Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/snqWPUxm85OFDDPAyQ9m0E5w1o8.roa
File: snqWPUxm85OFDDPAyQ9m0E5w1o8.roa (raw, json)
Hash identifier: dONDHzRUb/svMPxTgfTHoGnn+7VghB6nqAS15Rp4szE=
Subject key identifier: B2:7A:96:3D:4C:66:F3:93:85:0C:33:C0:C9:0F:66:D0:4E:70:D6:8F
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018345CCBC3B48D339B38A9AB7BB2FFF1D14
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/snqWPUxm85OFDDPAyQ9m0E5w1o8.roa
Signing time: Fri 16 Sep 2022 10:16:28 +0000
ROA not before: Fri 16 Sep 2022 10:16:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13830
IP address blocks: 2a0c:9a40:8084::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:cc:bc:3b:48:d3:39:b3:8a:9a:b7:bb:2f:ff:1d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Sep 16 10:16:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b27a963d4c66f393850c33c0c90f66d04e70d68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:df:92:1f:f9:42:0d:76:09:e4:6b:16:40:b9:
a6:fd:1e:c6:18:8c:a3:72:3e:d8:e7:09:bd:fb:69:
1e:77:00:60:9a:89:fe:59:4e:89:94:bd:07:a6:a6:
64:9c:b6:e9:34:79:5b:5f:8f:06:2e:53:00:12:d3:
44:94:58:da:ba:2b:75:b8:a1:92:58:3d:a1:ad:10:
21:f9:e0:eb:b7:e0:af:88:2e:2e:7c:74:d2:21:51:
e7:15:fe:30:2c:95:21:cc:f1:46:9d:4b:a5:6f:3d:
fb:a9:24:80:ad:1f:d2:bf:81:dc:77:62:ec:c1:d7:
71:c3:df:c8:3f:d3:b7:b1:6a:72:ba:33:47:38:62:
a2:63:ca:7e:34:ff:25:8e:c5:c6:4e:a4:99:94:f7:
64:d7:a5:48:8b:15:aa:f3:83:29:d7:eb:a5:60:b1:
70:af:30:b1:5d:34:8f:6a:aa:30:7a:28:d3:9b:f4:
7d:a2:08:c7:e4:7a:2f:66:c7:06:45:59:c2:c7:3b:
4d:4c:d7:41:8f:33:cd:e2:f2:21:22:21:42:78:d7:
99:89:35:a1:b0:e9:4e:54:8e:46:4f:52:c8:1b:88:
42:b8:2f:c3:ff:1c:15:47:e3:7c:27:16:20:53:a2:
2f:0c:fb:ec:8a:dc:4b:de:62:66:6b:7e:44:db:3b:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7A:96:3D:4C:66:F3:93:85:0C:33:C0:C9:0F:66:D0:4E:70:D6:8F
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/snqWPUxm85OFDDPAyQ9m0E5w1o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8084::/48
Signature Algorithm: sha256WithRSAEncryption
1a:03:bb:09:72:a1:19:36:5a:4e:bb:9b:be:66:37:6c:56:9b:
be:4b:ee:1c:4f:c1:95:36:b1:76:ef:e8:3b:e2:9c:ad:84:c4:
7c:27:ff:3c:49:25:d6:23:e2:c8:de:d2:10:8f:94:ba:86:9c:
46:ff:c4:3c:9e:39:aa:bc:25:71:10:9a:c0:bd:10:67:9f:87:
45:a6:4c:61:42:3c:4b:72:58:44:2d:0b:70:c4:c1:94:90:b8:
79:d6:65:bb:85:a7:b8:3d:a2:7d:d0:d0:42:9b:83:c8:2f:59:
d4:33:a3:0b:36:e2:04:a6:5d:e2:49:39:c6:5e:14:27:fb:cf:
56:94:e9:f1:14:a9:29:4b:2d:9c:0d:61:d0:9e:06:04:6b:9d:
4c:0f:1a:d9:cb:3c:c2:49:df:e8:c5:3b:bf:87:af:64:4d:cd:
7c:dd:2f:68:db:5f:6f:2e:33:77:37:8a:ad:0a:35:15:bc:e6:
f1:35:6c:bb:be:17:07:72:30:d4:81:e7:c9:4c:62:cd:83:6a:
19:15:e0:b4:b6:5b:2e:e4:cf:b0:aa:6a:34:20:e6:e1:ed:e6:
42:44:ab:d3:8b:ac:aa:e9:31:99:b6:7d:27:e0:d0:24:32:8d:
5e:d2:8d:66:32:25:19:37:88:b3:0f:ab:cb:d5:50:db:fb:92:
0f:7c:33:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzLw7SNM5s4qat7sv/x0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdhOTYzZDRjNjZmMzkzODUwYzMzYzBjOTBmNjZkMDRlNzBkNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt+SH/lCDXYJ5GsWQLmm/R7GGIyj
cj7Y5wm9+2kedwBgmon+WU6JlL0HpqZknLbpNHlbX48GLlMAEtNElFjauit1uKGS
WD2hrRAh+eDrt+CviC4ufHTSIVHnFf4wLJUhzPFGnUulbz37qSSArR/Sv4Hcd2Ls
wddxw9/IP9O3sWpyujNHOGKiY8p+NP8ljsXGTqSZlPdk16VIixWq84Mp1+ulYLFw
rzCxXTSPaqoweijTm/R9ogjH5HovZscGRVnCxztNTNdBjzPN4vIhIiFCeNeZiTWh
sOlOVI5GT1LIG4hCuC/D/xwVR+N8JxYgU6IvDPvsitxL3mJma35E2zt3wQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLJ6lj1MZvOThQwzwMkPZtBOcNaPMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvc25xV1BVeG04NU9GRERQQXlROW0wRTV3MW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICE
MA0GCSqGSIb3DQEBCwUAA4IBAQAaA7sJcqEZNlpOu5u+ZjdsVpu+S+4cT8GVNrF2
7+g74pythMR8J/88SSXWI+LI3tIQj5S6hpxG/8Q8njmqvCVxEJrAvRBnn4dFpkxh
QjxLclhELQtwxMGUkLh51mW7hae4PaJ90NBCm4PIL1nUM6MLNuIEpl3iSTnGXhQn
+89WlOnxFKkpSy2cDWHQngYEa51MDxrZyzzCSd/oxTu/h69kTc183S9o219vLjN3
N4qtCjUVvObxNWy7vhcHcjDUgefJTGLNg2oZFeC0tlsu5M+wqmo0IObh7eZCRKvT
i6yq6TGZtn0n4NAkMo1e0o1mMiUZN4izD6vL1VDb+5IPfDPY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:28 2023 by rpki-client on console-ams.rpki-client.org