Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/X9pnqOWbbx5Q3lsuYwJBgomCrFk.roa
File: X9pnqOWbbx5Q3lsuYwJBgomCrFk.roa (raw, json)
Hash identifier: P4Uc1dYxF6WV3cgHqoEDJD8oM1xKUnCl3wiKGQlmygI=
Subject key identifier: 5F:DA:67:A8:E5:9B:6F:1E:50:DE:5B:2E:63:02:41:82:89:82:AC:59
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 01855D3F0DB28F1AB81F55EF8FA50CF60709
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/X9pnqOWbbx5Q3lsuYwJBgomCrFk.roa
Signing time: Thu 29 Dec 2022 09:38:11 +0000
ROA not before: Thu 29 Dec 2022 09:38:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42101
IP address blocks: 2a10:4646:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:3f:0d:b2:8f:1a:b8:1f:55:ef:8f:a5:0c:f6:07:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Dec 29 09:38:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fda67a8e59b6f1e50de5b2e630241828982ac59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d2:61:f1:b3:12:1d:af:26:bb:50:4c:29:06:
ba:4a:6b:cc:d8:b0:82:de:01:2b:19:b0:ff:7a:6c:
21:c6:ea:00:35:98:fa:5d:9b:06:a6:6f:90:d3:9a:
ad:18:67:1a:4d:87:69:38:8d:fa:fa:ac:77:70:f0:
fe:90:7e:a5:ee:f8:f8:12:8f:f8:fb:5f:85:e3:ec:
3e:a5:b4:96:f7:eb:57:39:69:64:1f:59:b6:f2:e3:
0e:12:28:f7:43:fc:90:33:90:b7:bf:a9:13:5d:94:
c9:7b:91:42:89:52:9d:ce:5c:3a:be:da:7e:9f:bf:
0d:37:f4:c7:ce:64:c8:55:89:2f:a2:30:5d:4b:ab:
93:49:13:7c:8e:4a:d4:37:af:fd:42:fc:50:97:ff:
6f:74:98:9a:68:38:ed:f7:7d:c2:1f:8c:a0:79:92:
1f:9b:7a:98:6f:ea:ea:25:d1:25:5e:b3:13:e3:c9:
39:a6:15:27:1b:4e:c1:86:40:aa:69:9a:9e:d9:bb:
d1:c6:40:ea:18:4b:ed:54:5b:fa:1c:39:fb:63:e1:
13:e7:d3:38:e0:06:1e:2d:36:37:c6:3f:cb:bd:ba:
db:d8:2a:4d:4f:5c:b6:0e:be:6c:ac:0a:9e:54:91:
4e:59:d9:4d:86:64:d2:8e:4b:16:5b:91:94:8f:f4:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DA:67:A8:E5:9B:6F:1E:50:DE:5B:2E:63:02:41:82:89:82:AC:59
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/X9pnqOWbbx5Q3lsuYwJBgomCrFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:3::/48
Signature Algorithm: sha256WithRSAEncryption
b7:e5:8d:55:3b:52:b9:fc:44:e2:60:61:86:3a:1d:94:c2:61:
e3:7f:de:3a:e4:be:17:a2:50:35:75:f3:ba:46:26:2e:93:d3:
35:8d:7c:76:39:24:52:0f:83:31:26:54:f7:e5:ce:1d:b8:72:
37:62:40:7b:7c:4b:f0:dd:df:bc:a8:41:92:3e:ce:46:b2:27:
b1:64:b0:f8:4a:6e:35:10:1b:a6:79:dc:f0:3b:cf:99:dc:11:
cb:8e:3f:e5:2f:07:d4:fa:21:7c:74:8f:f3:a8:43:4b:cc:d4:
94:82:46:57:de:e6:a6:01:69:76:83:5b:fa:16:26:59:b7:ff:
6c:42:e1:f9:96:02:e7:02:df:b9:21:eb:c6:13:af:eb:c5:f9:
13:c7:22:7c:ad:b5:28:c5:a5:fb:de:06:b1:b9:05:e2:59:8c:
db:24:a6:a7:f2:bf:fe:7a:80:e8:af:0b:e6:d6:d5:2d:5c:6d:
8e:4d:6d:e1:b9:85:c0:d6:5d:3c:aa:98:d5:cb:d9:8e:5e:a8:
29:69:54:49:db:aa:03:6a:bf:ff:2f:3b:2e:90:29:22:b0:36:
5b:68:86:02:da:4a:05:7b:f2:7c:43:cb:2e:b5:fe:ac:0c:8c:
25:b7:81:22:30:3d:54:36:1d:66:68:b2:b0:35:21:fb:86:e6:
22:c8:f5:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVdPw2yjxq4H1Xvj6UM9gcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjIxMjI5MDkzODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRhNjdhOGU1OWI2ZjFlNTBkZTViMmU2MzAyNDE4Mjg5ODJhYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9Jh8bMSHa8mu1BMKQa6SmvM2LCC
3gErGbD/emwhxuoANZj6XZsGpm+Q05qtGGcaTYdpOI36+qx3cPD+kH6l7vj4Eo/4
+1+F4+w+pbSW9+tXOWlkH1m28uMOEij3Q/yQM5C3v6kTXZTJe5FCiVKdzlw6vtp+
n78NN/THzmTIVYkvojBdS6uTSRN8jkrUN6/9QvxQl/9vdJiaaDjt933CH4ygeZIf
m3qYb+rqJdElXrMT48k5phUnG07BhkCqaZqe2bvRxkDqGEvtVFv6HDn7Y+ET59M4
4AYeLTY3xj/Lvbrb2CpNT1y2Dr5srAqeVJFOWdlNhmTSjksWW5GUj/RL1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF/aZ6jlm28eUN5bLmMCQYKJgqxZMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvWDlwbnFPV2JieDVRM2xzdVl3SkJnb21DckZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgAD
MA0GCSqGSIb3DQEBCwUAA4IBAQC35Y1VO1K5/ETiYGGGOh2UwmHjf9465L4XolA1
dfO6RiYuk9M1jXx2OSRSD4MxJlT35c4duHI3YkB7fEvw3d+8qEGSPs5GsiexZLD4
Sm41EBumedzwO8+Z3BHLjj/lLwfU+iF8dI/zqENLzNSUgkZX3uamAWl2g1v6FiZZ
t/9sQuH5lgLnAt+5IevGE6/rxfkTxyJ8rbUoxaX73gaxuQXiWYzbJKan8r/+eoDo
rwvm1tUtXG2OTW3huYXA1l08qpjVy9mOXqgpaVRJ26oDar//LzsukCkisDZbaIYC
2koFe/J8Q8sutf6sDIwlt4EiMD1UNh1maLKwNSH7huYiyPXd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:08 2023 by rpki-client on console-fra.rpki-client.org