Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hs3mF8EwfmLl5B43MBqTw59nSJs.roa
File: hs3mF8EwfmLl5B43MBqTw59nSJs.roa (raw, json)
Hash identifier: 7VuxbLgCFWrdE37QOq/ZlsoP21TE1jK3pYsVAUJNZO0=
Subject key identifier: 86:CD:E6:17:C1:30:7E:62:E5:E4:1E:37:30:1A:93:C3:9F:67:48:9B
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018539BCD8BC819A3A8D5FFE36E5222D8706
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hs3mF8EwfmLl5B43MBqTw59nSJs.roa
Signing time: Thu 22 Dec 2022 12:09:15 +0000
ROA not before: Thu 22 Dec 2022 12:09:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209833
IP address blocks: 2a0e:7d40:20::/44 maxlen: 44
2a0e:7d40::/32 maxlen: 32
2a0e:7d40:30::/44 maxlen: 44
2a0e:7d40:40::/44 maxlen: 44
2a0e:7d40:43::/48 maxlen: 48
2a0e:7d40:41::/48 maxlen: 48
2a0e:7d40:42::/48 maxlen: 48
2a0c:9a40:8130::/44 maxlen: 48
2a0c:9a40:8130::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:bc:d8:bc:81:9a:3a:8d:5f:fe:36:e5:22:2d:87:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 22 12:09:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86cde617c1307e62e5e41e37301a93c39f67489b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a9:9c:f0:5b:0f:9c:06:91:c8:6d:63:30:9b:
2a:e6:9f:0b:23:93:c0:8d:0b:52:67:ec:42:50:80:
e7:fb:e6:1a:ad:49:fb:85:b0:5a:01:58:7d:3e:37:
73:5d:ee:ae:68:e5:b8:ea:c6:da:ce:81:0d:c7:8a:
32:a6:f8:c8:a3:94:ab:3e:f3:77:f6:3a:ef:f1:cc:
ec:9f:69:45:cf:29:95:3b:b4:ea:a9:b5:61:a3:62:
fb:80:a5:b1:cd:0c:fc:4d:ef:50:09:a2:46:fb:b0:
b2:e4:8f:b2:92:17:b4:4c:86:4e:bf:7a:d2:25:45:
15:10:fd:ac:10:49:8d:45:4e:03:72:3d:1b:b4:a2:
44:b9:8d:db:2a:68:18:2a:63:47:f1:4a:f9:68:5f:
51:59:a0:d0:f2:38:c3:ae:f3:37:e5:61:1d:59:47:
67:fa:12:0d:73:5c:52:d2:cc:bc:b9:dd:01:7a:35:
a3:f7:56:03:ff:8a:ff:12:07:3a:55:df:7d:36:d5:
15:73:a4:10:95:55:59:07:ef:c5:ad:c9:76:71:73:
df:6d:7b:08:0a:1a:12:b5:da:97:89:4b:ff:0b:ac:
17:3a:9e:68:6d:88:26:84:96:28:b6:85:bb:e5:09:
3b:f8:a2:9c:3d:f5:cb:72:ca:cd:52:40:21:fe:9c:
04:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CD:E6:17:C1:30:7E:62:E5:E4:1E:37:30:1A:93:C3:9F:67:48:9B
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hs3mF8EwfmLl5B43MBqTw59nSJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8130::/44
2a0e:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
9a:5a:41:2d:d3:ea:dc:34:00:1a:db:f3:7a:8e:d4:7f:c2:1a:
41:a6:62:7e:56:93:43:51:f7:5a:70:8b:fb:a9:a2:e6:1a:eb:
a8:cb:e3:58:2a:3e:48:1d:9d:66:f0:b7:d1:bd:a0:d4:b0:51:
1f:71:09:db:92:20:95:e7:41:34:f4:4f:0f:13:d1:9d:44:65:
a8:19:56:6a:f7:16:c7:0b:b2:e5:3f:bc:70:05:80:ef:26:fd:
31:15:f8:34:43:c9:ac:60:ff:85:69:e4:85:cd:cf:ad:0c:48:
23:5f:15:da:c6:4a:fe:7e:39:9b:d4:0d:0d:38:ac:0b:ee:24:
04:3e:23:39:c3:62:17:a4:af:c3:0a:8f:89:1f:15:54:f2:ee:
19:54:6e:f5:63:94:4a:09:38:ed:b0:b0:78:d2:a6:6e:d4:b3:
5d:30:88:de:aa:1a:28:32:12:8e:da:09:2d:b6:7f:3e:cd:ff:
90:b2:bf:cf:c5:97:40:27:df:01:05:c6:31:fc:85:77:1a:e0:
8b:15:3a:d5:e8:03:35:2b:27:e6:94:11:97:c5:7d:b8:f4:af:
c5:e1:25:96:57:e8:8d:03:ce:a7:fc:15:a9:57:f5:f5:3f:31:
ac:1d:6b:87:fa:0e:a7:a5:96:39:7e:68:08:f7:12:e9:e0:cc:
10:5e:56:91
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYU5vNi8gZo6jV/+NuUiLYcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIxMjIyMTIwOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNkZTYxN2MxMzA3ZTYyZTVlNDFlMzczMDFhOTNjMzlmNjc0ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKmc8FsPnAaRyG1jMJsq5p8LI5PA
jQtSZ+xCUIDn++YarUn7hbBaAVh9PjdzXe6uaOW46sbazoENx4oypvjIo5SrPvN3
9jrv8czsn2lFzymVO7TqqbVho2L7gKWxzQz8Te9QCaJG+7Cy5I+ykhe0TIZOv3rS
JUUVEP2sEEmNRU4Dcj0btKJEuY3bKmgYKmNH8Ur5aF9RWaDQ8jjDrvM35WEdWUdn
+hINc1xS0sy8ud0BejWj91YD/4r/Egc6Vd99NtUVc6QQlVVZB+/Frcl2cXPfbXsI
ChoStdqXiUv/C6wXOp5obYgmhJYotoW75Qk7+KKcPfXLcsrNUkAh/pwEHwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIbN5hfBMH5i5eQeNzAak8OfZ0ibMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaHMzbUY4RXdmbUxsNUI0M01CcVR3NTluU0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcEKgyaQIEw
AwUAKg59QDANBgkqhkiG9w0BAQsFAAOCAQEAmlpBLdPq3DQAGtvzeo7Uf8IaQaZi
flaTQ1H3WnCL+6mi5hrrqMvjWCo+SB2dZvC30b2g1LBRH3EJ25IgledBNPRPDxPR
nURlqBlWavcWxwuy5T+8cAWA7yb9MRX4NEPJrGD/hWnkhc3PrQxII18V2sZK/n45
m9QNDTisC+4kBD4jOcNiF6SvwwqPiR8VVPLuGVRu9WOUSgk47bCweNKmbtSzXTCI
3qoaKDISjtoJLbZ/Ps3/kLK/z8WXQCffAQXGMfyFdxrgixU61egDNSsn5pQRl8V9
uPSvxeElllfojQPOp/wVqVf19T8xrB1rh/oOp6WWOX5oCPcS6eDMEF5WkQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:34 2023 by rpki-client on console-fra.rpki-client.org