Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/E72wNVPkMYnT9pHECBY_BiWbJCI.roa
File: E72wNVPkMYnT9pHECBY_BiWbJCI.roa (raw, json)
Hash identifier: 77Tmh+5JOmnchfWZQ1QuuX4Eyr7F0ArtW19ZyziR1ko=
Subject key identifier: 13:BD:B0:35:53:E4:31:89:D3:F6:91:C4:08:16:3F:06:25:9B:24:22
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0182A145FE5A714DAD35520EEFDFBDECC696
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/E72wNVPkMYnT9pHECBY_BiWbJCI.roa
Signing time: Mon 15 Aug 2022 11:31:34 +0000
ROA not before: Mon 15 Aug 2022 11:31:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61272
IP address blocks: 2a0e:2b03::/32 maxlen: 32
2a0e:2b01::/32 maxlen: 32
2a0e:2b05::/32 maxlen: 32
2a0e:2b07::/32 maxlen: 32
2a0e:2b04::/32 maxlen: 32
2a0e:2b00::/32 maxlen: 32
2a0e:2b06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:45:fe:5a:71:4d:ad:35:52:0e:ef:df:bd:ec:c6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Aug 15 11:31:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13bdb03553e43189d3f691c408163f06259b2422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:db:49:b3:f7:5a:00:cc:4e:05:af:99:ee:04:
e7:1a:94:5d:1d:dd:cb:0c:4a:3c:85:5b:71:04:c4:
86:5f:79:76:3e:e9:82:46:db:42:fb:08:7d:77:33:
f7:f8:2d:84:5e:31:57:37:88:6f:f3:74:e7:f6:ba:
b0:22:d1:1b:4a:c3:39:8b:61:4a:6b:e6:9c:39:ab:
c6:25:4c:15:b8:19:c8:f5:3a:99:32:98:75:68:de:
70:87:68:47:2b:cc:48:63:6e:75:47:28:6c:9b:44:
b2:5c:72:8f:d2:a7:b8:ce:55:2e:c4:88:73:92:05:
1f:32:94:ad:6b:a0:a8:d6:c5:19:35:cc:40:77:40:
27:6d:9d:67:78:b5:42:04:53:2e:d8:44:01:aa:50:
cb:6d:d5:4c:fb:69:10:18:b1:00:b0:d4:dd:31:92:
5e:bb:42:0c:8d:cb:48:09:df:e5:61:b4:c6:b9:bd:
83:40:e1:f7:59:f2:88:c2:30:75:e9:94:c8:aa:30:
6f:29:1b:b9:c1:8b:0a:fa:50:d8:c4:79:20:47:e5:
ec:e0:a4:5f:1d:be:50:76:eb:23:87:05:17:ba:f1:
40:e2:2c:69:57:60:96:5c:8a:8e:a8:48:90:24:97:
54:1f:9f:27:63:25:1e:98:c2:4d:97:63:1d:fb:bf:
fe:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BD:B0:35:53:E4:31:89:D3:F6:91:C4:08:16:3F:06:25:9B:24:22
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/E72wNVPkMYnT9pHECBY_BiWbJCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2b00::/31
2a0e:2b03::-2a0e:2b07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:42:7e:c2:aa:7d:10:d4:ab:c9:c9:be:88:82:e3:0b:f6:fe:
ba:10:b0:12:9f:d2:0a:42:99:9c:63:89:74:89:99:0a:40:53:
61:70:dd:e7:da:65:0f:0b:f5:d7:a1:72:bf:3f:b7:9a:e1:82:
00:72:7f:a7:6b:ee:a1:b5:3b:69:ef:ff:d2:b3:44:20:fb:a1:
08:d7:d4:96:23:0c:87:ef:c9:b9:75:dc:5c:59:0e:2a:2f:ec:
ef:c9:13:a2:36:14:7f:f9:ad:d7:8d:b4:70:82:5d:88:dc:68:
00:9a:4f:d6:a7:0e:93:b4:96:e7:70:a8:9f:ef:8d:f4:7f:79:
5f:81:81:de:0f:68:4b:8f:7e:9a:45:d6:6f:a6:c5:bd:21:14:
7d:8d:b4:2f:41:2a:90:7d:0b:4e:f0:fa:b8:28:9a:2c:01:c3:
fc:93:6e:d1:c8:78:c9:1c:25:4a:98:df:59:e2:ca:aa:85:91:
52:cb:bd:11:b6:15:e8:e9:93:8a:bd:e1:ac:9c:fa:4d:55:7f:
c1:da:74:0b:6b:92:e6:d0:c7:4a:0f:ca:4c:91:0c:a0:9b:a0:
43:1b:86:0f:c3:04:3e:4e:2e:72:7e:a6:e8:54:9f:4c:fa:68:
5b:8d:96:3c:af:e4:85:6e:ad:45:95:ea:a3:48:8e:9e:73:e0:
33:d9:e6:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKhRf5acU2tNVIO79+97MaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIwODE1MTEzMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2JkYjAzNTUzZTQzMTg5ZDNmNjkxYzQwODE2M2YwNjI1OWIyNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9tJs/daAMxOBa+Z7gTnGpRdHd3L
DEo8hVtxBMSGX3l2PumCRttC+wh9dzP3+C2EXjFXN4hv83Tn9rqwItEbSsM5i2FK
a+acOavGJUwVuBnI9TqZMph1aN5wh2hHK8xIY251Ryhsm0SyXHKP0qe4zlUuxIhz
kgUfMpSta6Co1sUZNcxAd0AnbZ1neLVCBFMu2EQBqlDLbdVM+2kQGLEAsNTdMZJe
u0IMjctICd/lYbTGub2DQOH3WfKIwjB16ZTIqjBvKRu5wYsK+lDYxHkgR+Xs4KRf
Hb5QdusjhwUXuvFA4ixpV2CWXIqOqEiQJJdUH58nYyUemMJNl2Md+7/+WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBO9sDVT5DGJ0/aRxAgWPwYlmyQiMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvRTcyd05WUGtNWW5UOXBIRUNCWV9CaVdiSkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUBKg4rADAO
AwUAKg4rAwMFAyoOKwAwDQYJKoZIhvcNAQELBQADggEBAIBCfsKqfRDUq8nJvoiC
4wv2/roQsBKf0gpCmZxjiXSJmQpAU2Fw3efaZQ8L9dehcr8/t5rhggByf6dr7qG1
O2nv/9KzRCD7oQjX1JYjDIfvybl13FxZDiov7O/JE6I2FH/5rdeNtHCCXYjcaACa
T9anDpO0ludwqJ/vjfR/eV+Bgd4PaEuPfppF1m+mxb0hFH2NtC9BKpB9C07w+rgo
miwBw/yTbtHIeMkcJUqY31niyqqFkVLLvRG2Fejpk4q94ayc+k1Vf8HadAtrkubQ
x0oPykyRDKCboEMbhg/DBD5OLnJ+puhUn0z6aFuNljyv5IVurUWV6qNIjp5z4DPZ
5kA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org