Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1kBNY3zJ6FzJL5g60CIsKEk2_w8.roa
File: 1kBNY3zJ6FzJL5g60CIsKEk2_w8.roa (raw, json)
Hash identifier: Cd9tsYJ9nKUOLNiwQF2s5OsupfLX1z8euaC3TlfVLwo=
Subject key identifier: D6:40:4D:63:7C:C9:E8:5C:C9:2F:98:3A:D0:22:2C:28:49:36:FF:0F
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0183A8AEC2A66D709C64A2C68618057A7259
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1kBNY3zJ6FzJL5g60CIsKEk2_w8.roa
Signing time: Wed 05 Oct 2022 15:06:08 +0000
ROA not before: Wed 05 Oct 2022 15:06:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210743
IP address blocks: 2a10:3980::/29 maxlen: 29
2a10:14c0::/29 maxlen: 29
2a0e:5780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:ae:c2:a6:6d:70:9c:64:a2:c6:86:18:05:7a:72:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 5 15:06:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6404d637cc9e85cc92f983ad0222c284936ff0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:89:15:b1:64:a3:a1:bc:05:e0:9f:56:a1:
95:5e:5f:db:c5:22:d9:b3:a9:16:ac:30:21:91:c6:
42:0a:3f:5c:0a:f5:22:06:9c:7d:ab:cf:0b:fa:5d:
8e:85:c6:5e:bb:f6:7a:ba:88:48:f1:08:1e:ac:c5:
4d:71:e4:e2:fe:ac:05:aa:06:38:3e:b7:a3:75:ba:
e6:48:79:ff:f1:4f:89:fe:c6:49:b3:02:9b:62:13:
58:d6:49:f4:1a:45:8f:fe:d5:43:32:1c:ed:bf:cb:
d7:aa:e6:46:0f:09:04:e5:52:0f:90:03:04:e1:33:
62:18:7e:1c:78:16:9b:6d:7d:17:80:16:78:16:9f:
01:ac:ee:a6:29:9f:94:cb:a1:f9:83:9c:8a:8d:fd:
92:5f:c4:31:71:a6:20:dd:8c:37:8b:51:85:47:28:
92:3b:7c:9b:f7:47:0d:f3:7f:6f:36:7f:8d:c0:67:
d0:38:7a:b6:2a:b0:28:4c:1e:63:e3:fe:71:51:92:
d3:51:87:43:86:5b:44:1c:5e:91:1b:bb:80:ea:eb:
19:cd:5b:d0:d6:a1:1b:9e:c3:0c:b2:31:d1:8a:08:
a2:3d:b6:c6:07:33:ac:de:23:8e:64:aa:be:de:ca:
2f:10:76:2b:a7:ee:79:6f:e1:a6:eb:8a:08:e1:87:
16:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:40:4D:63:7C:C9:E8:5C:C9:2F:98:3A:D0:22:2C:28:49:36:FF:0F
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1kBNY3zJ6FzJL5g60CIsKEk2_w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5780::/29
2a10:14c0::/29
2a10:3980::/29
Signature Algorithm: sha256WithRSAEncryption
20:be:2d:ea:cc:f2:71:f4:ac:cc:23:3c:d3:ea:22:c3:9d:f0:
65:c2:c2:34:de:9b:5b:6c:d9:dd:3d:9f:5b:11:3d:72:37:bb:
70:d8:59:ee:0f:37:6c:fe:4b:54:e2:cf:a3:1c:46:37:4c:5b:
43:e4:0c:be:57:a1:9f:64:2a:58:aa:53:ae:9b:2e:9e:27:51:
fa:4d:39:a7:4b:6a:1e:f7:a9:a5:ca:34:b8:99:4c:c1:81:3d:
4d:95:28:da:a1:91:22:6b:cf:e7:b8:24:a3:5e:f8:0d:23:51:
06:f1:2f:18:3b:f0:d0:5d:b2:e3:64:85:82:9f:59:11:af:b1:
8b:5b:24:5a:24:72:f5:85:99:54:0f:3e:d0:b1:5e:00:d6:fc:
7c:f4:1a:7e:78:8f:c0:ac:51:e2:14:53:e3:ff:6c:ef:54:f6:
1f:fb:22:05:df:35:09:22:0c:1e:41:49:4a:cb:f6:73:78:df:
84:e2:ea:71:a7:1b:a9:87:29:3a:7b:f7:f6:23:5c:12:c8:ef:
0d:18:74:6f:e8:89:88:6c:a8:24:35:ff:a9:18:d0:38:12:27:
1e:88:84:5c:9f:e6:db:f2:8d:73:8c:f2:39:08:c4:79:2a:13:
0c:b3:22:d7:cb:b6:08:f1:dc:23:9a:9b:fb:79:90:77:94:23:
cc:48:19:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOorsKmbXCcZKLGhhgFenJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIxMDA1MTUwNjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQwNGQ2MzdjYzllODVjYzkyZjk4M2FkMDIyMmMyODQ5MzZmZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEKJFbFko6G8BeCfVqGVXl/bxSLZ
s6kWrDAhkcZCCj9cCvUiBpx9q88L+l2OhcZeu/Z6uohI8QgerMVNceTi/qwFqgY4
PrejdbrmSHn/8U+J/sZJswKbYhNY1kn0GkWP/tVDMhztv8vXquZGDwkE5VIPkAME
4TNiGH4ceBabbX0XgBZ4Fp8BrO6mKZ+Uy6H5g5yKjf2SX8QxcaYg3Yw3i1GFRyiS
O3yb90cN839vNn+NwGfQOHq2KrAoTB5j4/5xUZLTUYdDhltEHF6RG7uA6usZzVvQ
1qEbnsMMsjHRigiiPbbGBzOs3iOOZKq+3sovEHYrp+55b+Gm64oI4YcW0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNZATWN8yehcyS+YOtAiLChJNv8PMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvMWtCTlkzeko2RnpKTDVnNjBDSXNLRWsyX3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5XgAMF
AyoQFMADBQMqEDmAMA0GCSqGSIb3DQEBCwUAA4IBAQAgvi3qzPJx9KzMIzzT6iLD
nfBlwsI03ptbbNndPZ9bET1yN7tw2FnuDzds/ktU4s+jHEY3TFtD5Ay+V6GfZCpY
qlOumy6eJ1H6TTmnS2oe96mlyjS4mUzBgT1NlSjaoZEia8/nuCSjXvgNI1EG8S8Y
O/DQXbLjZIWCn1kRr7GLWyRaJHL1hZlUDz7QsV4A1vx89Bp+eI/ArFHiFFPj/2zv
VPYf+yIF3zUJIgweQUlKy/ZzeN+E4upxpxuphyk6e/f2I1wSyO8NGHRv6ImIbKgk
Nf+pGNA4EiceiIRcn+bb8o1zjPI5CMR5KhMMsyLXy7YI8dwjmpv7eZB3lCPMSBnf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:16 2025 by rpki-client