Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa
File: S00ppjmxrBmXuE07737ef4tGmog.roa (raw, json)
Hash identifier: RXo057lXpaMZkFB/4naczwYBhazPlhwuPPSVQGwOiVw=
Subject key identifier: 4B:4D:29:A6:39:B1:AC:19:97:B8:4D:3B:EF:7E:DE:7F:8B:46:9A:88
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 011A8BC2
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa
Signing time: Wed 15 Jun 2022 12:17:51 +0000
ROA not before: Wed 15 Jun 2022 12:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a10:3c80::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a0f:9ac0::/29 maxlen: 30
2a10:b40::/29 maxlen: 29
2a0d:6f80::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18516930 (0x11a8bc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jun 15 12:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b4d29a639b1ac1997b84d3bef7ede7f8b469a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:30:ae:29:6e:a8:3f:14:5c:b4:a3:b1:4b:83:
a4:52:77:9a:10:e2:25:ea:2a:fe:e2:cf:6e:41:59:
af:73:03:51:c5:dc:4c:0e:ff:c4:ba:5e:f8:25:0d:
5b:eb:44:98:54:18:bf:8f:45:0e:96:a2:d8:4c:e6:
72:f3:54:f6:48:80:64:4d:c9:b6:df:21:5a:37:9e:
74:11:96:7d:12:1c:bd:8f:55:b5:57:39:4b:4e:a8:
5d:1a:8b:2a:75:13:1b:b0:6e:b2:5a:fc:7a:b7:51:
50:19:cd:15:20:94:db:cf:aa:23:d4:28:1c:98:95:
3c:22:a3:f6:8b:93:7f:40:46:75:1c:db:21:b9:25:
e1:5c:bb:66:4c:31:8b:c8:38:c2:80:aa:03:6a:ec:
21:54:5a:d9:4d:52:cb:8f:fb:cf:28:6a:dd:15:b2:
f3:8a:ec:5a:08:bc:36:32:42:c1:ea:d3:a1:53:7a:
af:be:6c:4a:a8:3f:ec:68:e5:b7:e2:53:c5:6b:47:
f7:7e:e0:b0:ed:a1:bd:06:4b:61:5c:4a:6a:7c:0f:
5d:9f:d1:0b:45:26:cb:72:93:ae:d1:b7:65:23:a4:
e1:10:22:11:9d:da:ec:fc:32:92:4e:89:9c:e8:75:
55:b6:81:21:a0:6d:9b:30:7e:c4:95:7d:10:15:c1:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4D:29:A6:39:B1:AC:19:97:B8:4D:3B:EF:7E:DE:7F:8B:46:9A:88
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0d:6f80::/29
2a0f:9ac0::/29
2a0f:9b40::/29
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/29
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:7d:38:70:bd:31:ea:c0:9f:9f:71:16:5e:dd:5e:af:25:bd:
97:fd:2e:2d:25:0a:fe:19:3c:6a:bf:fc:cb:c8:7f:2b:67:db:
49:b6:d3:3a:6d:58:35:27:10:f5:d0:0f:21:1c:11:19:1b:f0:
8b:5a:db:6f:4d:bc:df:7d:d7:3e:de:9d:14:5e:24:cb:72:3c:
2e:2f:f5:62:71:6d:ac:3e:3f:df:25:b8:a6:53:d3:1a:1e:0a:
1b:1e:f8:42:73:d4:41:d2:7f:48:04:7d:a4:16:73:fa:3f:50:
99:ad:b4:34:02:16:fa:f0:28:10:8f:ec:4a:a7:c5:ef:63:19:
b3:00:02:87:c8:4a:ea:e5:f8:9f:d9:58:d4:b3:76:23:cd:8b:
3e:2f:5f:4f:a2:09:e0:82:1f:5d:0c:c1:be:73:78:06:ab:5a:
98:53:6e:a9:28:91:01:94:a2:45:5e:2c:3a:be:18:f0:b0:31:
09:85:7a:b6:df:ba:f2:d4:af:a1:57:48:ae:ce:3d:24:0e:38:
de:2f:a0:92:c5:8a:56:9f:64:6f:13:cf:b3:a0:4d:34:64:79:
c8:fe:4a:25:98:9a:98:d4:d0:f5:67:b4:b4:1e:c5:68:14:b5:
ea:fc:d2:93:e6:de:d5:21:16:ce:4c:55:ac:15:43:95:bb:3d:
dd:cb:e1:e4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEARqLwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjE0NWE4YmRmMmJjYTE1MGYyNWVkNTRhMjc3YjhmNjUzZWZkYjNlMB4XDTIyMDYx
NTEyMTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI0ZDI5YTYzOWIx
YWMxOTk3Yjg0ZDNiZWY3ZWRlN2Y4YjQ2OWE4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMwriluqD8UXLSjsUuDpFJ3mhDiJeoq/uLPbkFZr3MDUcXc
TA7/xLpe+CUNW+tEmFQYv49FDpai2EzmcvNU9kiAZE3Jtt8hWjeedBGWfRIcvY9V
tVc5S06oXRqLKnUTG7Buslr8erdRUBnNFSCU28+qI9QoHJiVPCKj9ouTf0BGdRzb
Ibkl4Vy7Zkwxi8g4woCqA2rsIVRa2U1Sy4/7zyhq3RWy84rsWgi8NjJCwerToVN6
r75sSqg/7Gjlt+JTxWtH937gsO2hvQZLYVxKanwPXZ/RC0Umy3KTrtG3ZSOk4RAi
EZ3a7Pwykk6JnOh1VbaBIaBtmzB+xJV9EBXBF8ECAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRLTSmmObGsGZe4TTvvft5/i0aaiDAfBgNVHSMEGDAWgBQrFFqL3yvKFQ8l
7VSid7j2U+/bPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t4UmFpOThyeWhVUEplMVVvbmU0OWxQdjJ6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8x
L1MwMHBwam14ckJtWHVFMDc3MzdlZjR0R21vZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8xL0t4UmFpOThyeWhV
UEplMVVvbmU0OWxQdjJ6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwRQQCAAIwPwMFAyoFmkADBQMqBl/AAwUDKg1vgAMF
AyoPmsADBQMqD5tAAwUDKhALQAMFAyoQPIADBQMqED+AAwUDKhB3wDANBgkqhkiG
9w0BAQsFAAOCAQEAJ304cL0x6sCfn3EWXt1eryW9l/0uLSUK/hk8ar/8y8h/K2fb
SbbTOm1YNScQ9dAPIRwRGRvwi1rbb028333XPt6dFF4ky3I8Li/1YnFtrD4/3yW4
plPTGh4KGx74QnPUQdJ/SAR9pBZz+j9Qma20NAIW+vAoEI/sSqfF72MZswACh8hK
6uX4n9lY1LN2I82LPi9fT6IJ4IIfXQzBvnN4BqtamFNuqSiRAZSiRV4sOr4Y8LAx
CYV6tt+68tSvoVdIrs49JA443i+gksWKVp9kbxPPs6BNNGR5yP5KJZiamNTQ9We0
tB7FaBS16vzSk+be1SEWzkxVrBVDlbs93cvh5A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org