Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/EKx6SHDEGsGWjn0Dfft2iAG2I5g.roa
File: EKx6SHDEGsGWjn0Dfft2iAG2I5g.roa (raw, json)
Hash identifier: NA/Ta8ym4a/cPr8b8+ldpP2U7qa9TIsuXPfHRYpjHII=
Subject key identifier: 10:AC:7A:48:70:C4:1A:C1:96:8E:7D:03:7D:FB:76:88:01:B6:23:98
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 10F86CFE
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/EKx6SHDEGsGWjn0Dfft2iAG2I5g.roa
Signing time: Sat 01 Jan 2022 15:55:19 +0000
ROA not before: Sat 01 Jan 2022 15:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30969
IP address blocks: 2a01:410:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284716286 (0x10f86cfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 1 15:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10ac7a4870c41ac1968e7d037dfb768801b62398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ac:c0:d5:4c:0d:66:d6:5d:7e:7f:34:8e:4a:
ff:4e:89:ff:78:5e:dc:17:14:1a:41:1d:d3:a0:92:
66:74:19:55:94:12:cb:ff:74:3d:e9:78:37:fa:cb:
41:33:b5:99:6b:13:62:6e:74:e1:35:ea:bb:02:0c:
c2:69:c7:9d:ef:e0:4e:40:34:1f:47:46:8d:83:ae:
3b:04:7c:ba:0c:49:ba:db:13:ae:e8:ff:e3:04:dd:
87:ec:0e:31:d4:13:c7:61:2b:c2:84:dc:9f:6e:aa:
08:31:6e:7a:aa:da:d9:3a:1e:c8:d7:30:fd:8e:70:
c4:13:05:22:5f:d1:35:d5:ba:1b:fa:c4:7a:22:06:
9a:50:35:bb:8d:f4:24:7c:08:d7:19:79:dd:61:4f:
3c:21:bb:a8:dd:2a:a1:7e:ab:29:d4:df:99:18:87:
83:46:fd:92:18:da:80:75:5c:bc:73:32:08:1e:01:
03:ac:5f:ca:4d:05:ac:fd:0e:b2:1d:93:5d:b9:b4:
ed:c7:86:b1:9b:23:85:2d:e2:86:72:58:d0:ab:46:
a0:31:70:97:c2:ae:42:bb:f2:71:33:84:d4:c7:07:
7f:a5:76:1f:d3:10:7f:35:e0:b1:49:bb:40:45:09:
04:0a:1d:37:d6:3d:a2:1f:80:57:69:4d:95:83:b5:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AC:7A:48:70:C4:1A:C1:96:8E:7D:03:7D:FB:76:88:01:B6:23:98
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/EKx6SHDEGsGWjn0Dfft2iAG2I5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:410:100::/40
Signature Algorithm: sha256WithRSAEncryption
96:d1:5a:6f:cf:13:24:d2:55:92:1b:3f:29:9a:17:a3:6f:b2:
91:65:d6:42:e1:d7:42:3d:76:9f:c4:34:fe:fb:2f:24:de:6f:
f0:35:9e:5d:75:1d:bb:2a:93:7b:41:b0:ce:2d:8e:1d:56:d2:
1a:95:c1:07:21:3d:6b:1a:06:19:09:91:cf:b6:e7:e2:7c:0d:
31:c3:10:13:58:a9:10:78:44:55:13:3a:c4:d2:54:d1:65:fb:
25:b6:d4:b1:8a:9b:09:c8:01:4d:ce:de:11:10:c7:01:e0:58:
89:a7:5a:99:4b:cd:9f:36:25:62:c7:ec:67:a6:d9:4f:78:e3:
50:4c:a1:0d:9d:68:b1:39:37:2b:b2:76:d0:e3:c8:77:f8:cd:
bf:d9:df:40:aa:92:1b:dc:71:d8:4a:d8:ab:6c:b6:a5:1e:29:
7e:ff:cf:4e:10:b2:2a:fb:da:04:aa:b9:99:13:86:c9:21:b7:
d2:e6:96:63:4f:d4:d2:be:bf:61:89:6a:b0:dd:56:d3:5e:19:
e6:11:78:74:82:28:f5:0f:ec:f8:c8:09:5f:c4:e9:dd:9d:c7:
c1:b5:ba:98:2a:cf:9d:b3:45:50:52:cb:73:df:8a:95:14:11:
31:38:0c:78:c2:5f:f9:35:d1:94:1e:7a:63:c0:59:1b:79:3f:
c2:7e:bb:9c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEPhs/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDk3NjczYzc4ZWZhZTVmNmJkODBhMjVhY2UzZDNjMzcxOTNlNzg5MB4XDTIyMDEw
MTE1NTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBhYzdhNDg3MGM0
MWFjMTk2OGU3ZDAzN2RmYjc2ODgwMWI2MjM5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPKswNVMDWbWXX5/NI5K/06J/3he3BcUGkEd06CSZnQZVZQS
y/90Pel4N/rLQTO1mWsTYm504TXquwIMwmnHne/gTkA0H0dGjYOuOwR8ugxJutsT
ruj/4wTdh+wOMdQTx2ErwoTcn26qCDFueqra2ToeyNcw/Y5wxBMFIl/RNdW6G/rE
eiIGmlA1u430JHwI1xl53WFPPCG7qN0qoX6rKdTfmRiHg0b9khjagHVcvHMyCB4B
A6xfyk0FrP0Osh2TXbm07ceGsZsjhS3ihnJY0KtGoDFwl8KuQrvycTOE1McHf6V2
H9MQfzXgsUm7QEUJBAodN9Y9oh+AV2lNlYO1kXUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQQrHpIcMQawZaOfQN9+3aIAbYjmDAfBgNVHSMEGDAWgBT0l2c8eO+uX2vY
CiWs49PDcZPniTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlKZG5QSGp2cmw5cjJBb2xyT1BUdzNHVDU0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8x
L0VLeDZTSERFR3NHV2puMERmZnQyaUFHMkk1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
ZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8xLzlKZG5QSGp2cmw5
cjJBb2xyT1BUdzNHVDU0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBBABMA0GCSqGSIb3DQEBCwUA
A4IBAQCW0VpvzxMk0lWSGz8pmhejb7KRZdZC4ddCPXafxDT++y8k3m/wNZ5ddR27
KpN7QbDOLY4dVtIalcEHIT1rGgYZCZHPtufifA0xwxATWKkQeERVEzrE0lTRZfsl
ttSxipsJyAFNzt4REMcB4FiJp1qZS82fNiVix+xnptlPeONQTKENnWixOTcrsnbQ
48h3+M2/2d9AqpIb3HHYStirbLalHil+/89OELIq+9oEqrmZE4bJIbfS5pZjT9TS
vr9hiWqw3VbTXhnmEXh0gij1D+z4yAlfxOndncfBtbqYKs+ds0VQUstz34qVFBEx
OAx4wl/5NdGUHnpjwFkbeT/Cfruc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:20 2023 by rpki-client on console-fra.rpki-client.org