Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-7OOKlp4lSj0oUUGBkMPmTAc46g.roa
File: 1-7OOKlp4lSj0oUUGBkMPmTAc46g.roa (raw, json)
Hash identifier: jwt11cy33zh51Uk1LyXRJqUbU+pnWkhluxRETomrBio=
Subject key identifier: FB:B3:8E:2A:5A:78:95:28:F4:A1:45:06:06:43:0F:99:30:1C:E3:A8
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0840D5A0
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-7OOKlp4lSj0oUUGBkMPmTAc46g.roa
Signing time: Fri 04 Feb 2022 14:48:54 +0000
ROA not before: Fri 04 Feb 2022 14:48:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 2a10:f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138466720 (0x840d5a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 4 14:48:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbb38e2a5a789528f4a1450606430f99301ce3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:16:26:86:2f:83:1b:02:04:97:cf:6d:b6:e0:
21:1f:7d:da:3a:0a:42:1d:6b:2d:f9:26:ac:13:04:
f7:e7:c4:62:71:2b:3a:8e:6b:99:1c:36:56:0f:5d:
1e:7b:e8:36:b9:79:06:fa:06:90:58:e6:e8:af:14:
e7:4e:90:59:a5:10:82:10:c9:55:f1:2f:68:25:5a:
b2:65:e5:6b:75:51:d2:4e:90:fc:d0:76:ee:09:fb:
ed:ee:ac:56:f6:0b:81:ce:84:cd:72:87:b6:a3:a7:
a0:c9:a1:41:9f:b1:42:2b:53:b5:c4:ca:54:4e:7a:
4c:34:33:99:d2:3f:af:60:c5:1a:c5:4f:51:f8:cb:
1c:49:d4:7b:92:6d:26:f5:15:60:fc:f0:70:32:1f:
a5:60:11:84:eb:0e:4a:d5:cd:f7:d0:c7:11:9e:a8:
0c:d4:65:af:aa:2c:b0:e4:40:7d:6b:59:b1:18:2b:
c9:5f:b1:01:ad:a8:5e:b9:34:2f:40:47:f9:f8:a0:
8f:7e:5f:04:91:5a:5b:dd:c9:23:12:2a:66:cd:c2:
a4:cd:55:12:55:ed:60:db:da:d1:60:29:3f:77:86:
53:37:b9:81:4b:16:be:c1:78:72:51:3b:bf:c5:1e:
bc:9b:25:c8:4c:14:7c:91:2c:1a:fb:5a:f5:c8:48:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B3:8E:2A:5A:78:95:28:F4:A1:45:06:06:43:0F:99:30:1C:E3:A8
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-7OOKlp4lSj0oUUGBkMPmTAc46g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
31:e0:0e:45:af:1a:21:4f:fd:e9:b6:d6:27:bf:4d:0a:f4:8f:
c1:07:9a:ca:75:cb:49:3e:df:14:74:2d:d7:b0:5c:63:70:29:
d5:00:8d:a1:97:86:ac:b9:b7:e3:17:53:01:d6:1b:d9:a1:32:
6a:cb:d7:3f:f2:30:a1:bf:12:47:90:a6:24:d8:44:ab:c0:45:
7a:76:9b:16:e9:8f:dd:f2:f0:e5:04:5c:27:05:f7:a4:ad:84:
fd:41:5d:8a:03:d7:e4:15:2a:27:32:f0:2c:9a:42:89:a3:63:
26:eb:31:56:28:12:97:e3:92:b8:39:ca:77:a5:4b:1b:9e:15:
38:25:07:39:83:40:1a:40:8c:8b:4d:7e:c1:4c:ee:07:67:7c:
55:27:af:df:a8:00:6b:d9:7c:9e:94:fb:66:f4:21:76:2f:f1:
3d:92:e2:b9:f8:46:b6:36:76:e3:d9:1a:70:b2:1a:44:0c:94:
ec:88:33:a0:d6:bb:74:1a:58:96:25:4d:97:8c:47:78:0d:59:
06:88:87:a1:06:54:86:f2:30:47:0d:38:6a:67:a4:71:50:95:
9f:a7:f1:0c:63:ce:70:0f:d7:5f:bd:1f:9f:ce:65:5b:53:d5:
35:d5:6c:d2:10:3e:4b:59:46:8a:23:48:a7:c4:f0:64:4a:ce:
c9:fe:a7:35
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECEDVoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIw
NDE0NDg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJiMzhlMmE1YTc4
OTUyOGY0YTE0NTA2MDY0MzBmOTkzMDFjZTNhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcWJoYvgxsCBJfPbbbgIR992joKQh1rLfkmrBME9+fEYnEr
Oo5rmRw2Vg9dHnvoNrl5BvoGkFjm6K8U506QWaUQghDJVfEvaCVasmXla3VR0k6Q
/NB27gn77e6sVvYLgc6EzXKHtqOnoMmhQZ+xQitTtcTKVE56TDQzmdI/r2DFGsVP
UfjLHEnUe5JtJvUVYPzwcDIfpWARhOsOStXN99DHEZ6oDNRlr6ossORAfWtZsRgr
yV+xAa2oXrk0L0BH+figj35fBJFaW93JIxIqZs3CpM1VElXtYNva0WApP3eGUze5
gUsWvsF4clE7v8UevJslyEwUfJEsGvta9chIlE8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT7s44qWniVKPShRQYGQw+ZMBzjqDAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzEtN09PS2xwNGxTajBvVVVHQmtNUG1UQWM0Nmcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzli
LzkxYWY2Ni1kMzk0LTQyZmEtYTBjNi1iMTZjYjRkZmFkZDMvMS9nbllEcVR2S01i
QVk5UkgyMUxDM1ZHNldNMkkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqEA9AMA0GCSqGSIb3DQEBCwUA
A4IBAQAx4A5FrxohT/3pttYnv00K9I/BB5rKdctJPt8UdC3XsFxjcCnVAI2hl4as
ubfjF1MB1hvZoTJqy9c/8jChvxJHkKYk2ESrwEV6dpsW6Y/d8vDlBFwnBfekrYT9
QV2KA9fkFSonMvAsmkKJo2Mm6zFWKBKX45K4Ocp3pUsbnhU4JQc5g0AaQIyLTX7B
TO4HZ3xVJ6/fqABr2XyelPtm9CF2L/E9kuK5+Ea2Nnbj2RpwshpEDJTsiDOg1rt0
GliWJU2XjEd4DVkGiIehBlSG8jBHDThqZ6RxUJWfp/EMY85wD9dfvR+fzmVbU9U1
1WzSED5LWUaKI0inxPBkSs7J/qc1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org