Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/orqyNqApkJLaGntPzVN6lU4I-js.roa
File: orqyNqApkJLaGntPzVN6lU4I-js.roa (raw, json)
Hash identifier: bfHDQrj8R9w3w27ywrZkKwty2WLJu00n9B6YpICGaAg=
Subject key identifier: A2:BA:B2:36:A0:29:90:92:DA:1A:7B:4F:CD:53:7A:95:4E:08:FA:3B
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 0184962C4B5D72BFAF31088A04992AB2E3AC
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/orqyNqApkJLaGntPzVN6lU4I-js.roa
Signing time: Sun 20 Nov 2022 17:53:16 +0000
ROA not before: Sun 20 Nov 2022 17:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52042
IP address blocks: 2a0e:48c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:2c:4b:5d:72:bf:af:31:08:8a:04:99:2a:b2:e3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Nov 20 17:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2bab236a0299092da1a7b4fcd537a954e08fa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f8:78:28:a9:fa:e2:2b:a6:9f:b7:f1:f3:ed:
ce:eb:47:23:de:0c:7a:c4:24:16:bf:93:0f:58:84:
4d:39:01:6a:7e:fa:aa:c8:2a:55:73:f2:8b:4c:c7:
98:60:a3:0a:26:98:5d:46:95:45:79:17:e3:b0:eb:
32:c4:f8:d2:2f:9a:c4:de:76:55:34:7c:8b:2c:48:
e5:a1:7d:68:0d:f0:4f:1a:35:b8:2e:d3:8b:42:94:
f3:1b:27:19:e6:a9:cd:9c:7f:37:c4:4e:f7:af:90:
62:ff:6b:3a:f7:7e:59:5b:05:aa:f9:22:d4:83:03:
de:81:61:10:e2:59:5d:bc:c2:e6:72:0b:97:b0:b2:
2c:4d:ed:38:4c:c6:89:73:a0:66:af:fd:ae:14:e4:
e2:67:c0:82:5c:31:83:4c:4b:92:ee:18:92:54:1e:
fa:92:93:50:18:ae:ae:76:df:3c:a2:81:5f:7c:9e:
cd:64:98:3b:c6:d8:99:d3:01:63:27:c3:aa:33:13:
1c:54:87:4a:b2:6a:94:97:ad:2a:6b:44:f5:04:00:
a8:21:87:16:a1:2d:da:17:16:97:e7:e2:09:df:a3:
b6:84:cf:2e:d5:dc:d1:5e:e8:6b:de:99:86:0e:27:
d8:8f:bb:ae:cd:53:2c:27:e2:5a:6e:c0:0a:9e:3e:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BA:B2:36:A0:29:90:92:DA:1A:7B:4F:CD:53:7A:95:4E:08:FA:3B
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/orqyNqApkJLaGntPzVN6lU4I-js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:70:18:d1:e8:78:84:3a:c4:d2:b5:67:1e:28:a7:01:24:9a:
c7:78:d5:ed:6e:e1:f6:82:b2:54:35:bb:cb:be:73:9c:18:e0:
83:a7:a6:1c:1c:6b:df:32:a0:de:43:37:f1:12:2d:1c:6d:79:
67:14:17:57:a5:d9:b8:15:10:0f:1f:08:c5:e2:df:ad:93:8f:
0d:f7:d3:1b:2a:4e:58:d8:72:3b:14:71:36:d2:3d:f8:27:64:
7a:f1:db:62:40:89:70:29:04:f1:36:99:ad:b7:03:fb:ec:09:
4b:76:81:98:44:26:52:a7:93:93:74:08:51:53:63:c3:bd:00:
c9:a4:05:e8:66:c7:b2:46:c6:57:67:04:dc:0b:a5:af:60:be:
9e:66:07:2d:5b:17:fc:35:90:e0:ec:1d:cc:68:cb:46:fa:c3:
a9:db:70:5b:8c:5c:cd:cc:81:aa:9f:3c:4d:80:f5:e6:45:b5:
bc:e7:d9:a2:07:60:d6:9b:cc:18:12:63:cf:2b:82:3d:cc:aa:
6a:a9:64:e9:a7:59:eb:22:68:36:c2:fc:e2:ce:43:9a:c6:6b:
ea:47:00:4f:1b:e5:46:1e:13:14:d3:c4:b4:f6:09:17:43:f1:
8e:ce:08:4d:61:c9:61:f5:26:84:61:d7:b8:b4:85:e5:e7:9d:
43:fd:c2:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSWLEtdcr+vMQiKBJkqsuOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMTIwMTc1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJhYjIzNmEwMjk5MDkyZGExYTdiNGZjZDUzN2E5NTRlMDhmYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ph4KKn64iumn7fx8+3O60cj3gx6
xCQWv5MPWIRNOQFqfvqqyCpVc/KLTMeYYKMKJphdRpVFeRfjsOsyxPjSL5rE3nZV
NHyLLEjloX1oDfBPGjW4LtOLQpTzGycZ5qnNnH83xE73r5Bi/2s6935ZWwWq+SLU
gwPegWEQ4lldvMLmcguXsLIsTe04TMaJc6Bmr/2uFOTiZ8CCXDGDTEuS7hiSVB76
kpNQGK6udt88ooFffJ7NZJg7xtiZ0wFjJ8OqMxMcVIdKsmqUl60qa0T1BACoIYcW
oS3aFxaX5+IJ36O2hM8u1dzRXuhr3pmGDifYj7uuzVMsJ+JabsAKnj4MyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKK6sjagKZCS2hp7T81TepVOCPo7MB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvb3JxeU5xQXBrSkxhR250UHpWTjZsVTRJLWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUnAY0eh4hDrE0rVnHiinASSax3jV7W7h9oKyVDW7
y75znBjgg6emHBxr3zKg3kM38RItHG15ZxQXV6XZuBUQDx8IxeLfrZOPDffTGypO
WNhyOxRxNtI9+CdkevHbYkCJcCkE8TaZrbcD++wJS3aBmEQmUqeTk3QIUVNjw70A
yaQF6GbHskbGV2cE3Aulr2C+nmYHLVsX/DWQ4OwdzGjLRvrDqdtwW4xczcyBqp88
TYD15kW1vOfZogdg1pvMGBJjzyuCPcyqaqlk6adZ6yJoNsL84s5DmsZr6kcATxvl
Rh4TFNPEtPYJF0Pxjs4ITWHJYfUmhGHXuLSF5eedQ/3CPw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:34 2023 by rpki-client on console.sobornost.net