Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/l8DInlzo7ykFISAUxPHPPC2Nbs0.roa
File: l8DInlzo7ykFISAUxPHPPC2Nbs0.roa (raw, json)
Hash identifier: 8v690FAn0OIzu05ORjrhZAfuC+WQ63j6iEhTLuToRR4=
Subject key identifier: 97:C0:C8:9E:5C:E8:EF:29:05:21:20:14:C4:F1:CF:3C:2D:8D:6E:CD
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0182E802212C6707164CE7BE22C8448D91E7
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/l8DInlzo7ykFISAUxPHPPC2Nbs0.roa
Signing time: Mon 29 Aug 2022 05:10:29 +0000
ROA not before: Mon 29 Aug 2022 05:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397881
IP address blocks: 2a10:6080::/29 maxlen: 29
2a10:5e80::/29 maxlen: 29
2a10:5f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:02:21:2c:67:07:16:4c:e7:be:22:c8:44:8d:91:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Aug 29 05:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97c0c89e5ce8ef2905212014c4f1cf3c2d8d6ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:94:10:83:7c:38:08:ff:6c:50:ab:ac:db:
b0:fc:10:08:2b:43:22:63:60:73:01:ad:3f:ed:22:
7b:b0:01:38:dc:f7:67:37:67:e3:23:02:8e:ce:b4:
c1:5c:9a:0b:9c:3c:09:bf:6d:2a:59:fc:f1:71:8d:
cd:e1:d3:21:b2:4d:64:9d:da:fd:7f:31:f0:6b:56:
9d:d1:71:c3:5e:27:5d:d1:c7:d8:a5:2d:94:a5:53:
86:e6:aa:0c:10:a5:29:e5:17:74:8c:29:cf:64:49:
f5:6a:f0:16:6b:ee:d0:8a:60:58:23:3e:44:a3:6e:
80:7f:85:d0:9b:a7:13:07:1d:ab:87:bd:41:3b:e2:
0a:63:d8:8a:fb:21:fe:81:99:fd:07:18:0e:60:57:
e5:3c:04:73:c8:7b:59:e8:bf:70:5d:1b:3b:69:5a:
12:fe:de:d3:68:00:36:bf:c2:e7:b8:af:7a:85:72:
0a:b6:4a:f6:f4:53:ab:2f:84:a9:88:4a:4d:33:f3:
88:a2:34:4e:d9:bf:99:3f:6d:e9:3f:f7:3a:0a:c7:
74:27:9e:2c:01:e5:d6:9d:a9:5d:ac:13:72:52:1c:
5d:f3:f8:3d:40:7a:fa:ca:78:cd:10:aa:91:6f:ec:
e5:0d:86:cd:90:04:02:ca:11:28:e3:f2:03:cd:13:
7a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C0:C8:9E:5C:E8:EF:29:05:21:20:14:C4:F1:CF:3C:2D:8D:6E:CD
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/l8DInlzo7ykFISAUxPHPPC2Nbs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:5e80::/29
2a10:5f80::/29
2a10:6080::/29
Signature Algorithm: sha256WithRSAEncryption
a2:f0:76:dc:72:2a:7b:d7:e9:8e:27:5d:16:74:c1:fd:cd:93:
37:98:5c:1b:79:c0:37:61:6e:3d:7f:03:9f:4c:5d:1f:de:f3:
fb:b9:bd:ab:a8:d6:3a:8e:03:52:99:0b:57:09:d6:73:a9:73:
10:86:bf:b3:3d:21:3e:65:26:94:6b:0b:5c:31:b0:77:98:12:
26:8a:c9:d7:47:a8:33:be:18:02:39:a6:ed:f7:04:9e:3f:fb:
30:a2:d3:db:18:1e:e3:73:0b:57:a7:c3:aa:ac:1f:a8:77:b4:
e3:ed:cf:99:df:35:9f:e4:eb:20:00:a7:60:80:86:07:d5:c0:
0e:ce:6e:dd:12:96:f9:03:56:e6:3e:a2:81:84:9d:89:33:24:
fe:b5:d1:86:eb:0d:a5:7e:94:54:9e:38:70:1e:45:5b:8d:cd:
47:a0:0c:01:e0:72:aa:f7:f9:af:3b:b9:40:fc:6a:b0:87:d8:
86:df:de:97:a8:82:42:56:fa:67:eb:50:3a:04:15:ae:aa:29:
78:6a:97:46:37:cd:e8:4d:df:e4:28:a2:83:34:b6:5f:7e:ca:
2d:c1:3a:7d:59:fe:9a:33:e8:ae:23:6e:74:52:01:0b:47:c7:
19:ff:2f:f9:06:f3:c2:96:a8:0a:92:52:5a:ff:50:cd:d6:b9:
5b:c8:fb:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLoAiEsZwcWTOe+IshEjZHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwODI5MDUxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2MwYzg5ZTVjZThlZjI5MDUyMTIwMTRjNGYxY2YzYzJkOGQ2ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteeUEIN8OAj/bFCrrNuw/BAIK0Mi
Y2BzAa0/7SJ7sAE43PdnN2fjIwKOzrTBXJoLnDwJv20qWfzxcY3N4dMhsk1kndr9
fzHwa1ad0XHDXidd0cfYpS2UpVOG5qoMEKUp5Rd0jCnPZEn1avAWa+7QimBYIz5E
o26Af4XQm6cTBx2rh71BO+IKY9iK+yH+gZn9BxgOYFflPARzyHtZ6L9wXRs7aVoS
/t7TaAA2v8LnuK96hXIKtkr29FOrL4SpiEpNM/OIojRO2b+ZP23pP/c6Csd0J54s
AeXWnaldrBNyUhxd8/g9QHr6ynjNEKqRb+zlDYbNkAQCyhEo4/IDzRN6sQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJfAyJ5c6O8pBSEgFMTxzzwtjW7NMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvbDhESW5sem83eWtGSVNBVXhQSFBQQzJOYnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhBegAMF
AyoQX4ADBQMqEGCAMA0GCSqGSIb3DQEBCwUAA4IBAQCi8Hbccip71+mOJ10WdMH9
zZM3mFwbecA3YW49fwOfTF0f3vP7ub2rqNY6jgNSmQtXCdZzqXMQhr+zPSE+ZSaU
awtcMbB3mBImisnXR6gzvhgCOabt9wSeP/swotPbGB7jcwtXp8OqrB+od7Tj7c+Z
3zWf5OsgAKdggIYH1cAOzm7dEpb5A1bmPqKBhJ2JMyT+tdGG6w2lfpRUnjhwHkVb
jc1HoAwB4HKq9/mvO7lA/Gqwh9iG396XqIJCVvpn61A6BBWuqil4apdGN83oTd/k
KKKDNLZffsotwTp9Wf6aM+iuI250UgELR8cZ/y/5BvPClqgKklJa/1DN1rlbyPtV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org