Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SHK8vpvNyEYuLCIQVA1FU9iXhlw.roa
File: SHK8vpvNyEYuLCIQVA1FU9iXhlw.roa (raw, json)
Hash identifier: 0T7fh4cWirIhxhw8ChPPgXY8jhVURoQlMPFuaDnqDtg=
Subject key identifier: 48:72:BC:BE:9B:CD:C8:46:2E:2C:22:10:54:0D:45:53:D8:97:86:5C
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43534EA0
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SHK8vpvNyEYuLCIQVA1FU9iXhlw.roa
Signing time: Sat 01 Jan 2022 08:00:25 +0000
ROA not before: Sat 01 Jan 2022 08:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198412
IP address blocks: 2a03:f87:ba14::/48 maxlen: 48
2a03:f87:ba54::/48 maxlen: 48
2a03:f87:ba39::/48 maxlen: 48
2a03:f87:ba43::/48 maxlen: 48
2a03:f87:3::/48 maxlen: 48
2a03:f87:baa8::/48 maxlen: 48
2a03:f87:ba28::/48 maxlen: 48
2a03:f87:ba32::/48 maxlen: 48
2a03:f87:ba57::/48 maxlen: 48
2a03:f87:ba17::/48 maxlen: 48
2a03:f87:ba21::/48 maxlen: 48
2a03:f87:baa1::/48 maxlen: 48
2a03:f87:ba46::/48 maxlen: 48
2a03:f87:baab::/48 maxlen: 48
2a03:f87:ba10::/48 maxlen: 48
2a03:f87:ba50::/48 maxlen: 48
2a03:f87:ba35::/48 maxlen: 48
2a03:f87:ba24::/48 maxlen: 48
2a03:f87:baa4::/48 maxlen: 48
2a03:f87:ba49::/48 maxlen: 48
2a03:f87:ba13::/48 maxlen: 48
2a03:f87:ba53::/48 maxlen: 48
2a03:f87:ba38::/48 maxlen: 48
2a03:f87:ba42::/48 maxlen: 48
2a03:f87:ba27::/48 maxlen: 48
2a03:f87:baa7::/48 maxlen: 48
2a03:f87:ba31::/48 maxlen: 48
2a03:f87:ba56::/48 maxlen: 48
2a03:f87:ba16::/48 maxlen: 48
2a03:f87:ba60::/48 maxlen: 48
2a03:f87:ba20::/48 maxlen: 48
2a03:f87:ba45::/48 maxlen: 48
2a03:f87::/32 maxlen: 32
2a03:f87:baaa::/48 maxlen: 48
2a03:f87:ba34::/48 maxlen: 48
2a03:f87:ba59::/48 maxlen: 48
2a03:f87:ba19::/48 maxlen: 48
2a03:f87:ba23::/48 maxlen: 48
2a03:f87:baa3::/48 maxlen: 48
2a03:f87:ba48::/48 maxlen: 48
2a03:f87:baad::/48 maxlen: 48
2a03:f87:ba12::/48 maxlen: 48
2a03:f87:ba52::/48 maxlen: 48
2a03:f87:ba37::/48 maxlen: 48
2a03:f87:ba41::/48 maxlen: 48
2a03:f87:ba26::/48 maxlen: 48
2a03:f87:baa6::/48 maxlen: 48
2a03:f87:ba30::/48 maxlen: 48
2a03:f87:ba55::/48 maxlen: 48
2a03:f87:ba15::/48 maxlen: 48
2a03:f87:ba44::/48 maxlen: 48
2a03:f87:baa9::/48 maxlen: 48
2a03:f87:ba29::/48 maxlen: 48
2a03:f87:ba33::/48 maxlen: 48
2a03:f87:ba18::/48 maxlen: 48
2a03:f87:ba22::/48 maxlen: 48
2a03:f87:baa2::/48 maxlen: 48
2a03:f87:ba47::/48 maxlen: 48
2a03:f87:baac::/48 maxlen: 48
2a03:f87:ba11::/48 maxlen: 48
2a03:f87:ba51::/48 maxlen: 48
2a03:f87:ba36::/48 maxlen: 48
2a03:f87:ba40::/48 maxlen: 48
2a03:f87:ba25::/48 maxlen: 48
2a03:f87:baa5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1129533088 (0x43534ea0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 08:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4872bcbe9bcdc8462e2c2210540d4553d897865c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:7e:9f:2d:45:8d:16:5f:bd:6b:87:d2:da:f5:
82:f8:d1:79:b9:69:72:e3:9f:b9:d8:b2:25:72:f9:
70:46:d0:4b:34:ec:a1:e8:76:cb:03:c9:27:65:db:
d5:93:6c:ad:2a:57:f9:73:f9:8b:11:9c:73:6f:50:
