Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/SAAq6o4km4OUs8pIG3LorqxhN_E.roa
File: SAAq6o4km4OUs8pIG3LorqxhN_E.roa (raw, json)
Hash identifier: bmnZaIgx5M6iCNla8VHaVeX7UYgeyG3lxXzcCEdN7cg=
Subject key identifier: 48:00:2A:EA:8E:24:9B:83:94:B3:CA:48:1B:72:E8:AE:AC:61:37:F1
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0882586B
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/SAAq6o4km4OUs8pIG3LorqxhN_E.roa
Signing time: Wed 23 Feb 2022 11:06:22 +0000
ROA not before: Wed 23 Feb 2022 11:06:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 2a10:f46::/32 maxlen: 32
2a10:f44::/32 maxlen: 32
2a10:f42::/32 maxlen: 32
2a10:f40::/32 maxlen: 32
2a10:f43::/32 maxlen: 32
2a10:f47::/32 maxlen: 32
2a10:f41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142760043 (0x882586b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 23 11:06:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48002aea8e249b8394b3ca481b72e8aeac6137f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:ea:26:84:a1:43:4c:87:c4:a4:a4:96:f4:
b7:3a:ec:db:4a:36:94:66:21:70:e8:ff:fd:9b:06:
db:4a:40:0f:55:e1:2f:a1:00:b1:2f:43:da:ad:cd:
c0:22:79:0f:3c:c3:66:c3:8d:1b:cb:32:60:2f:69:
2b:1f:43:30:23:a4:cc:a6:8b:65:39:f6:e7:6e:69:
f1:67:05:e8:cd:f0:f7:47:21:87:3b:28:bf:4a:cb:
78:fd:8a:57:c8:be:69:31:5a:c1:a9:26:53:6b:97:
ff:a6:ab:e5:fd:ab:be:2a:f6:84:db:90:f9:c1:1e:
65:b2:f7:aa:5f:e3:e7:08:9f:b6:69:e7:14:a7:cf:
b8:f5:ff:01:0a:bf:26:91:e3:18:3c:4b:43:08:20:
a0:05:23:04:68:f0:05:dd:e2:72:72:03:f3:95:80:
e6:3b:97:0a:a2:ee:61:f0:a5:0d:86:16:a6:64:ae:
52:a0:9a:52:87:6c:6d:37:85:28:6d:59:89:2a:ba:
d0:55:3c:5d:cf:ae:51:fa:0e:bf:f3:09:f2:76:d6:
da:ff:1e:a8:c1:f3:7e:ea:58:7a:5c:5f:e8:bc:20:
9b:e6:ab:8f:6e:39:a3:17:17:ae:ae:10:65:4e:26:
31:48:e5:f6:d7:f0:8a:97:c1:a2:d3:fa:5b:56:ff:
ea:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:00:2A:EA:8E:24:9B:83:94:B3:CA:48:1B:72:E8:AE:AC:61:37:F1
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/SAAq6o4km4OUs8pIG3LorqxhN_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f40::-2a10:f44:ffff:ffff:ffff:ffff:ffff:ffff
2a10:f46::/31
Signature Algorithm: sha256WithRSAEncryption
75:67:77:e2:79:bc:8c:99:33:08:47:51:87:e4:c2:72:d8:1c:
63:0d:bc:28:d6:02:aa:41:c8:a4:e3:31:54:1b:a4:10:3d:77:
17:e9:99:cc:74:63:0a:a6:88:9e:03:f3:b3:61:26:49:b2:8a:
41:9c:0a:92:6d:d4:52:6f:b8:d3:93:ba:d6:07:9e:d6:05:85:
c4:f8:72:c7:14:d6:38:23:53:57:90:86:af:5d:1c:12:da:85:
2e:d9:a1:73:93:76:34:f4:95:51:96:63:e1:36:46:3b:68:01:
9f:d9:6f:52:4a:48:f0:11:3d:8f:d1:14:a4:dc:1f:dd:60:25:
7f:21:d6:9d:96:2d:6f:d9:4c:61:fc:0c:43:f1:d0:3a:59:e2:
f2:92:c6:33:9d:e3:b1:b6:50:96:1d:ae:4a:d3:9b:f5:a9:79:
d4:f3:34:e5:a0:04:1b:d3:ba:d6:35:0c:48:33:7b:65:3e:7a:
24:cb:c6:e3:f4:de:ce:0a:0b:84:fe:50:6b:ce:30:54:fc:91:
98:d7:cc:0b:84:21:a2:b8:e0:e4:28:6c:70:01:33:e7:ae:24:
25:8c:7f:e2:4b:e4:2d:3d:d2:48:38:b9:41:a0:bb:ca:1f:f7:
08:ba:3e:6b:6e:59:60:35:89:34:60:18:2c:77:56:38:4e:a1:
27:f6:8e:dc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECIJYazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIy
MzExMDYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgwMDJhZWE4ZTI0
OWI4Mzk0YjNjYTQ4MWI3MmU4YWVhYzYxMzdmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrB6iaEoUNMh8SkpJb0tzrs20o2lGYhcOj//ZsG20pAD1Xh
L6EAsS9D2q3NwCJ5DzzDZsONG8syYC9pKx9DMCOkzKaLZTn2525p8WcF6M3w90ch
hzsov0rLeP2KV8i+aTFawakmU2uX/6ar5f2rvir2hNuQ+cEeZbL3ql/j5wiftmnn
FKfPuPX/AQq/JpHjGDxLQwggoAUjBGjwBd3icnID85WA5juXCqLuYfClDYYWpmSu
UqCaUodsbTeFKG1ZiSq60FU8Xc+uUfoOv/MJ8nbW2v8eqMHzfupYelxf6Lwgm+ar
j245oxcXrq4QZU4mMUjl9tfwipfBotP6W1b/6sECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRIACrqjiSbg5SzykgbcuiurGE38TAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L1NBQXE2bzRrbTRPVXM4cElHM0xvcnF4aE5fRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wHQQCAAIwFzAOAwUGKhAPQAMFACoQD0QDBQEqEA9G
MA0GCSqGSIb3DQEBCwUAA4IBAQB1Z3fiebyMmTMIR1GH5MJy2BxjDbwo1gKqQcik
4zFUG6QQPXcX6ZnMdGMKpoieA/OzYSZJsopBnAqSbdRSb7jTk7rWB57WBYXE+HLH
FNY4I1NXkIavXRwS2oUu2aFzk3Y09JVRlmPhNkY7aAGf2W9SSkjwET2P0RSk3B/d
YCV/Idadli1v2Uxh/AxD8dA6WeLyksYzneOxtlCWHa5K05v1qXnU8zTloAQb07rW
NQxIM3tlPnoky8bj9N7OCguE/lBrzjBU/JGY18wLhCGiuODkKGxwATPnriQljH/i
S+QtPdJIOLlBoLvKH/cIuj5rbllgNYk0YBgsd1Y4TqEn9o7c
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org