Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/rxqT9ihA65PwYOfjGX21HfMGmzs.roa
File: rxqT9ihA65PwYOfjGX21HfMGmzs.roa (raw, json)
Hash identifier: M9jEKfKNlxCg4M4CUAeP8iZR7yNGh0sOlPYO6jcOOoM=
Subject key identifier: AF:1A:93:F6:28:40:EB:93:F0:60:E7:E3:19:7D:B5:1D:F3:06:9B:3B
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018529184E8A802D648E0763E950BEE57CDF
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/rxqT9ihA65PwYOfjGX21HfMGmzs.roa
Signing time: Mon 19 Dec 2022 06:35:36 +0000
ROA not before: Mon 19 Dec 2022 06:35:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:6080::/29 maxlen: 29
2a10:6680::/29 maxlen: 29
2a10:5e80::/29 maxlen: 29
2a10:6480::/29 maxlen: 29
2a10:6780::/29 maxlen: 29
2a10:5f80::/29 maxlen: 29
2a10:6580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:18:4e:8a:80:2d:64:8e:07:63:e9:50:be:e5:7c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Dec 19 06:35:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af1a93f62840eb93f060e7e3197db51df3069b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0a:3b:8b:6c:0f:9a:d6:49:26:e7:be:31:cc:
62:cc:32:2f:9e:76:47:f1:7d:03:6f:d1:3c:d0:40:
c1:87:9f:74:e1:c2:7e:dc:0a:05:c2:c8:41:2a:bc:
c1:95:4a:21:15:dc:6c:be:85:2a:95:26:0d:62:73:
fa:8f:4c:d1:6d:a0:af:78:06:15:9f:f8:31:2c:b7:
b4:ad:7f:e5:a0:2d:23:fa:f7:2a:6c:54:3e:49:19:
f7:98:cf:8b:cf:48:e5:cf:ad:c5:8c:d1:ce:4d:28:
00:3d:d6:da:f6:d0:05:1b:31:13:73:fd:6c:ad:e3:
1b:f4:f9:b5:ee:33:8b:51:49:40:e6:70:54:a7:d6:
52:d4:8c:6b:42:6c:1e:09:4a:b6:91:15:b4:7f:72:
2e:df:e2:b7:10:ca:2a:1e:ef:5f:9c:09:9d:08:d7:
db:2f:21:cd:bf:a4:1f:1e:22:70:e6:b6:2f:77:78:
b2:b3:7b:44:14:7d:b1:a6:19:a8:07:5a:25:cf:ea:
5f:f9:54:6e:6f:bc:50:45:9c:ac:8a:9a:89:26:6b:
f9:12:c1:9d:97:44:54:18:27:2c:f1:d7:7b:56:84:
d7:4a:63:5d:a4:63:6d:f7:ff:d2:97:ce:1f:13:f7:
d8:a8:a5:af:04:dc:ed:ce:49:0a:2f:69:55:ed:e3:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1A:93:F6:28:40:EB:93:F0:60:E7:E3:19:7D:B5:1D:F3:06:9B:3B
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/rxqT9ihA65PwYOfjGX21HfMGmzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:5e80::/29
2a10:5f80::/29
2a10:6080::/29
2a10:6480::/29
2a10:6580::/29
2a10:6680::/29
2a10:6780::/29
Signature Algorithm: sha256WithRSAEncryption
7f:4d:44:ae:ce:c1:c5:5c:99:2f:b1:6c:53:dc:0f:69:1a:dc:
75:c6:7d:a3:02:5f:a5:b1:33:94:b6:85:78:65:71:d0:49:31:
5e:98:0e:7a:7c:1a:4f:03:13:41:6d:d8:b4:aa:7e:d9:ce:25:
23:8c:46:02:c9:a7:04:f9:f1:eb:fb:dd:d5:e8:46:2f:b0:68:
06:6d:1f:56:d2:09:2a:2b:8c:2d:8f:33:e1:b7:31:83:86:43:
30:f1:4c:91:ce:7c:85:25:a4:73:ba:9a:c2:69:0a:eb:fc:94:
8d:13:a4:08:c5:e6:75:91:de:12:57:83:55:1e:f2:6c:6f:5e:
97:28:dc:b2:a2:d1:c4:15:bd:c7:36:a8:e1:d9:54:3f:8b:03:
6f:b1:c4:4b:09:c1:2e:cd:5a:d3:26:7b:d6:94:f3:de:84:22:
81:17:fe:76:e7:29:35:c8:14:0b:f2:fd:07:15:bf:47:4d:a8:
36:60:20:50:f2:1a:29:df:37:85:40:cd:1e:e4:fd:77:8f:e0:
57:aa:f2:89:95:25:2d:ac:61:f8:4b:d2:12:3c:ab:a9:70:39:
35:50:7f:bb:33:04:c9:fc:b5:de:39:ef:df:40:06:2d:86:70:
5d:6b:ab:32:d6:3b:3c:1c:19:b6:ed:24:6e:d9:35:f8:81:03:
b1:39:cb:be
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYUpGE6KgC1kjgdj6VC+5XzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIxMjE5MDYzNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFhOTNmNjI4NDBlYjkzZjA2MGU3ZTMxOTdkYjUxZGYzMDY5YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Qo7i2wPmtZJJue+McxizDIvnnZH
8X0Db9E80EDBh5904cJ+3AoFwshBKrzBlUohFdxsvoUqlSYNYnP6j0zRbaCveAYV
n/gxLLe0rX/loC0j+vcqbFQ+SRn3mM+Lz0jlz63FjNHOTSgAPdba9tAFGzETc/1s
reMb9Pm17jOLUUlA5nBUp9ZS1IxrQmweCUq2kRW0f3Iu3+K3EMoqHu9fnAmdCNfb
LyHNv6QfHiJw5rYvd3iys3tEFH2xphmoB1olz+pf+VRub7xQRZysipqJJmv5EsGd
l0RUGCcs8dd7VoTXSmNdpGNt9//Sl84fE/fYqKWvBNztzkkKL2lV7eN1XQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFK8ak/YoQOuT8GDn4xl9tR3zBps7MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvcnhxVDlpaEE2NVB3WU9makdYMjFIZk1HbXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhBegAMF
AyoQX4ADBQMqEGCAAwUDKhBkgAMFAyoQZYADBQMqEGaAAwUDKhBngDANBgkqhkiG
9w0BAQsFAAOCAQEAf01Ers7BxVyZL7FsU9wPaRrcdcZ9owJfpbEzlLaFeGVx0Ekx
XpgOenwaTwMTQW3YtKp+2c4lI4xGAsmnBPnx6/vd1ehGL7BoBm0fVtIJKiuMLY8z
4bcxg4ZDMPFMkc58hSWkc7qawmkK6/yUjROkCMXmdZHeEleDVR7ybG9elyjcsqLR
xBW9xzao4dlUP4sDb7HESwnBLs1a0yZ71pTz3oQigRf+ducpNcgUC/L9BxW/R02o
NmAgUPIaKd83hUDNHuT9d4/gV6ryiZUlLaxh+EvSEjyrqXA5NVB/uzMEyfy13jnv
30AGLYZwXWurMtY7PBwZtu0kbtk1+IEDsTnLvg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org