Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/28ypBHt169Qr38qK4ChO6o1zKxM.roa
File: 28ypBHt169Qr38qK4ChO6o1zKxM.roa (raw, json)
Hash identifier: ugrlza4P74EGie0tRw4ozuh13I4Udws/m4SR8/zrW+U=
Subject key identifier: DB:CC:A9:04:7B:75:EB:D4:2B:DF:CA:8A:E0:28:4E:EA:8D:73:2B:13
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 09348E50
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/28ypBHt169Qr38qK4ChO6o1zKxM.roa
Signing time: Tue 03 May 2022 22:02:34 +0000
ROA not before: Tue 03 May 2022 22:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210662
IP address blocks: 2a0d:e0c0::/29 maxlen: 29
2a10:f40::/29 maxlen: 29
2a09:7240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154439248 (0x9348e50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 3 22:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbcca9047b75ebd42bdfca8ae0284eea8d732b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:78:b2:4e:15:71:2a:95:1a:55:ff:97:f6:
88:02:d4:40:f2:34:9d:ab:bc:5e:c2:4b:91:a1:85:
f7:1e:3b:55:bf:9d:0f:8b:12:4a:fc:c8:8c:1d:3f:
2f:34:68:1b:6e:ee:bd:54:bb:99:f1:a6:f9:8c:a1:
be:78:36:73:49:5b:d1:36:8b:be:cc:80:53:1d:1c:
98:d6:29:91:dc:56:42:e1:e1:e8:67:af:e8:59:44:
c3:e0:d5:4d:c1:3c:6c:9a:6f:59:3d:f5:d7:66:87:
a7:01:97:09:d6:00:66:d5:e8:cc:5c:70:93:16:fa:
56:e3:2d:13:e8:0f:41:63:5b:74:e4:f9:f1:a6:39:
a3:ba:6e:de:b8:70:75:95:d1:12:96:57:b4:31:f1:
3a:71:e2:02:a2:28:b5:0c:ae:e1:bc:51:b9:ca:5c:
c2:d5:ca:71:c8:cd:f9:ef:84:44:a3:a4:b3:42:ed:
df:58:79:28:c5:f0:c1:9a:d4:e9:40:4b:ce:30:db:
ab:6a:77:63:01:36:52:9f:f4:22:5b:90:28:3a:12:
1e:11:d1:cf:9c:77:f1:65:aa:bc:8c:0f:2e:8a:52:
86:af:7c:90:fe:37:21:c5:54:43:72:93:28:d6:ab:
93:bd:60:c1:d7:6d:d5:37:2c:da:c5:12:e6:f3:a0:
49:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CC:A9:04:7B:75:EB:D4:2B:DF:CA:8A:E0:28:4E:EA:8D:73:2B:13
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/28ypBHt169Qr38qK4ChO6o1zKxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7240::/29
2a0d:e0c0::/29
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
30:a9:80:80:ba:d2:4d:5e:af:8a:2b:92:1c:1a:05:09:73:8a:
86:a9:61:a5:2e:bb:3b:f6:58:ca:24:87:61:86:b7:f8:ec:32:
4b:9f:a5:20:32:62:a2:2b:48:83:89:08:01:14:80:04:0d:1e:
49:0c:fa:b8:f4:99:53:20:f3:67:08:88:79:35:a3:a2:04:68:
fa:17:44:39:4e:f3:3b:18:33:92:9a:e0:d9:50:31:fa:b1:9b:
8a:98:7d:2e:a0:19:eb:d0:e4:2e:03:92:c7:9a:d1:a0:62:e7:
79:12:9c:04:3c:01:5e:55:a6:a3:25:79:54:ec:30:1f:78:ae:
5e:25:ec:0c:98:d9:d9:b4:dc:be:50:92:74:65:a4:b6:8b:fe:
00:30:f7:0f:d8:9d:fd:3f:9e:fd:f3:09:ab:90:02:f3:4c:00:
6f:67:3d:d0:ac:5b:ff:e4:43:8a:64:f5:c2:54:ba:d8:43:ff:
c2:89:b0:25:90:f7:da:c8:e1:54:41:4d:76:b8:57:bf:cc:5d:
bf:b3:29:1b:0b:6d:cd:ba:18:9a:56:d8:06:3e:ad:80:15:4e:
73:6a:ee:70:58:68:52:7f:75:eb:3f:79:0e:5b:a6:0b:74:42:
b8:d0:eb:2b:6b:46:b2:55:ed:bb:32:04:70:64:eb:9b:03:bd:
59:ed:87:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECTSOUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDUw
MzIyMDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJjY2E5MDQ3Yjc1
ZWJkNDJiZGZjYThhZTAyODRlZWE4ZDczMmIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUteLJOFXEqlRpV/5f2iALUQPI0nau8XsJLkaGF9x47Vb+d
D4sSSvzIjB0/LzRoG27uvVS7mfGm+Yyhvng2c0lb0TaLvsyAUx0cmNYpkdxWQuHh
6Gev6FlEw+DVTcE8bJpvWT3112aHpwGXCdYAZtXozFxwkxb6VuMtE+gPQWNbdOT5
8aY5o7pu3rhwdZXREpZXtDHxOnHiAqIotQyu4bxRucpcwtXKccjN+e+ERKOks0Lt
31h5KMXwwZrU6UBLzjDbq2p3YwE2Up/0IluQKDoSHhHRz5x38WWqvIwPLopShq98
kP43IcVUQ3KTKNark71gwddt1Tcs2sUS5vOgSSsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTbzKkEe3Xr1CvfyorgKE7qjXMrEzAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzI4eXBCSHQxNjlRcjM4cUs0Q2hPNm8xekt4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFAyoJckADBQMqDeDAAwUDKhAPQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMKmAgLrSTV6viiuSHBoFCXOKhqlhpS67O/ZYyiSH
YYa3+OwyS5+lIDJioitIg4kIARSABA0eSQz6uPSZUyDzZwiIeTWjogRo+hdEOU7z
Oxgzkprg2VAx+rGbiph9LqAZ69DkLgOSx5rRoGLneRKcBDwBXlWmoyV5VOwwH3iu
XiXsDJjZ2bTcvlCSdGWktov+ADD3D9id/T+e/fMJq5AC80wAb2c90Kxb/+RDimT1
wlS62EP/womwJZD32sjhVEFNdrhXv8xdv7MpGwttzboYmlbYBj6tgBVOc2rucFho
Un916z95DlumC3RCuNDrK2tGslXtuzIEcGTrmwO9We2H2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org