Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ekcZDhXdyKum95MTRqeFQ4dSVlA.roa
File: ekcZDhXdyKum95MTRqeFQ4dSVlA.roa (raw, json)
Hash identifier: KF4Rb69P/1hT4olJ0WP5PNNIPeQbAH7/ZRvokbbXarI=
Subject key identifier: 7A:47:19:0E:15:DD:C8:AB:A6:F7:93:13:46:A7:85:43:87:52:56:50
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 01823EC1C7FEE7D668968FC43AC8C62F4F90
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ekcZDhXdyKum95MTRqeFQ4dSVlA.roa
Signing time: Wed 27 Jul 2022 08:24:23 +0000
ROA not before: Wed 27 Jul 2022 08:24:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a05:9a40::/30 maxlen: 30
2a10:3c80::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a0f:9ac0::/29 maxlen: 30
2a05:9a44::/30 maxlen: 30
2a10:b40::/29 maxlen: 29
2a0d:6f80::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:c1:c7:fe:e7:d6:68:96:8f:c4:3a:c8:c6:2f:4f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jul 27 08:24:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a47190e15ddc8aba6f7931346a7854387525650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:87:b0:37:bb:c8:7b:76:ae:c3:ea:cf:17:
c9:b7:33:f3:f9:e0:d9:9d:64:09:c8:a2:8b:cb:83:
f9:00:ac:82:29:a0:25:ac:15:1b:24:ea:ed:54:f1:
16:d8:f4:67:ca:e4:df:29:26:6b:9f:cc:c6:d1:82:
5e:a5:f4:ae:89:cc:2f:f4:36:a7:18:bf:9d:37:de:
b0:32:ca:81:a8:5c:e0:be:37:e3:25:31:c8:18:b5:
7f:93:51:5b:2b:2b:c7:a1:37:d3:de:a0:bb:03:0a:
50:90:0b:37:f9:73:fb:fb:9e:45:ba:5d:a6:4d:38:
33:3b:fe:0b:40:7d:91:16:e9:25:f9:33:6b:f2:0e:
22:d6:c3:68:ad:c1:d3:be:63:80:6b:0b:91:46:cb:
af:40:72:f0:cb:99:3f:ff:c4:a8:7e:67:54:56:2e:
1e:97:40:cd:6e:f0:1a:28:75:dc:99:46:53:c5:55:
4b:b3:08:2a:12:59:93:46:7a:58:30:d6:c9:c1:00:
0a:a4:a8:c6:b6:57:ab:89:2b:94:ee:8d:46:14:67:
88:ce:1d:18:c8:71:59:d7:44:83:b1:c5:c6:c0:94:
7c:aa:54:93:28:46:5c:9c:d7:d7:ef:52:f1:f0:7d:
a6:e0:c0:e4:1c:70:e1:7f:fe:fd:54:d7:09:71:31:
76:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:47:19:0E:15:DD:C8:AB:A6:F7:93:13:46:A7:85:43:87:52:56:50
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ekcZDhXdyKum95MTRqeFQ4dSVlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0d:6f80::/29
2a0f:9ac0::/29
2a0f:9b40::/29
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/29
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:ee:e6:ab:f6:95:6b:aa:a3:80:48:21:59:dd:ac:f6:2d:9d:
ae:23:9a:0a:32:c4:24:2d:61:37:5d:90:ef:b5:30:69:d1:18:
44:51:b7:16:9c:20:f6:7c:b9:f5:1e:de:ef:01:45:20:54:36:
c2:fa:16:48:55:7c:16:c6:68:1c:f8:8e:46:17:e2:48:09:8a:
e1:d0:40:eb:ca:86:2f:48:b4:2c:a1:72:26:60:ba:50:c2:da:
fc:e8:71:58:b7:99:de:8e:d8:bd:fa:72:07:f0:02:9d:7f:fb:
d7:01:89:53:00:5c:f5:35:b3:1d:e2:cd:2e:fd:8a:66:30:7e:
c3:7b:7c:90:7b:0d:2b:4f:b8:a1:ce:96:18:a9:6d:f5:cb:72:
c8:e2:57:aa:d7:ff:23:1b:c8:25:dd:3a:50:ea:7f:89:14:a1:
4d:22:8a:57:3d:40:d5:c6:23:70:ae:95:39:cc:36:38:7c:9b:
1e:c3:46:8f:b9:29:90:41:b8:b0:92:f7:9f:b1:7e:86:df:7e:
51:06:a9:7d:47:33:19:a2:93:d9:69:70:66:25:5a:b6:f9:3c:
38:de:78:44:93:aa:22:9e:25:4f:e3:a9:01:f6:a0:d8:97:f3:
d5:ac:d3:a0:b5:0b:c7:cc:73:73:d3:1d:6e:f6:f6:74:77:68:
d2:f3:2b:0e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYI+wcf+59Zolo/EOsjGL0+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIwNzI3MDgyNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ3MTkwZTE1ZGRjOGFiYTZmNzkzMTM0NmE3ODU0Mzg3NTI1NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKWHsDe7yHt2rsPqzxfJtzPz+eDZ
nWQJyKKLy4P5AKyCKaAlrBUbJOrtVPEW2PRnyuTfKSZrn8zG0YJepfSuicwv9Dan
GL+dN96wMsqBqFzgvjfjJTHIGLV/k1FbKyvHoTfT3qC7AwpQkAs3+XP7+55Ful2m
TTgzO/4LQH2RFukl+TNr8g4i1sNorcHTvmOAawuRRsuvQHLwy5k//8SofmdUVi4e
l0DNbvAaKHXcmUZTxVVLswgqElmTRnpYMNbJwQAKpKjGtleriSuU7o1GFGeIzh0Y
yHFZ10SDscXGwJR8qlSTKEZcnNfX71Lx8H2m4MDkHHDhf/79VNcJcTF20QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHpHGQ4V3cirpveTE0anhUOHUlZQMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvZWtjWkRoWGR5S3VtOTVNVFJxZUZRNGRTVmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgWaQAMF
AyoGX8ADBQMqDW+AAwUDKg+awAMFAyoPm0ADBQMqEAtAAwUDKhA8gAMFAyoQP4AD
BQMqEHfAMA0GCSqGSIb3DQEBCwUAA4IBAQCA7uar9pVrqqOASCFZ3az2LZ2uI5oK
MsQkLWE3XZDvtTBp0RhEUbcWnCD2fLn1Ht7vAUUgVDbC+hZIVXwWxmgc+I5GF+JI
CYrh0EDryoYvSLQsoXImYLpQwtr86HFYt5nejti9+nIH8AKdf/vXAYlTAFz1NbMd
4s0u/YpmMH7De3yQew0rT7ihzpYYqW31y3LI4leq1/8jG8gl3TpQ6n+JFKFNIopX
PUDVxiNwrpU5zDY4fJsew0aPuSmQQbiwkvefsX6G335RBql9RzMZopPZaXBmJVq2
+Tw43nhEk6oiniVP46kB9qDYl/PVrNOgtQvHzHNz0x1u9vZ0d2jS8ysO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org