Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/GvJMVWsj61XJKxJbaJMChVyZ4jQ.roa
File: GvJMVWsj61XJKxJbaJMChVyZ4jQ.roa (raw, json)
Hash identifier: GywOmPoNf7Qttrx8WgWAB62i9DqjQhRu4rZBxU3pTO0=
Subject key identifier: 1A:F2:4C:55:6B:23:EB:55:C9:2B:12:5B:68:93:02:85:5C:99:E2:34
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 098AABEC
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/GvJMVWsj61XJKxJbaJMChVyZ4jQ.roa
Signing time: Tue 07 Jun 2022 14:02:07 +0000
ROA not before: Tue 07 Jun 2022 14:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:2b01::/32 maxlen: 32
2a0e:2b05::/32 maxlen: 32
2a0e:2b00::/29 maxlen: 29
2a0e:2b07::/32 maxlen: 32
2a0e:2b04::/32 maxlen: 32
2a0e:2b00::/32 maxlen: 32
2a0e:2b06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160082924 (0x98aabec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jun 7 14:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1af24c556b23eb55c92b125b689302855c99e234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5e:be:0d:a0:03:88:19:e7:0b:c2:f8:84:f4:
f6:25:ac:29:d3:ac:98:91:98:81:22:3c:21:72:29:
64:6f:01:5d:f1:5b:ac:54:1d:82:f4:12:24:54:47:
2e:66:12:02:6f:cb:c7:57:9f:aa:9f:15:2c:97:14:
7a:0f:24:67:ac:8a:83:86:a5:4c:1d:c5:d2:ff:ac:
c4:6c:59:ab:46:b8:0f:11:cf:dc:11:cb:09:7f:6d:
7d:2d:c9:88:54:c8:06:50:c2:5a:4e:33:e7:51:c0:
c3:94:d6:9d:3f:fe:2e:a9:ff:f9:de:fb:61:02:7f:
f3:84:67:40:79:4c:3f:53:1d:2a:9c:06:0e:6a:f6:
41:61:47:b3:6a:55:d9:32:7f:47:fb:ed:ae:4f:cc:
5a:b0:25:30:ea:17:f1:42:d2:f4:7c:62:bd:06:1e:
7b:c9:3c:3b:fe:3b:2d:d1:a4:d5:92:7a:70:02:cd:
42:1b:d3:49:f2:80:42:db:e2:cb:27:fe:72:93:5b:
e6:5a:a9:e0:3b:33:cf:e2:95:c0:66:68:3a:e6:72:
1d:69:d8:e0:b4:ea:89:91:4e:2b:2a:b5:74:fa:91:
53:87:29:51:98:14:6c:1c:f1:da:35:f3:77:9b:8d:
5a:61:76:8f:6c:e3:aa:27:f1:14:13:40:10:b6:08:
98:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F2:4C:55:6B:23:EB:55:C9:2B:12:5B:68:93:02:85:5C:99:E2:34
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/GvJMVWsj61XJKxJbaJMChVyZ4jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2b00::/29
Signature Algorithm: sha256WithRSAEncryption
61:0b:cd:77:3f:08:08:82:10:e9:9e:85:98:87:34:50:a9:6e:
74:c2:ba:ea:af:fb:fe:b3:59:ce:7c:7f:47:54:00:b8:b0:a1:
3f:52:d1:00:d9:4c:79:01:6e:dc:9c:87:d0:81:3b:30:67:dd:
e9:d3:8c:38:cc:29:2f:4e:67:b6:4e:3c:39:5e:71:8d:b3:fe:
7f:b1:6a:a2:82:5c:5a:b1:64:09:7c:55:c0:7c:14:30:05:f9:
cf:5e:bc:93:a5:b7:97:6e:3a:91:16:3f:d7:4e:1d:a2:a2:ca:
b0:8f:66:2a:18:3e:88:fd:5c:30:0a:8d:58:12:e5:90:5b:50:
77:bd:01:eb:94:24:f5:7f:2f:22:92:a4:47:d1:e6:4e:af:c1:
3e:b3:1d:0c:01:3f:c1:37:9c:bf:2b:6f:e8:f4:4a:01:56:e8:
4a:e9:e8:09:3c:4c:75:5e:41:9b:f7:94:ef:13:38:41:6b:76:
f2:14:7e:1f:71:1a:20:5c:ec:a6:f4:b4:05:b3:c4:85:74:57:
1e:a6:17:32:41:49:eb:a7:17:f5:1b:97:77:25:fe:70:3e:4c:
6d:36:bf:f1:2f:4b:4f:1b:30:1a:ae:40:b7:62:42:7d:b3:70:
51:ca:50:65:67:4a:c4:ea:fa:85:55:b1:7f:29:5d:81:37:ca:
ce:f2:a9:3c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECYqr7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDYw
NzE0MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFmMjRjNTU2YjIz
ZWI1NWM5MmIxMjViNjg5MzAyODU1Yzk5ZTIzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPJevg2gA4gZ5wvC+IT09iWsKdOsmJGYgSI8IXIpZG8BXfFb
rFQdgvQSJFRHLmYSAm/Lx1efqp8VLJcUeg8kZ6yKg4alTB3F0v+sxGxZq0a4DxHP
3BHLCX9tfS3JiFTIBlDCWk4z51HAw5TWnT/+Lqn/+d77YQJ/84RnQHlMP1MdKpwG
Dmr2QWFHs2pV2TJ/R/vtrk/MWrAlMOoX8ULS9HxivQYee8k8O/47LdGk1ZJ6cALN
QhvTSfKAQtviyyf+cpNb5lqp4Dszz+KVwGZoOuZyHWnY4LTqiZFOKyq1dPqRU4cp
UZgUbBzx2jXzd5uNWmF2j2zjqifxFBNAELYImJMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQa8kxVayPrVckrEltokwKFXJniNDAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L0d2Sk1WV3NqNjFYSkt4SmJhSk1DaFZ5WjRqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOKwAwDQYJKoZIhvcNAQELBQAD
ggEBAGELzXc/CAiCEOmehZiHNFCpbnTCuuqv+/6zWc58f0dUALiwoT9S0QDZTHkB
btych9CBOzBn3enTjDjMKS9OZ7ZOPDlecY2z/n+xaqKCXFqxZAl8VcB8FDAF+c9e
vJOlt5duOpEWP9dOHaKiyrCPZioYPoj9XDAKjVgS5ZBbUHe9AeuUJPV/LyKSpEfR
5k6vwT6zHQwBP8E3nL8rb+j0SgFW6Erp6Ak8THVeQZv3lO8TOEFrdvIUfh9xGiBc
7Kb0tAWzxIV0Vx6mFzJBSeunF/Ubl3cl/nA+TG02v/EvS08bMBquQLdiQn2zcFHK
UGVnSsTq+oVVsX8pXYE3ys7yqTw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org