Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/ghMQqFFpA4Dg45kVP-6Ij_PKjqk.roa
File: ghMQqFFpA4Dg45kVP-6Ij_PKjqk.roa (raw, json)
Hash identifier: wq9KVFZ+Tb3fDRPHh5JMdccR8/r6ujuqPhcm/HBvOYk=
Subject key identifier: 82:13:10:A8:51:69:03:80:E0:E3:99:15:3F:EE:88:8F:F3:CA:8E:A9
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 018341A72331A933D4975B57A0EF40F1A9EF
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/ghMQqFFpA4Dg45kVP-6Ij_PKjqk.roa
Signing time: Thu 15 Sep 2022 14:56:55 +0000
ROA not before: Thu 15 Sep 2022 14:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201086
IP address blocks: 2a0e:9c00::/29 maxlen: 29
2a0c:f340::/32 maxlen: 32
2a06:af40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:a7:23:31:a9:33:d4:97:5b:57:a0:ef:40:f1:a9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Sep 15 14:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=821310a851690380e0e399153fee888ff3ca8ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:45:2f:16:20:fb:ad:5e:e9:3f:33:3b:15:a2:
6e:41:35:b6:f6:b7:d3:6d:71:cb:e1:f8:06:6c:18:
72:4f:e8:59:4c:9e:f4:9f:21:0e:e6:b3:93:fe:9d:
bd:a2:9c:eb:76:0d:43:d6:d2:0f:40:7b:8f:11:27:
98:1a:5e:0c:68:48:fb:f7:aa:95:bd:26:22:0c:93:
25:64:75:aa:b2:fe:78:b6:a1:e2:c5:2d:46:42:8b:
81:86:71:41:ee:96:d5:25:93:a5:95:25:e6:dc:ea:
38:d7:a6:4b:77:aa:8e:d8:45:8e:18:f8:6a:3c:af:
5b:f9:e9:e5:d8:eb:8d:60:9b:3f:96:14:34:f5:9a:
6e:06:d4:db:34:28:94:4d:fa:0a:6a:01:c2:cc:af:
39:db:1a:93:ec:a9:57:cf:b7:26:ba:7f:ae:4e:18:
15:57:6e:e5:81:1e:5a:6e:39:d2:14:ec:f4:36:ae:
55:f0:47:0a:05:8a:52:4c:5b:3d:b1:6a:5a:b4:e6:
af:1f:1b:c5:8d:99:97:f0:ce:59:34:98:e1:27:66:
21:4a:f4:ef:84:e8:d3:e9:79:16:16:f0:f0:fc:00:
f5:00:84:03:04:a2:e1:55:21:a7:f8:34:03:27:70:
b2:3e:27:7c:07:ba:b8:11:45:5e:53:b1:9c:f3:fe:
e3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:13:10:A8:51:69:03:80:E0:E3:99:15:3F:EE:88:8F:F3:CA:8E:A9
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/ghMQqFFpA4Dg45kVP-6Ij_PKjqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:af40::/29
2a0c:f340::/32
2a0e:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
62:20:6e:7a:bf:a4:d8:42:aa:41:fa:22:f4:65:65:5c:dd:38:
c9:ac:30:65:db:ff:ff:a5:74:06:01:68:b6:70:0d:84:51:ca:
af:4b:d6:d1:77:3a:5c:b0:fe:81:27:1e:a4:22:a4:44:a6:bf:
55:e5:aa:92:9c:76:2f:b1:3c:05:03:bc:f5:43:b7:28:55:0e:
ac:a7:59:0d:8b:91:69:27:ec:ce:76:b2:d4:b5:e3:f0:68:66:
27:30:a2:8d:92:23:17:87:4a:09:9d:f9:07:9d:d5:49:60:3b:
5f:38:92:cd:01:02:b9:c9:43:3e:5d:52:f2:78:fc:72:9d:34:
ba:aa:d6:3e:34:23:6f:1a:c6:e6:92:47:4b:cd:45:dd:d7:52:
8d:88:97:4c:2f:3b:46:ea:2b:48:97:20:3e:4a:af:37:f4:98:
6f:a4:f4:bd:78:dc:ce:df:2f:a5:be:65:4c:7f:be:a4:38:97:
d7:04:cc:0a:f1:19:14:91:91:de:50:35:39:02:66:e4:51:b3:
c8:e1:dd:fe:58:b8:31:f9:ef:ad:f4:21:97:9a:b6:3c:e0:1d:
d6:d2:ae:29:fc:dc:f1:c9:3e:71:af:22:35:50:4b:4b:2b:c2:
80:8c:cb:10:7f:08:6e:21:b8:9c:f5:09:45:1c:fd:3c:86:7f:
eb:7c:8f:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNBpyMxqTPUl1tXoO9A8anvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjIwOTE1MTQ1NjU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEzMTBhODUxNjkwMzgwZTBlMzk5MTUzZmVlODg4ZmYzY2E4ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUUvFiD7rV7pPzM7FaJuQTW29rfT
bXHL4fgGbBhyT+hZTJ70nyEO5rOT/p29opzrdg1D1tIPQHuPESeYGl4MaEj796qV
vSYiDJMlZHWqsv54tqHixS1GQouBhnFB7pbVJZOllSXm3Oo416ZLd6qO2EWOGPhq
PK9b+enl2OuNYJs/lhQ09ZpuBtTbNCiUTfoKagHCzK852xqT7KlXz7cmun+uThgV
V27lgR5abjnSFOz0Nq5V8EcKBYpSTFs9sWpatOavHxvFjZmX8M5ZNJjhJ2YhSvTv
hOjT6XkWFvDw/AD1AIQDBKLhVSGn+DQDJ3CyPid8B7q4EUVeU7Gc8/7jQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIITEKhRaQOA4OOZFT/uiI/zyo6pMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvZ2hNUXFGRnBBNERnNDVrVlAtNklqX1BLanFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgavQAMF
ACoM80ADBQMqDpwAMA0GCSqGSIb3DQEBCwUAA4IBAQBiIG56v6TYQqpB+iL0ZWVc
3TjJrDBl2///pXQGAWi2cA2EUcqvS9bRdzpcsP6BJx6kIqREpr9V5aqSnHYvsTwF
A7z1Q7coVQ6sp1kNi5FpJ+zOdrLUtePwaGYnMKKNkiMXh0oJnfkHndVJYDtfOJLN
AQK5yUM+XVLyePxynTS6qtY+NCNvGsbmkkdLzUXd11KNiJdMLztG6itIlyA+Sq83
9JhvpPS9eNzO3y+lvmVMf76kOJfXBMwK8RkUkZHeUDU5AmbkUbPI4d3+WLgx+e+t
9CGXmrY84B3W0q4p/NzxyT5xryI1UEtLK8KAjMsQfwhuIbic9QlFHP08hn/rfI/t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:51 2024 by rpki-client on console-fra.rpki-client.org