Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XFYwX6ZyK5b8fZIcCpybq3WU9_c.roa
File: XFYwX6ZyK5b8fZIcCpybq3WU9_c.roa (raw, json)
Hash identifier: k/kCcs/RBx9wESw2CgqKjnZYzzrvWNmf9iOPSntgAsw=
Subject key identifier: 5C:56:30:5F:A6:72:2B:96:FC:7D:92:1C:0A:9C:9B:AB:75:94:F7:F7
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0895E309
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XFYwX6ZyK5b8fZIcCpybq3WU9_c.roa
Signing time: Wed 02 Mar 2022 11:53:49 +0000
ROA not before: Wed 02 Mar 2022 11:53:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a10:14c0::/29 maxlen: 32
2a0e:2b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144040713 (0x895e309)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 2 11:53:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c56305fa6722b96fc7d921c0a9c9bab7594f7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d0:23:51:9f:c4:af:94:27:2b:05:ea:f7:ff:
27:8f:ed:36:dc:cf:57:cb:e5:cd:34:d0:66:d0:fc:
72:3f:ed:7a:89:03:af:18:20:e8:c0:97:58:8b:1d:
3f:a6:80:03:91:e8:a4:ac:e3:b8:fa:8c:5d:e2:64:
3f:e8:38:9a:9f:d0:8b:eb:a4:a2:4b:a8:75:cc:ba:
0a:06:46:c2:34:bd:fc:18:9f:e0:1a:a1:4c:23:c8:
6f:49:4f:e7:26:c4:e6:18:01:dc:78:48:f7:56:b8:
7b:23:ba:3f:20:bd:c6:50:d9:c3:d5:74:a7:a7:f2:
cf:8f:c5:f4:cf:ab:90:f5:39:41:76:87:09:2f:15:
75:58:26:e0:70:e3:7b:06:47:bb:c7:76:af:55:d8:
63:2a:8c:91:c2:a0:98:75:f4:40:64:04:7a:d0:be:
dd:f7:9f:9b:69:86:78:c3:b7:bd:f5:67:d2:33:b0:
42:19:d1:46:2d:63:87:5b:ea:d9:9a:a1:e3:f5:44:
7f:80:03:c6:e2:c8:8c:5e:0d:f9:e1:17:0d:8d:7d:
6d:44:da:2e:fa:95:d1:27:fa:b9:ca:a4:dd:fb:fb:
92:6e:4c:8b:e6:30:62:f3:2b:b3:5d:83:88:c1:ab:
29:bf:6d:b0:72:db:0f:60:5c:39:b4:7a:9b:26:a9:
9d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:56:30:5F:A6:72:2B:96:FC:7D:92:1C:0A:9C:9B:AB:75:94:F7:F7
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XFYwX6ZyK5b8fZIcCpybq3WU9_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2b00::/29
2a10:14c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:63:11:92:3a:03:1b:58:bd:de:cf:24:b7:2d:9b:9b:9a:c0:
d0:6a:23:11:6c:96:3d:57:5a:43:c4:c8:36:54:66:d2:0c:c3:
e7:b4:d4:2b:2b:e0:67:6f:f9:d0:39:32:bd:ad:d6:bc:02:f8:
df:4e:06:70:a1:72:1b:84:1a:ab:e6:57:c6:9b:fe:f6:65:17:
30:67:46:12:f9:32:ed:83:58:c1:d8:5a:9b:ee:71:6c:ba:94:
6b:d5:08:6a:2a:21:0c:ff:89:b9:f6:2f:9e:bf:2a:4a:29:48:
4c:61:09:ad:68:85:85:f8:c3:59:d0:3a:58:e6:ea:9b:10:0d:
54:81:9c:f2:29:15:ca:97:24:f7:2a:2c:29:1d:42:eb:a3:31:
88:64:8c:e4:e1:0d:b7:90:d5:82:3a:aa:b0:29:ba:f9:17:a6:
3b:7b:df:a5:73:72:cc:09:a5:b4:57:a6:f7:7e:0f:0c:7a:6f:
88:c5:6f:9c:e2:7b:46:bf:67:b0:9c:50:ae:a1:fe:de:6e:ae:
c0:e5:ae:20:55:e4:8a:ee:32:9d:e9:9e:63:88:ac:0c:73:b6:
bb:c3:0c:c5:94:94:f6:3d:98:5b:80:86:28:f4:37:d1:40:b0:
2d:27:00:cc:35:b2:80:2c:9a:9d:a7:b8:c3:79:26:9d:6b:47:
57:0f:84:49
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECJXjCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDMw
MjExNTM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM1NjMwNWZhNjcy
MmI5NmZjN2Q5MjFjMGE5YzliYWI3NTk0ZjdmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfQI1GfxK+UJysF6vf/J4/tNtzPV8vlzTTQZtD8cj/teokD
rxgg6MCXWIsdP6aAA5HopKzjuPqMXeJkP+g4mp/Qi+ukokuodcy6CgZGwjS9/Bif
4BqhTCPIb0lP5ybE5hgB3HhI91a4eyO6PyC9xlDZw9V0p6fyz4/F9M+rkPU5QXaH
CS8VdVgm4HDjewZHu8d2r1XYYyqMkcKgmHX0QGQEetC+3fefm2mGeMO3vfVn0jOw
QhnRRi1jh1vq2Zqh4/VEf4ADxuLIjF4N+eEXDY19bUTaLvqV0Sf6ucqk3fv7km5M
i+YwYvMrs12DiMGrKb9tsHLbD2BcObR6myapnZMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRcVjBfpnIrlvx9khwKnJurdZT39zAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L1hGWXdYNlp5SzViOGZaSWNDcHlicTNXVTlfYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoOKwADBQMqEBTAMA0GCSqGSIb3
DQEBCwUAA4IBAQAyYxGSOgMbWL3ezyS3LZubmsDQaiMRbJY9V1pDxMg2VGbSDMPn
tNQrK+Bnb/nQOTK9rda8AvjfTgZwoXIbhBqr5lfGm/72ZRcwZ0YS+TLtg1jB2Fqb
7nFsupRr1QhqKiEM/4m59i+evypKKUhMYQmtaIWF+MNZ0DpY5uqbEA1UgZzyKRXK
lyT3KiwpHULrozGIZIzk4Q23kNWCOqqwKbr5F6Y7e9+lc3LMCaW0V6b3fg8Mem+I
xW+c4ntGv2ewnFCuof7ebq7A5a4gVeSK7jKd6Z5jiKwMc7a7wwzFlJT2PZhbgIYo
9DfRQLAtJwDMNbKALJqdp7jDeSada0dXD4RJ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org