Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/U8yf9VuhOoGZpHRoRVx2EyBhuu4.roa
File: U8yf9VuhOoGZpHRoRVx2EyBhuu4.roa (raw, json)
Hash identifier: 1mmyWAfUdz6muPTg4Jv03Q9CNIdaRxy+4NuHl3ufCi0=
Subject key identifier: 53:CC:9F:F5:5B:A1:3A:81:99:A4:74:68:45:5C:76:13:20:61:BA:EE
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018432961E28E83CE456CFB1150882D2910A
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/U8yf9VuhOoGZpHRoRVx2EyBhuu4.roa
Signing time: Tue 01 Nov 2022 09:46:49 +0000
ROA not before: Tue 01 Nov 2022 09:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:1b43::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
2a0e:1b40::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:96:1e:28:e8:3c:e4:56:cf:b1:15:08:82:d2:91:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Nov 1 09:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53cc9ff55ba13a8199a47468455c76132061baee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dc:93:a9:06:80:df:8e:f4:5e:27:52:e0:b4:
e8:bf:90:f6:97:32:61:75:7d:62:4f:e1:c6:57:66:
5f:76:25:01:84:fb:dd:65:73:c8:33:eb:e6:9b:06:
93:5c:d8:a3:65:eb:fd:fb:80:ba:7a:bf:6f:de:f1:
d7:a5:d8:7d:8d:9c:bc:d3:d3:c7:71:9b:1c:9f:14:
bf:b6:f8:a1:05:a5:af:20:1d:77:77:1a:52:f7:e5:
bf:62:7d:3e:ee:e3:00:a9:3a:8b:e8:b8:af:31:68:
f6:6f:78:3f:9b:da:06:03:ef:7e:c3:17:e9:a5:7d:
46:b9:51:ba:3c:bd:e2:d2:06:0e:a8:be:c4:bc:49:
ba:ec:65:6a:59:c5:de:87:0f:1e:f1:56:ac:03:35:
cd:cc:5f:87:a6:dd:ca:e7:43:a0:61:fb:3f:d2:f5:
5e:7e:c1:5b:5a:e5:6c:31:a7:fc:c9:51:a2:a0:3b:
a7:b0:9b:30:5a:74:d0:f4:44:00:26:fe:58:25:0f:
7a:c9:f1:5d:3c:e5:07:89:f6:d7:0a:c4:71:a2:c1:
f7:8b:4c:a0:59:a3:86:bb:76:08:75:78:c8:ab:93:
db:e8:45:ad:69:a3:76:ef:51:63:78:6e:94:fb:1b:
29:8a:12:0b:88:15:4f:c7:77:cc:3e:d0:f8:3f:ad:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CC:9F:F5:5B:A1:3A:81:99:A4:74:68:45:5C:76:13:20:61:BA:EE
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/U8yf9VuhOoGZpHRoRVx2EyBhuu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
Signature Algorithm: sha256WithRSAEncryption
0f:b7:23:19:61:f8:f8:e2:d4:2c:7f:56:46:0c:3d:6d:54:0c:
6e:6b:bf:ec:47:e1:fd:7f:99:46:55:73:5d:89:6d:02:15:36:
d2:b9:1b:4e:6b:3d:a9:31:e4:32:ef:30:38:f2:64:d8:87:b7:
36:d8:8e:e7:6e:0e:50:3f:4d:ab:c5:a4:3e:a3:83:e6:51:ff:
8e:00:7c:d2:99:ca:1b:22:79:0d:a7:03:6c:ea:be:a3:23:1c:
bf:b2:ac:1c:17:2a:19:19:8d:1e:1d:a1:1f:20:bb:02:70:36:
0d:96:a3:63:03:44:77:e0:71:45:2c:f2:c0:9a:48:e2:b4:1b:
08:59:24:2f:fa:87:22:d3:a8:e0:25:66:80:35:e4:fd:e5:0f:
9b:ce:72:0a:a7:ed:f8:58:97:67:58:3f:85:6a:ca:83:7c:9a:
7d:e7:f8:2a:a7:b5:0e:81:f9:33:71:10:1d:3c:c8:9f:fe:1b:
4d:79:ca:69:5f:ff:30:c9:3d:f9:16:ce:a2:72:b5:39:62:e7:
db:79:9c:5e:66:fb:72:59:1d:d5:a8:f2:41:4c:5f:19:ba:28:
fe:a9:9d:8d:3f:29:e7:51:7d:7e:90:47:c4:dd:fe:55:cc:96:
e7:a8:0a:9f:a9:0a:8a:be:20:b0:f7:44:2a:2a:bd:28:7a:c1:
1c:ee:10:e1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQylh4o6DzkVs+xFQiC0pEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIxMTAxMDk0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NjOWZmNTViYTEzYTgxOTlhNDc0Njg0NTVjNzYxMzIwNjFiYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdyTqQaA3470XidS4LTov5D2lzJh
dX1iT+HGV2ZfdiUBhPvdZXPIM+vmmwaTXNijZev9+4C6er9v3vHXpdh9jZy809PH
cZscnxS/tvihBaWvIB13dxpS9+W/Yn0+7uMAqTqL6LivMWj2b3g/m9oGA+9+wxfp
pX1GuVG6PL3i0gYOqL7EvEm67GVqWcXehw8e8VasAzXNzF+Hpt3K50OgYfs/0vVe
fsFbWuVsMaf8yVGioDunsJswWnTQ9EQAJv5YJQ96yfFdPOUHifbXCsRxosH3i0yg
WaOGu3YIdXjIq5Pb6EWtaaN271FjeG6U+xspihILiBVPx3fMPtD4P60q7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFPMn/VboTqBmaR0aEVcdhMgYbruMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvVTh5ZjlWdWhPb0dacEhSb1JWeDJFeUJodXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4bQDAN
BgkqhkiG9w0BAQsFAAOCAQEAD7cjGWH4+OLULH9WRgw9bVQMbmu/7Efh/X+ZRlVz
XYltAhU20rkbTms9qTHkMu8wOPJk2Ie3NtiO524OUD9Nq8WkPqOD5lH/jgB80pnK
GyJ5DacDbOq+oyMcv7KsHBcqGRmNHh2hHyC7AnA2DZajYwNEd+BxRSzywJpI4rQb
CFkkL/qHItOo4CVmgDXk/eUPm85yCqft+FiXZ1g/hWrKg3yafef4Kqe1DoH5M3EQ
HTzIn/4bTXnKaV//MMk9+RbOonK1OWLn23mcXmb7clkd1ajyQUxfGboo/qmdjT8p
51F9fpBHxN3+VcyW56gKn6kKir4gsPdEKiq9KHrBHO4Q4Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org