Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/15K0sJm9FJhyfsasMqpexXpRahc.roa
File: 15K0sJm9FJhyfsasMqpexXpRahc.roa (raw, json)
Hash identifier: VXcaG0QJganM6V6pKAw6Uhh4D2r2R/2c2OQLS0kkZe8=
Subject key identifier: D7:92:B4:B0:99:BD:14:98:72:7E:C6:AC:32:AA:5E:C5:7A:51:6A:17
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 0182437034FC73672238CD60FFFAD7C9DD09
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/15K0sJm9FJhyfsasMqpexXpRahc.roa
Signing time: Thu 28 Jul 2022 06:13:23 +0000
ROA not before: Thu 28 Jul 2022 06:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a05:9a40::/29 maxlen: 30
2a05:9a40::/30 maxlen: 30
2a10:3c80::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a0f:9ac0::/29 maxlen: 30
2a05:9a44::/30 maxlen: 30
2a10:b40::/29 maxlen: 29
2a0d:6f80::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:43:70:34:fc:73:67:22:38:cd:60:ff:fa:d7:c9:dd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jul 28 06:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d792b4b099bd1498727ec6ac32aa5ec57a516a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ca:8f:15:3e:31:a2:18:f3:f2:69:a0:de:61:
7b:cf:df:11:5e:02:0d:4a:6c:e8:e6:e0:fd:f1:90:
2f:b0:e7:90:d7:05:70:ce:2c:69:3c:58:ba:18:ca:
2e:40:1e:63:1e:fb:b8:30:15:22:b2:08:3f:05:66:
86:fc:94:a9:a3:97:54:fd:ea:8e:4a:71:11:45:66:
b2:22:52:cd:f2:9b:42:31:cf:c8:8d:0d:ae:2c:3f:
9e:da:15:54:76:14:47:3c:2f:a6:6c:66:b9:90:29:
b6:3a:f3:9f:26:5d:cc:39:9f:3d:d6:8a:d1:3d:9c:
c1:0e:d4:13:d3:2c:1a:e7:5b:be:e8:d2:86:27:2d:
1d:17:02:ee:29:e4:0b:66:df:7f:8c:c3:70:33:99:
ea:10:19:2f:d1:4b:98:e6:f9:03:7e:0e:b6:20:ed:
b9:bf:94:2d:a5:de:40:af:ae:7c:2a:44:e2:d6:e3:
5f:49:51:b2:23:dc:19:68:b1:12:a0:2c:11:82:00:
a6:dd:cd:5d:36:f6:0d:e1:4a:3b:fd:45:ad:57:0b:
b5:54:43:a1:11:f2:83:fe:ab:3e:7d:4d:42:fb:43:
f9:33:c3:da:a5:8d:db:a9:18:03:b9:6a:02:cc:69:
f1:b8:30:e2:93:a8:9f:35:f4:ca:16:a0:95:50:2a:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:92:B4:B0:99:BD:14:98:72:7E:C6:AC:32:AA:5E:C5:7A:51:6A:17
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/15K0sJm9FJhyfsasMqpexXpRahc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0d:6f80::/29
2a0f:9ac0::/29
2a0f:9b40::/29
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/29
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:07:4b:36:b2:ec:03:d7:b6:fe:16:f3:c8:b3:f3:5c:1e:df:
63:f2:2c:81:8f:a0:df:52:cf:78:2c:36:d0:98:1c:a3:c0:aa:
50:a2:6c:cd:c3:2f:50:8d:f2:0e:6f:0f:88:e8:64:a9:58:24:
fc:b3:5f:40:33:b6:10:52:0b:2b:1c:4a:41:f9:f4:14:6b:ea:
7c:72:63:e3:6a:7a:c1:e3:26:35:e4:e7:08:c9:ad:39:dd:de:
a6:1e:29:a4:e4:7d:f6:db:7b:36:bb:ed:d2:18:65:3a:09:aa:
71:2c:e9:9f:d3:b0:28:72:98:9f:3e:17:a7:43:41:f7:16:c4:
3c:68:37:c4:8c:9f:45:21:92:f0:e3:86:8d:e7:ab:21:7f:e0:
40:46:97:e2:0f:ba:83:78:4a:c1:4c:78:fd:6f:30:5a:56:a5:
dc:42:95:90:ef:bb:cd:d7:a6:01:55:90:80:68:53:b5:fc:04:
cc:25:27:38:76:b5:7f:1a:33:9b:c1:30:db:5e:b5:99:2c:c8:
55:70:ec:57:6f:fe:cb:28:30:3e:a3:90:8f:ef:be:2a:11:16:
fa:68:dd:81:1f:08:2c:07:ca:65:0b:75:0e:f7:21:d0:83:ea:
45:12:ae:26:73:8e:0c:a1:56:5d:ee:3a:f6:0c:6d:9e:a3:3a:
5e:e6:f0:ab
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYJDcDT8c2ciOM1g//rXyd0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIwNzI4MDYxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzkyYjRiMDk5YmQxNDk4NzI3ZWM2YWMzMmFhNWVjNTdhNTE2YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8qPFT4xohjz8mmg3mF7z98RXgIN
Smzo5uD98ZAvsOeQ1wVwzixpPFi6GMouQB5jHvu4MBUisgg/BWaG/JSpo5dU/eqO
SnERRWayIlLN8ptCMc/IjQ2uLD+e2hVUdhRHPC+mbGa5kCm2OvOfJl3MOZ891orR
PZzBDtQT0ywa51u+6NKGJy0dFwLuKeQLZt9/jMNwM5nqEBkv0UuY5vkDfg62IO25
v5Qtpd5Ar658KkTi1uNfSVGyI9wZaLESoCwRggCm3c1dNvYN4Uo7/UWtVwu1VEOh
EfKD/qs+fU1C+0P5M8PapY3bqRgDuWoCzGnxuDDik6ifNfTKFqCVUCq6uwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNeStLCZvRSYcn7GrDKqXsV6UWoXMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvMTVLMHNKbTlGSmh5ZnNhc01xcGV4WHBSYWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgWaQAMF
AyoGX8ADBQMqDW+AAwUDKg+awAMFAyoPm0ADBQMqEAtAAwUDKhA8gAMFAyoQP4AD
BQMqEHfAMA0GCSqGSIb3DQEBCwUAA4IBAQBvB0s2suwD17b+FvPIs/NcHt9j8iyB
j6DfUs94LDbQmByjwKpQomzNwy9QjfIObw+I6GSpWCT8s19AM7YQUgsrHEpB+fQU
a+p8cmPjanrB4yY15OcIya053d6mHimk5H3223s2u+3SGGU6CapxLOmf07Aocpif
PhenQ0H3FsQ8aDfEjJ9FIZLw44aN56shf+BARpfiD7qDeErBTHj9bzBaVqXcQpWQ
77vN16YBVZCAaFO1/ATMJSc4drV/GjObwTDbXrWZLMhVcOxXb/7LKDA+o5CP774q
ERb6aN2BHwgsB8plC3UO9yHQg+pFEq4mc44MoVZd7jr2DG2eozpe5vCr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org