Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/148ot7YCmd01xmral40Mmrx3ukM.roa
File: 148ot7YCmd01xmral40Mmrx3ukM.roa (raw, json)
Hash identifier: aig0MSnjEsho37dFnomQnDMm6Q5af1D7GBN4J4qwipk=
Subject key identifier: D7:8F:28:B7:B6:02:99:DD:35:C6:6A:DA:97:8D:0C:9A:BC:77:BA:43
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 087F83A1
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/148ot7YCmd01xmral40Mmrx3ukM.roa
Signing time: Wed 23 Feb 2022 09:56:09 +0000
ROA not before: Wed 23 Feb 2022 09:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 2a10:f46::/32 maxlen: 32
2a10:f44::/32 maxlen: 32
2a10:f42::/32 maxlen: 32
2a10:f40::/32 maxlen: 32
2a10:f43::/32 maxlen: 32
2a10:f47::/32 maxlen: 32
2a10:f45::/32 maxlen: 32
2a10:f41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142574497 (0x87f83a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 23 09:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d78f28b7b60299dd35c66ada978d0c9abc77ba43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:70:da:f9:54:a7:6a:c4:8f:97:6d:9a:ac:67:
36:8a:30:ea:65:fe:20:b1:af:28:05:27:da:da:f4:
c7:ee:8a:54:2d:dc:53:29:0e:6d:36:2e:95:d9:76:
13:2f:fb:b2:5c:89:1e:89:66:9d:29:8d:55:11:55:
54:4c:01:ce:27:d0:3c:e2:4f:a4:9c:9b:b5:f5:6d:
64:f9:31:bd:54:2f:86:b6:49:14:6f:1e:d0:b1:25:
0b:12:f8:bd:4b:32:93:58:b8:72:1d:8a:65:d9:9f:
92:81:9c:89:3a:c1:8b:0f:35:0c:fc:2e:71:34:60:
24:d8:58:31:fc:cf:d3:13:3f:4f:4c:a9:19:e7:6e:
91:56:fc:fc:f9:ad:e9:f0:62:d8:13:f5:38:9e:61:
28:54:aa:26:e3:dd:56:4e:72:bd:94:04:44:50:07:
3c:f1:92:45:a9:81:ca:82:75:d9:8c:b2:e4:b1:a8:
8d:6b:73:4a:a1:e8:65:f7:3a:d2:34:a0:b8:a2:59:
68:5c:e1:42:38:6c:10:61:78:4f:93:e0:f8:09:d1:
4a:7e:6a:44:33:7c:bb:1b:54:54:5f:1f:2d:dc:4b:
02:4c:d4:5b:5d:99:67:55:a8:7b:04:85:90:07:e9:
4f:49:e7:e6:ca:0b:60:55:23:5e:0b:fd:cb:13:58:
18:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:28:B7:B6:02:99:DD:35:C6:6A:DA:97:8D:0C:9A:BC:77:BA:43
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/148ot7YCmd01xmral40Mmrx3ukM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:84:ec:f0:16:71:3c:21:03:36:01:70:9b:69:cd:e8:d5:53:
b2:6c:98:ad:4a:09:86:50:e5:bf:0c:c0:80:e2:b3:76:21:79:
b7:f9:f9:eb:c7:96:58:e0:15:29:6b:cb:e1:13:6d:8d:eb:12:
cf:e0:87:0e:c0:e6:11:9e:fb:30:1d:df:db:c9:c8:99:e5:9c:
af:bd:32:f4:21:05:b4:9c:3e:85:7e:0b:ba:bb:1f:16:eb:72:
4d:c5:16:62:24:e7:c8:cd:df:7b:34:6d:08:c5:0f:41:b9:d0:
72:95:df:d9:7a:b9:66:43:10:01:df:47:33:9f:2f:85:6e:a1:
b9:4e:e9:7e:48:cc:19:04:84:b4:e2:66:19:92:77:d3:20:d5:
44:82:52:c7:c4:e0:0d:0b:43:83:fc:3f:d3:37:97:9d:8c:fd:
9b:25:5f:cf:88:1a:b1:eb:bd:45:51:41:6f:69:7e:a1:8e:9f:
dc:18:f3:e4:d2:51:5b:36:84:6b:1c:96:04:06:d2:26:67:61:
a0:1f:03:8a:42:41:d1:37:e2:48:b5:71:d7:e8:fa:35:d8:91:
2b:64:78:8d:61:d8:ab:a4:5e:b3:6a:bb:76:8f:e6:65:07:f9:
de:5a:e4:8a:97:16:9e:fa:56:f4:d0:59:ea:74:23:d4:88:47:
28:e1:4d:ca
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECH+DoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIy
MzA5NTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc4ZjI4YjdiNjAy
OTlkZDM1YzY2YWRhOTc4ZDBjOWFiYzc3YmE0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVw2vlUp2rEj5dtmqxnNoow6mX+ILGvKAUn2tr0x+6KVC3c
UykObTYuldl2Ey/7slyJHolmnSmNVRFVVEwBzifQPOJPpJybtfVtZPkxvVQvhrZJ
FG8e0LElCxL4vUsyk1i4ch2KZdmfkoGciTrBiw81DPwucTRgJNhYMfzP0xM/T0yp
GedukVb8/Pmt6fBi2BP1OJ5hKFSqJuPdVk5yvZQERFAHPPGSRamByoJ12Yyy5LGo
jWtzSqHoZfc60jSguKJZaFzhQjhsEGF4T5Pg+AnRSn5qRDN8uxtUVF8fLdxLAkzU
W12ZZ1WoewSFkAfpT0nn5soLYFUjXgv9yxNYGOECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTXjyi3tgKZ3TXGatqXjQyavHe6QzAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzE0OG90N1lDbWQwMXhtcmFsNDBNbXJ4M3VrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoQD0AwDQYJKoZIhvcNAQELBQAD
ggEBAC6E7PAWcTwhAzYBcJtpzejVU7JsmK1KCYZQ5b8MwIDis3Yhebf5+evHlljg
FSlry+ETbY3rEs/ghw7A5hGe+zAd39vJyJnlnK+9MvQhBbScPoV+C7q7Hxbrck3F
FmIk58jN33s0bQjFD0G50HKV39l6uWZDEAHfRzOfL4VuoblO6X5IzBkEhLTiZhmS
d9Mg1USCUsfE4A0LQ4P8P9M3l52M/ZslX8+IGrHrvUVRQW9pfqGOn9wY8+TSUVs2
hGsclgQG0iZnYaAfA4pCQdE34ki1cdfo+jXYkStkeI1h2KukXrNqu3aP5mUH+d5a
5IqXFp76VvTQWep0I9SIRyjhTco=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org