Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PxpmjHcM122o2ZHUcKUX6PMvqrQ.roa
File: PxpmjHcM122o2ZHUcKUX6PMvqrQ.roa (raw, json)
Hash identifier: nz14XuyhjEf7jotpTwkw/v9bNntgH8GN0rr7+7Cdbkw=
Subject key identifier: 3F:1A:66:8C:77:0C:D7:6D:A8:D9:91:D4:70:A5:17:E8:F3:2F:AA:B4
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018345C64DBC50AA36ED93C6F19E53907969
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PxpmjHcM122o2ZHUcKUX6PMvqrQ.roa
Signing time: Fri 16 Sep 2022 10:09:27 +0000
ROA not before: Fri 16 Sep 2022 10:09:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210445
IP address blocks: 2a0c:9a40:821a::/48 maxlen: 48
2a0c:9a40:8210::/44 maxlen: 48
2a0c:9a40:9300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:c6:4d:bc:50:aa:36:ed:93:c6:f1:9e:53:90:79:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Sep 16 10:09:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f1a668c770cd76da8d991d470a517e8f32faab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:49:ff:a5:24:4e:d8:73:f0:8b:f5:fd:bc:
49:45:1b:4b:05:76:70:61:c0:a7:a3:8e:f6:89:58:
15:56:15:23:66:31:7f:69:49:9a:48:ac:37:a5:5b:
ca:42:43:00:4c:a2:84:7b:c9:93:09:d1:f8:28:ec:
32:4e:86:c1:04:98:86:85:19:8a:d1:12:3b:8e:65:
90:d0:ab:ec:21:38:07:1d:5a:cd:45:9e:0d:9e:6b:
14:c9:a9:22:b5:1c:5c:e5:4a:b5:69:5a:74:bc:26:
bc:d2:93:76:4b:48:68:f9:b0:2e:bc:af:97:cf:5b:
ea:13:97:37:32:02:7a:93:f1:bc:63:bb:bb:2b:66:
62:c9:c0:c4:a4:85:cc:5a:ee:a5:93:6e:62:47:d6:
8a:14:16:64:ec:bb:d4:1c:2c:c8:b6:45:cd:d8:89:
51:fd:d2:99:b0:cd:df:d7:be:8e:ff:10:69:27:98:
69:f8:7c:18:7d:36:9c:46:6f:5b:21:3d:a6:61:49:
d0:f6:c1:77:f5:33:31:6b:52:a3:32:34:6c:dd:8e:
78:85:94:29:65:28:e2:f9:35:e1:de:59:a3:24:6a:
87:be:69:5c:38:bc:c1:1b:44:36:e8:dc:32:cb:23:
1b:ab:b0:c5:0d:5f:75:3f:4e:68:8e:c6:1f:6f:8a:
e0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1A:66:8C:77:0C:D7:6D:A8:D9:91:D4:70:A5:17:E8:F3:2F:AA:B4
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/PxpmjHcM122o2ZHUcKUX6PMvqrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8210::/44
2a0c:9a40:9300::/40
Signature Algorithm: sha256WithRSAEncryption
2a:cf:f9:a1:c3:d6:f9:b0:56:0e:94:d8:6d:ec:86:c2:43:2b:
c6:ac:5e:30:de:40:eb:c0:50:0d:c0:8c:41:41:63:b1:4e:a6:
d7:22:99:88:3b:e6:ae:1e:79:76:d7:52:4b:30:e8:af:ce:a1:
3c:33:9c:98:57:86:4d:75:c8:82:76:46:cd:cb:00:12:e7:fc:
76:9b:92:f0:f7:61:c2:b5:58:e4:ad:47:9e:ab:2b:3d:1b:b6:
cb:62:38:11:5c:ed:d9:b0:03:5a:02:45:b5:91:ac:1a:da:e4:
36:81:73:12:34:36:c3:0e:52:e2:0b:51:51:a6:8e:a8:03:3e:
91:50:3f:8b:3a:1e:59:d6:ff:66:85:d8:f3:5e:ba:e8:de:76:
db:00:d1:f5:69:21:f2:df:c3:66:7d:50:15:bf:c9:ae:49:a4:
9a:9d:ee:fa:8c:d3:f5:9c:dd:cb:3b:ac:be:90:03:a8:4a:dc:
10:0b:de:11:a0:32:f3:81:02:c1:25:cd:14:c9:25:6f:37:2a:
8a:0d:57:8f:09:7d:c8:1b:e8:02:74:18:8b:2d:a0:04:06:30:
e2:b4:d5:38:af:f0:a5:c5:ac:9e:50:3d:6f:9b:4c:8a:a6:5a:
4d:64:2b:78:9c:bc:1f:58:86:2c:b1:77:b3:e6:fd:29:22:d2:
08:b8:c4:f4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYNFxk28UKo27ZPG8Z5TkHlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAwOTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjFhNjY4Yzc3MGNkNzZkYThkOTkxZDQ3MGE1MTdlOGYzMmZhYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6dJ/6UkTthz8Iv1/bxJRRtLBXZw
YcCno472iVgVVhUjZjF/aUmaSKw3pVvKQkMATKKEe8mTCdH4KOwyTobBBJiGhRmK
0RI7jmWQ0KvsITgHHVrNRZ4NnmsUyakitRxc5Uq1aVp0vCa80pN2S0ho+bAuvK+X
z1vqE5c3MgJ6k/G8Y7u7K2ZiycDEpIXMWu6lk25iR9aKFBZk7LvUHCzItkXN2IlR
/dKZsM3f176O/xBpJ5hp+HwYfTacRm9bIT2mYUnQ9sF39TMxa1KjMjRs3Y54hZQp
ZSji+TXh3lmjJGqHvmlcOLzBG0Q26NwyyyMbq7DFDV91P05ojsYfb4rg/QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFD8aZox3DNdtqNmR1HClF+jzL6q0MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUHhwbWpIY00xMjJvMlpIVWNLVVg2UE12cXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgyaQIIQ
AwYAKgyaQJMwDQYJKoZIhvcNAQELBQADggEBACrP+aHD1vmwVg6U2G3shsJDK8as
XjDeQOvAUA3AjEFBY7FOptcimYg75q4eeXbXUksw6K/OoTwznJhXhk11yIJ2Rs3L
ABLn/HabkvD3YcK1WOStR56rKz0btstiOBFc7dmwA1oCRbWRrBra5DaBcxI0NsMO
UuILUVGmjqgDPpFQP4s6HlnW/2aF2PNeuujedtsA0fVpIfLfw2Z9UBW/ya5JpJqd
7vqM0/Wc3cs7rL6QA6hK3BAL3hGgMvOBAsElzRTJJW83KooNV48Jfcgb6AJ0GIst
oAQGMOK01Tiv8KXFrJ5QPW+bTIqmWk1kK3icvB9Yhiyxd7Pm/Ski0gi4xPQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:28 2023 by rpki-client on console-ams.rpki-client.org