Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UybtzeXIhr8uz7HmPxQJS5bt6cc.roa
File: UybtzeXIhr8uz7HmPxQJS5bt6cc.roa (raw, json)
Hash identifier: w2avsvy0GdAL6xbusUwfICYd72qfdWup+3RmHoteimM=
Subject key identifier: 53:26:ED:CD:E5:C8:86:BF:2E:CF:B1:E6:3F:14:09:4B:96:ED:E9:C7
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018322448F47C709E4E38EB402DF48BA44B0
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UybtzeXIhr8uz7HmPxQJS5bt6cc.roa
Signing time: Fri 09 Sep 2022 12:41:01 +0000
ROA not before: Fri 09 Sep 2022 12:41:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29290
IP address blocks: 2a0b:8f80:100::/48 maxlen: 48
2a0b:8f80:103::/48 maxlen: 48
2a0b:8f80:101::/48 maxlen: 48
2a0b:8f80:104::/48 maxlen: 48
2a0b:8f80:102::/48 maxlen: 48
2a00:f10:141::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:44:8f:47:c7:09:e4:e3:8e:b4:02:df:48:ba:44:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 9 12:41:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5326edcde5c886bf2ecfb1e63f14094b96ede9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cc:68:f9:c4:1a:66:5b:ba:6c:7a:be:fc:b1:
eb:a6:40:bd:0c:f1:83:b5:a9:97:3b:0e:12:01:d1:
ae:1c:54:6a:e7:77:96:1d:0c:8d:32:06:19:1a:ed:
1b:ba:da:c4:c7:11:02:f8:bd:58:cd:98:dc:f3:ae:
b6:c3:3c:e6:84:b4:22:8f:8b:86:05:8d:c9:8b:40:
7a:07:98:12:75:2e:6d:52:ad:e5:1b:ea:86:e6:45:
69:15:62:98:23:ed:b7:40:b3:32:e0:af:6d:16:85:
1c:f1:8f:00:7c:92:47:d7:fc:63:d5:ee:08:3e:68:
22:a7:c0:0c:f7:f4:a9:6d:60:85:eb:ae:f2:0a:27:
60:b3:18:25:b6:17:45:32:52:4c:2d:45:72:5b:ef:
f6:ca:0b:60:fa:d5:c4:90:1b:a8:8e:99:10:42:eb:
fa:09:64:92:8f:35:ed:d6:cd:08:f2:94:e8:fa:72:
63:2a:79:93:18:72:91:b5:ca:30:52:8e:37:dc:5e:
33:71:d5:5d:a3:ce:cb:c4:39:89:bd:40:1d:e7:fa:
b7:00:9a:3f:ab:dd:e3:77:f0:48:0f:f4:02:ce:1c:
7b:ad:cd:63:65:e8:5a:e4:e9:7f:d6:b4:38:49:95:
ff:a1:6b:68:a9:27:ef:3c:eb:67:22:d0:44:8c:5d:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:26:ED:CD:E5:C8:86:BF:2E:CF:B1:E6:3F:14:09:4B:96:ED:E9:C7
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UybtzeXIhr8uz7HmPxQJS5bt6cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f10:141::/48
2a0b:8f80:100::-2a0b:8f80:104:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:ac:6c:73:97:c3:47:9b:41:6d:2d:06:f8:32:6d:bd:7a:f7:
07:09:19:b4:91:33:c1:ed:ef:32:56:57:39:e5:27:a9:0e:78:
e5:54:41:6d:c0:b6:d4:38:87:c0:c3:2a:2d:06:d0:86:33:d3:
01:ea:39:b4:76:85:67:25:81:0d:e1:07:59:eb:38:30:a5:65:
13:c7:6b:c9:c4:40:79:6a:77:4c:17:03:ec:71:05:d7:0c:5d:
c1:74:03:b2:54:46:58:25:d4:22:64:a0:0c:00:40:e9:ec:4f:
6d:8f:c0:06:bc:a2:86:74:a8:13:1e:31:bb:91:79:e6:b1:a0:
06:f7:32:bb:c1:83:0f:0b:66:04:f1:4c:40:d6:f7:ae:3f:c8:
f8:ec:65:69:6f:40:8b:09:81:3f:b6:d4:aa:66:df:93:fa:2f:
c3:5a:14:71:2b:d7:38:59:14:fe:6d:b2:25:3e:e2:bc:d7:93:
e5:60:52:05:43:9c:61:f9:9f:e5:bb:fb:68:dd:90:e9:e7:a4:
7a:46:38:82:dc:f5:b0:f3:88:98:c4:21:c2:66:28:fa:82:3a:
96:72:4c:fa:78:25:d0:80:79:d0:4f:57:62:85:d6:87:1c:2c:
3f:0f:28:02:4d:ee:9c:75:ce:cc:f9:fd:d7:ad:02:97:da:94:
f4:76:b3:02
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYMiRI9Hxwnk4460At9IukSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTA5MTI0MTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzI2ZWRjZGU1Yzg4NmJmMmVjZmIxZTYzZjE0MDk0Yjk2ZWRlOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicxo+cQaZlu6bHq+/LHrpkC9DPGD
tamXOw4SAdGuHFRq53eWHQyNMgYZGu0butrExxEC+L1YzZjc8662wzzmhLQij4uG
BY3Ji0B6B5gSdS5tUq3lG+qG5kVpFWKYI+23QLMy4K9tFoUc8Y8AfJJH1/xj1e4I
Pmgip8AM9/SpbWCF667yCidgsxglthdFMlJMLUVyW+/2ygtg+tXEkBuojpkQQuv6
CWSSjzXt1s0I8pTo+nJjKnmTGHKRtcowUo433F4zcdVdo87LxDmJvUAd5/q3AJo/
q93jd/BID/QCzhx7rc1jZeha5Ol/1rQ4SZX/oWtoqSfvPOtnItBEjF0ciQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFMm7c3lyIa/Ls+x5j8UCUuW7enHMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvVXlidHplWElocjh1ejdIbVB4UUpTNWJ0NmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwcAKgAPEAFB
MBEDBgAqC4+AAQMHACoLj4ABBDANBgkqhkiG9w0BAQsFAAOCAQEAE6xsc5fDR5tB
bS0G+DJtvXr3BwkZtJEzwe3vMlZXOeUnqQ545VRBbcC21DiHwMMqLQbQhjPTAeo5
tHaFZyWBDeEHWes4MKVlE8drycRAeWp3TBcD7HEF1wxdwXQDslRGWCXUImSgDABA
6exPbY/ABryihnSoEx4xu5F55rGgBvcyu8GDDwtmBPFMQNb3rj/I+OxlaW9AiwmB
P7bUqmbfk/ovw1oUcSvXOFkU/m2yJT7ivNeT5WBSBUOcYfmf5bv7aN2Q6eekekY4
gtz1sPOImMQhwmYo+oI6lnJM+ngl0IB50E9XYoXWhxwsPw8oAk3unHXOzPn9160C
l9qU9HazAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org