Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/gqks96jBN0t3HV_k50vH3Bd0VOA.roa
File: gqks96jBN0t3HV_k50vH3Bd0VOA.roa (raw, json)
Hash identifier: Niq6xlbK5cH0XNy5d7r3TRRCLonEZ05s9oLkL1b+9Hc=
Subject key identifier: 82:A9:2C:F7:A8:C1:37:4B:77:1D:5F:E4:E7:4B:C7:DC:17:74:54:E0
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01850BFAF324AF62A9007185353E6BF1DBEC
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/gqks96jBN0t3HV_k50vH3Bd0VOA.roa
Signing time: Tue 13 Dec 2022 14:54:33 +0000
ROA not before: Tue 13 Dec 2022 14:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:e881:73ff::/48 maxlen: 48
2a06:e881:650f::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9300::/44 maxlen: 48
2a06:e881:9700::/44 maxlen: 44
2a06:e881:9700::/48 maxlen: 48
2a06:e881:9701::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:fa:f3:24:af:62:a9:00:71:85:35:3e:6b:f1:db:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Dec 13 14:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82a92cf7a8c1374b771d5fe4e74bc7dc177454e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9b:ad:54:39:f7:5b:9e:ab:88:7c:b6:59:8f:
19:04:4b:68:04:47:f0:dc:08:6d:6e:a1:c3:8e:62:
c6:16:a0:35:56:16:98:45:65:71:f2:9a:93:d6:91:
9f:c8:e0:a3:c2:63:39:63:cb:b4:0b:67:9f:ac:01:
14:4b:d8:b1:d6:fe:9e:f7:e6:f7:68:85:c4:d2:2f:
42:7b:cb:cd:64:d3:77:21:bf:5c:bb:dd:fa:0a:e7:
28:23:f5:45:77:12:fd:91:07:60:0c:70:62:12:f1:
08:cc:8b:7b:6c:5a:08:74:06:d5:f5:18:06:88:b8:
85:b6:d8:f3:67:2b:81:ec:d9:42:9b:e7:59:78:c9:
c5:01:7c:b2:6e:ce:50:92:3d:c1:af:e2:7f:d8:30:
29:b5:4a:e4:54:60:2b:17:c2:51:e2:f7:7c:32:fc:
44:cd:b6:75:60:cd:fb:10:79:55:e9:dc:fc:ca:2b:
f5:13:54:82:74:58:60:1f:90:6f:72:64:71:71:e7:
90:ff:ef:b6:6a:f0:80:e3:74:08:0d:6d:1a:51:7d:
a4:8f:f4:eb:f2:05:25:69:4a:f5:cb:50:8f:7f:55:
ec:1c:6d:97:10:32:24:d0:19:4b:34:9d:5d:96:08:
a4:a2:ad:a9:a0:9e:13:d3:8e:3a:aa:f0:6d:29:09:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A9:2C:F7:A8:C1:37:4B:77:1D:5F:E4:E7:4B:C7:DC:17:74:54:E0
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/gqks96jBN0t3HV_k50vH3Bd0VOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:650f::/48
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9300::/44
2a06:e881:9700::/44
Signature Algorithm: sha256WithRSAEncryption
61:8e:8c:42:c8:6c:af:b1:15:b1:d9:de:03:bf:ea:cd:9a:48:
46:c2:15:4c:14:e4:0e:52:36:6b:90:66:a6:f9:b4:b8:91:76:
5d:47:48:0d:51:db:b8:10:1f:0d:d9:e6:10:e3:f1:48:85:d3:
60:cc:91:01:54:07:20:a2:20:16:e7:93:61:2a:af:1b:76:61:
6c:70:c9:75:e1:49:4f:24:f3:aa:a4:26:f7:bc:f1:93:fc:f5:
49:d4:70:7c:8b:79:10:e1:b8:19:4d:68:3e:33:a6:23:09:ab:
c6:37:8f:20:32:91:ec:b7:eb:b5:83:3d:83:c2:86:4e:34:63:
54:78:8f:0f:dc:f1:e8:90:65:3d:df:64:52:f3:54:23:91:b7:
6d:0b:de:ac:4e:eb:cd:09:1e:45:26:d6:3b:37:3b:a5:de:b4:
b9:b4:36:18:32:ec:f9:a1:09:f2:4f:ab:7a:15:60:7d:d1:cb:
37:b5:5f:be:02:2e:8d:d3:09:3f:b9:be:3c:6e:d2:44:f4:1d:
02:d2:8c:3f:8d:15:34:62:9a:5a:f5:79:e9:fa:eb:67:2c:d7:
62:71:33:13:86:c8:b5:b9:06:44:cb:78:93:f4:be:f8:46:fa:
46:3d:61:7a:44:3b:5e:58:af:a1:e3:71:a0:31:e3:12:16:58:
5e:93:e1:d8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUL+vMkr2KpAHGFNT5r8dvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIxMjEzMTQ1NDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmE5MmNmN2E4YzEzNzRiNzcxZDVmZTRlNzRiYzdkYzE3NzQ1NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5utVDn3W56riHy2WY8ZBEtoBEfw
3AhtbqHDjmLGFqA1VhaYRWVx8pqT1pGfyOCjwmM5Y8u0C2efrAEUS9ix1v6e9+b3
aIXE0i9Ce8vNZNN3Ib9cu936CucoI/VFdxL9kQdgDHBiEvEIzIt7bFoIdAbV9RgG
iLiFttjzZyuB7NlCm+dZeMnFAXyybs5Qkj3Br+J/2DAptUrkVGArF8JR4vd8MvxE
zbZ1YM37EHlV6dz8yiv1E1SCdFhgH5BvcmRxceeQ/++2avCA43QIDW0aUX2kj/Tr
8gUlaUr1y1CPf1XsHG2XEDIk0BlLNJ1dlgikoq2poJ4T0446qvBtKQkVLQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIKpLPeowTdLdx1f5OdLx9wXdFTgMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvZ3Frczk2akJOMHQzSFZfazUwdkgzQmQwVk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgbogWUP
AwcAKgbogXP/AwcDKgbogZIAAwcEKgbogZMAAwcEKgbogZcAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhjoxCyGyvsRWx2d4Dv+rNmkhGwhVMFOQOUjZrkGam+bS4kXZdR0gN
Udu4EB8N2eYQ4/FIhdNgzJEBVAcgoiAW55NhKq8bdmFscMl14UlPJPOqpCb3vPGT
/PVJ1HB8i3kQ4bgZTWg+M6YjCavGN48gMpHst+u1gz2DwoZONGNUeI8P3PHokGU9
32RS81QjkbdtC96sTuvNCR5FJtY7Nzul3rS5tDYYMuz5oQnyT6t6FWB90cs3tV++
Ai6N0wk/ub48btJE9B0C0ow/jRU0Yppa9Xnp+utnLNdicTMThsi1uQZEy3iT9L74
RvpGPWF6RDteWK+h43GgMeMSFlhek+HY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:42 2023 by rpki-client on console-ams.rpki-client.org