk6IY0INqEZiUw.roa
Signing time: Sat 01 Jan 2022 09:03:07 +0000
ROA not before: Sat 01 Jan 2022 09:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32780
IP address blocks: 2a07:23c0:8::/48 maxlen: 48
2a07:23c0::/48 maxlen: 48
2a07:23c0:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127992601 (0x7a10319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 1 09:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bd6a14d8d263949dda8a93a218d0836a119894c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f0:0e:97:b6:09:b4:fe:56:20:35:fa:82:e2:
ff:86:4e:aa:ef:7a:1a:53:ce:2f:b4:d7:38:c7:d8:
8e:f0:c6:2c:16:57:c3:3e:b1:c9:43:e6:ab:cf:67:
9f:f9:e4:1f:55:41:99:4e:f6:c9:83:cb:7d:e0:84:
05:ec:85:74:7d:4e:64:0c:77:4c:d7:2e:a4:19:dc:
b4:67:aa:cf:53:a6:eb:f9:57:a8:3c:95:33:3e:12:
4d:8d:9c:b9:55:0d:21:d4:d5:63:52:24:79:d4:fe:
cc:9f:f9:74:d9:54:0f:fa:ac:b2:0b:cd:97:e8:e6:
f3:c0:fc:d4:ac:49:5d:d2:ef:bd:34:34:11:57:40:
ea:e0:04:b9:1d:a4:de:09:0d:e6:37:71:c3:fe:c6:
ca:30:b4:e9:0b:5c:c0:b9:15:86:3e:9e:ae:4c:41:
a3:0f:78:6e:03:70:f8:07:0a:c2:be:b9:df:93:81:
69:f8:11:69:c1:95:01:3d:1d:a9:b7:1d:91:42:0c:
36:75:5b:da:38:8b:8a:66:b7:68:9a:21:bf:19:34:
aa:a7:60:80:08:38:06:f1:1f:28:4d:1b:60:35:ba:
b1:9d:44:a8:16:2c:5f:74:04:d9:9c:0b:c2:18:10:
97:cc:71:02:0d:56:12:70:91:ba:9c:4f:26:7f:bc:
dd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D6:A1:4D:8D:26:39:49:DD:A8:A9:3A:21:8D:08:36:A1:19:89:4C
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/G9ahTY0mOUndqKk6IY0INqEZiUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:23c0::/48
2a07:23c0:8::/47
Signature Algorithm: sha256WithRSAEncryption
32:46:46:fc:a0:53:86:bc:a8:5a:c9:87:a1:df:b2:f8:6f:18:
59:e9:2f:c7:c8:76:d4:6d:75:03:57:70:1c:20:49:d2:94:3f:
2a:1b:9d:a5:d9:03:4b:63:d9:78:ed:34:c4:75:65:bb:3d:c9:
72:08:1f:b8:ef:cd:ae:01:4a:d4:7c:c9:c7:f8:cf:77:5c:47:
0c:d2:aa:b7:e4:be:30:fb:5b:70:c8:5f:1d:05:6e:88:17:cf:
0e:0b:8b:86:e5:85:5e:01:22:43:cd:d7:19:3b:45:02:57:05:
3b:f1:7f:13:fa:4d:d6:97:bf:2b:35:11:d1:a8:92:d0:e0:7c:
ae:52:36:66:ef:cc:7b:5a:e0:0f:06:78:58:d8:26:96:b7:24:
c5:e8:e2:03:4d:5a:27:cd:81:4c:27:7b:6f:f7:60:de:f9:c3:
7e:df:a2:c1:ee:2e:35:ab:a0:46:02:4e:ed:4a:da:7a:af:cc:
3e:99:60:39:f4:40:7d:3e:5d:1d:50:96:38:3e:0e:5a:80:56:
10:8a:a0:7b:7c:e6:85:a9:59:a6:60:81:8e:02:05:ac:7a:3f:
4a:84:af:25:4f:bd:47:dd:4c:ee:ed:1d:7f:ba:f2:20:2e:fa:
4d:29:03:c1:c5:0d:3c:c8:3c:4e:cf:20:59:8a:62:e6:42:cf:
fb:a4:89:3c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEB6EDGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmIyYmI3YmFkNTBmMTkyMTgxMGEwMjhlNzhlZGQ2NWY4MWY2YTdkMB4XDTIyMDEw
MTA5MDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJkNmExNGQ4ZDI2
Mzk0OWRkYThhOTNhMjE4ZDA4MzZhMTE5ODk0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbwDpe2CbT+ViA1+oLi/4ZOqu96GlPOL7TXOMfYjvDGLBZX
wz6xyUPmq89nn/nkH1VBmU72yYPLfeCEBeyFdH1OZAx3TNcupBnctGeqz1Om6/lX
qDyVMz4STY2cuVUNIdTVY1IkedT+zJ/5dNlUD/qssgvNl+jm88D81KxJXdLvvTQ0
EVdA6uAEuR2k3gkN5jdxw/7GyjC06QtcwLkVhj6erkxBow94bgNw+AcKwr6535OB
afgRacGVAT0dqbcdkUIMNnVb2jiLima3aJohvxk0qqdggAg4BvEfKE0bYDW6sZ1E
qBYsX3QE2ZwLwhgQl8xxAg1WEnCRupxPJn+83fUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQb1qFNjSY5Sd2oqTohjQg2oRmJTDAfBgNVHSMEGDAWgBRPsrt7rVDxkhgQ
oCjnjt1l+B9qfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3SzdlNjFROFpJWUVLQW81NDdkWmZnZmFuMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvZmRhMzgyLTQyNTctNDFjMy04ZWM2LTI3ZmJjOTllYTNjNi8x
L0c5YWhUWTBtT1VuZHFLazZJWTBJTnFFWmlVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
ZmRhMzgyLTQyNTctNDFjMy04ZWM2LTI3ZmJjOTllYTNjNi8xL1Q3SzdlNjFROFpJ
WUVLQW81NDdkWmZnZmFuMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoHI8AAAAMHASoHI8AACDANBgkq
hkiG9w0BAQsFAAOCAQEAMkZG/KBThryoWsmHod+y+G8YWekvx8h21G11A1dwHCBJ
0pQ/KhudpdkDS2PZeO00xHVluz3JcggfuO/NrgFK1HzJx/jPd1xHDNKqt+S+MPtb
cMhfHQVuiBfPDguLhuWFXgEiQ83XGTtFAlcFO/F/E/pN1pe/KzUR0aiS0OB8rlI2
Zu/Me1rgDwZ4WNgmlrckxejiA01aJ82BTCd7b/dg3vnDft+iwe4uNaugRgJO7Ura
eq/MPplgOfRAfT5dHVCWOD4OWoBWEIqge3zmhalZpmCBjgIFrHo/SoSvJU+9R91M
7u0df7ryIC76TSkDwcUNPMg8Ts8gWYpi5kLP+6SJPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org