Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TOg-k5DDzkFV5on83tIBUf0Q82M.roa
File: TOg-k5DDzkFV5on83tIBUf0Q82M.roa (raw, json)
Hash identifier: Ph9eWQltTEScbCLfUFFVf5RedpBuEKq9nqHX8xIu2lE=
Subject key identifier: 4C:E8:3E:93:90:C3:CE:41:55:E6:89:FC:DE:D2:01:51:FD:10:F3:63
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0182CB00FCFB7F9956CFDEDCE1CC82772341
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TOg-k5DDzkFV5on83tIBUf0Q82M.roa
Signing time: Tue 23 Aug 2022 14:00:15 +0000
ROA not before: Tue 23 Aug 2022 14:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:1b43::/32 maxlen: 32
2a10:12c3::/32 maxlen: 32
2a10:12c7::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
2a0e:1b40::/32 maxlen: 32
2a10:12c0::/32 maxlen: 32
2a10:12c6::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a10:12c5::/32 maxlen: 32
2a10:12c1::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a10:12c4::/32 maxlen: 32
2a10:12c2::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cb:00:fc:fb:7f:99:56:cf:de:dc:e1:cc:82:77:23:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Aug 23 14:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ce83e9390c3ce4155e689fcded20151fd10f363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:33:b8:81:2a:12:81:57:29:0b:db:84:03:
88:96:a4:ae:cd:7e:58:9c:1b:c1:11:95:69:0a:8e:
2e:f0:8f:b4:13:05:73:8a:a7:ff:3a:b9:c4:38:ec:
bd:c0:68:43:dd:22:55:69:66:33:af:93:e2:d6:af:
64:3c:2a:bb:42:00:c8:44:a4:65:02:de:3c:25:41:
46:18:c0:a5:a9:fc:45:63:d3:28:da:e9:85:8e:85:
5a:84:84:1e:5d:4b:46:40:c8:c0:d1:5b:b9:03:a4:
f9:02:18:d1:19:9e:41:b3:96:32:b7:fc:65:b2:0d:
ef:6c:fa:ca:93:c7:98:58:76:b9:cd:8f:52:bb:4d:
c7:09:9c:f2:65:b3:78:fa:db:3a:db:03:0b:4f:28:
48:29:6c:41:6e:15:a7:47:8a:c3:89:23:ac:c9:74:
0c:7c:7e:fa:e9:f6:b6:68:22:e2:78:70:99:86:d3:
99:6e:68:63:07:c0:b2:b6:4a:6a:9a:1a:9b:0e:79:
bb:41:8f:f7:70:45:a7:3a:e5:4e:69:05:44:17:d6:
f9:2e:c9:3a:50:79:22:15:82:d1:82:5e:ef:3c:d6:
9d:53:cc:f3:fe:93:f2:14:93:a0:6f:a7:22:43:33:
74:f6:e6:42:f3:e6:4f:7a:95:9b:15:3f:1b:7d:80:
65:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E8:3E:93:90:C3:CE:41:55:E6:89:FC:DE:D2:01:51:FD:10:F3:63
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TOg-k5DDzkFV5on83tIBUf0Q82M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
2a10:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:c7:82:00:c8:40:4b:c8:34:16:5c:5f:fe:38:d7:99:2b:e3:
b8:bc:08:f1:a1:ce:fe:90:8e:d2:26:56:65:74:63:47:40:de:
09:6c:14:92:86:b5:25:55:bd:91:50:80:66:36:fb:aa:70:d1:
14:37:66:6b:f5:5f:42:ea:39:b9:cd:63:32:61:36:38:52:e5:
d5:57:4c:e1:f7:7d:a7:51:03:f5:5b:bd:45:e9:62:02:19:3c:
79:d4:0d:c9:84:84:b9:9f:29:ec:f8:b9:c3:51:43:74:19:0d:
ae:80:45:d1:7f:e3:5a:0f:b1:b0:b5:f1:0a:11:2c:e8:15:b2:
f4:82:7c:58:68:6d:f4:e4:f9:43:10:55:31:91:cc:ac:be:8c:
ce:cf:8f:e9:4f:8d:95:cb:3f:02:b8:d8:86:80:51:1e:79:e3:
01:18:dc:5b:b2:64:c1:99:4d:a3:71:60:54:8f:05:45:76:3f:
30:e6:91:69:1a:e0:b0:2e:ef:df:70:98:c5:44:4e:cf:a4:f3:
55:0a:52:e2:66:3c:2d:82:ba:c5:c0:f8:d7:96:24:e5:0c:32:
b7:f3:bc:e1:85:94:1e:b2:97:bc:bb:f5:61:d2:ab:2a:80:d8:
2c:d7:51:e5:ed:5d:56:6c:31:69:e1:92:ea:49:db:ff:ac:cc:
29:c7:ba:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLLAPz7f5lWz97c4cyCdyNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIwODIzMTQwMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U4M2U5MzkwYzNjZTQxNTVlNjg5ZmNkZWQyMDE1MWZkMTBmMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufkzuIEqEoFXKQvbhAOIlqSuzX5Y
nBvBEZVpCo4u8I+0EwVziqf/OrnEOOy9wGhD3SJVaWYzr5Pi1q9kPCq7QgDIRKRl
At48JUFGGMClqfxFY9Mo2umFjoVahIQeXUtGQMjA0Vu5A6T5AhjRGZ5Bs5Yyt/xl
sg3vbPrKk8eYWHa5zY9Su03HCZzyZbN4+ts62wMLTyhIKWxBbhWnR4rDiSOsyXQM
fH766fa2aCLieHCZhtOZbmhjB8CytkpqmhqbDnm7QY/3cEWnOuVOaQVEF9b5Lsk6
UHkiFYLRgl7vPNadU8zz/pPyFJOgb6ciQzN09uZC8+ZPepWbFT8bfYBlOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEzoPpOQw85BVeaJ/N7SAVH9EPNjMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvVE9nLWs1RER6a0ZWNW9uODN0SUJVZjBRODJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg4bQAMF
AyoQEsAwDQYJKoZIhvcNAQELBQADggEBAI/HggDIQEvINBZcX/4415kr47i8CPGh
zv6QjtImVmV0Y0dA3glsFJKGtSVVvZFQgGY2+6pw0RQ3Zmv1X0LqObnNYzJhNjhS
5dVXTOH3fadRA/VbvUXpYgIZPHnUDcmEhLmfKez4ucNRQ3QZDa6ARdF/41oPsbC1
8QoRLOgVsvSCfFhobfTk+UMQVTGRzKy+jM7Pj+lPjZXLPwK42IaAUR554wEY3Fuy
ZMGZTaNxYFSPBUV2PzDmkWka4LAu799wmMVETs+k81UKUuJmPC2CusXA+NeWJOUM
MrfzvOGFlB6yl7y79WHSqyqA2CzXUeXtXVZsMWnhkupJ2/+szCnHung=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org