16:79:a5:5a:14:6e:6c:86:99:07:34:50:0f:22:cb:
f2:54:33:ba:0d:df:1c:56:77:4a:22:9c:3d:45:b9:
cf:32:aa:fd:1c:39:95:3f:19:4b:9f:01:7c:09:f5:
a0:62:fb:5e:88:c9:01:6c:30:26:21:ca:46:c6:19:
61:ff:2a:28:60:41:ab:29:47:6c:ce:85:b3:60:a1:
3b:88:d8:6b:39:10:02:ad:70:b2:c9:d6:f1:4f:7a:
76:c4:30:b9:13:47:a2:b3:bc:5a:06:11:c7:03:1d:
28:4c:b6:2e:00:b0:e3:4c:f2:1a:8b:0f:27:ae:b2:
b3:72:9b:b1:11:e7:69:ba:38:5e:cc:34:4f:68:a9:
fe:1d:90:8b:42:03:38:4f:c2:0a:d0:48:da:7e:3c:
6f:9d:64:71:41:63:75:81:8d:94:2d:b3:f1:97:3c:
1c:02:a4:7b:c1:c9:88:97:0d:55:15:07:af:4e:87:
0c:bc:62:09:51:98:ca:72:02:b3:08:a3:46:88:8c:
04:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:72:BC:BE:9B:CD:C8:46:2E:2C:22:10:54:0D:45:53:D8:97:86:5C
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SHK8vpvNyEYuLCIQVA1FU9iXhlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f87::/32
Signature Algorithm: sha256WithRSAEncryption
00:c4:24:6e:60:4d:8e:ae:9a:0f:41:0e:83:b1:85:0e:39:f6:
6b:19:2a:69:a5:a0:f0:85:3f:60:13:97:04:d1:3a:93:64:ef:
cc:fc:e5:79:79:2c:b3:ca:9a:7b:56:e6:31:05:72:21:20:c8:
bb:1e:cb:d7:c5:0a:d4:ef:00:a7:06:7f:ae:c0:cd:18:0a:27:
f5:53:26:0d:8d:a5:ed:f0:77:34:b5:52:23:87:cd:11:cb:a5:
8c:d8:f1:e6:84:57:5a:d1:35:ab:6d:72:6f:d0:a4:81:a5:55:
ce:9f:c8:87:68:ba:16:72:4a:f3:78:5e:4e:b6:40:9c:b4:a2:
8b:76:c1:ff:f7:38:2e:28:b0:d6:4b:0c:4f:80:44:0d:0d:e0:
24:63:41:71:c8:d5:37:fe:53:9d:e7:1b:53:64:d5:6c:b9:55:
f2:a3:9f:ed:56:ad:e9:77:96:ea:32:b1:4a:09:32:64:19:5d:
48:0d:dd:16:74:ee:ba:2c:7d:9d:09:9f:eb:01:bd:11:21:66:
b1:8d:03:66:47:94:f8:5c:aa:96:fa:62:37:c6:65:56:e1:51:
fe:af:a6:ca:73:9e:f1:ec:f3:a7:2a:1e:e2:c9:fb:3d:08:26:
02:0c:a4:9c:b0:bd:42:02:96:ef:d7:66:54:e9:30:10:0c:d4:
a0:a1:0e:2b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEQ1NOoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA4MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg3MmJjYmU5YmNk
Yzg0NjJlMmMyMjEwNTQwZDQ1NTNkODk3ODY1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPx+ny1FjRZfvWuH0tr1gvjReblpcuOfudiyJXL5cEbQSzTs
oeh2ywPJJ2Xb1ZNsrSpX+XP5ixGcc29QFnmlWhRubIaZBzRQDyLL8lQzug3fHFZ3
SiKcPUW5zzKq/Rw5lT8ZS58BfAn1oGL7XojJAWwwJiHKRsYZYf8qKGBBqylHbM6F
s2ChO4jYazkQAq1wssnW8U96dsQwuRNHorO8WgYRxwMdKEy2LgCw40zyGosPJ66y
s3KbsRHnabo4Xsw0T2ip/h2Qi0IDOE/CCtBI2n48b51kcUFjdYGNlC2z8Zc8HAKk
e8HJiJcNVRUHr06HDLxiCVGYynICswijRoiMBMUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRIcry+m83IRi4sIhBUDUVT2JeGXDAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L1NISzh2cHZOeUVZdUxDSVFWQTFGVTlpWGhsdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoDD4cwDQYJKoZIhvcNAQELBQAD
ggEBAADEJG5gTY6umg9BDoOxhQ459msZKmmloPCFP2ATlwTROpNk78z85Xl5LLPK
mntW5jEFciEgyLsey9fFCtTvAKcGf67AzRgKJ/VTJg2Npe3wdzS1UiOHzRHLpYzY
8eaEV1rRNattcm/QpIGlVc6fyIdouhZySvN4Xk62QJy0oot2wf/3OC4osNZLDE+A
RA0N4CRjQXHI1Tf+U53nG1Nk1Wy5VfKjn+1Wrel3luoysUoJMmQZXUgN3RZ07ros
fZ0Jn+sBvREhZrGNA2ZHlPhcqpb6YjfGZVbhUf6vpspznvHs86cqHuLJ+z0IJgIM
pJywvUIClu/XZlTpMBAM1KChDis=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org