Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/aBZzh6i6nhfyBVKq-yzqNlMw9OA.roa
File: aBZzh6i6nhfyBVKq-yzqNlMw9OA.roa (raw, json)
Hash identifier: aeJqLoPoT8p+cZgFMOJibbNf+KWHK84EIGFfV6dJIMo=
Subject key identifier: 68:16:73:87:A8:BA:9E:17:F2:05:52:AA:FB:2C:EA:36:53:30:F4:E0
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 09925BA9
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/aBZzh6i6nhfyBVKq-yzqNlMw9OA.roa
Signing time: Wed 08 Jun 2022 14:29:04 +0000
ROA not before: Wed 08 Jun 2022 14:29:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:2b03::/32 maxlen: 32
2a0e:2b01::/32 maxlen: 32
2a0e:2b05::/32 maxlen: 32
2a0e:2b00::/29 maxlen: 29
2a0e:2b07::/32 maxlen: 32
2a0e:2b04::/32 maxlen: 32
2a0e:2b00::/32 maxlen: 32
2a0e:2b06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160586665 (0x9925ba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jun 8 14:29:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68167387a8ba9e17f20552aafb2cea365330f4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a1:69:e2:59:9a:51:7c:8c:19:2e:d6:e0:76:
dd:5b:d8:b2:d5:60:40:e0:ce:99:71:2d:0f:e7:46:
08:21:fb:7d:d7:7a:af:b0:d3:09:bc:8a:80:81:71:
49:5f:c1:f5:cd:50:0b:a9:0b:9e:bd:ae:c9:a9:62:
c3:d9:bd:d9:b8:a6:c2:de:36:a1:0c:e6:cf:a1:69:
5a:54:82:c3:c2:b4:1c:3d:ef:2c:b5:bb:55:c7:a9:
7e:ee:ae:52:ab:72:67:cf:98:e0:a1:73:a3:d0:97:
56:a0:3c:b4:6c:0c:2b:b2:c9:48:5f:ba:aa:c7:1f:
00:de:14:7f:db:e8:49:58:3a:80:f9:49:b9:3c:35:
4e:69:35:82:45:ec:0a:05:83:62:fe:fc:da:52:95:
5b:0a:4d:a5:0a:2e:85:10:f4:d7:72:4e:a0:bb:01:
c5:9a:15:84:ef:d7:a1:71:23:2d:df:19:4f:41:29:
45:b8:a5:30:c9:d4:c8:13:f2:70:d2:c9:a8:73:21:
d9:9c:c3:d1:21:ef:28:d8:b0:31:ad:d3:61:8d:ef:
b2:b7:73:9c:a1:59:d1:71:f6:d8:f7:92:14:2c:5e:
d2:4d:65:3f:ec:7c:fc:49:5d:0b:a5:d0:cf:de:90:
b4:97:ca:19:9b:14:41:6f:8a:ce:dd:12:56:2c:d1:
54:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:16:73:87:A8:BA:9E:17:F2:05:52:AA:FB:2C:EA:36:53:30:F4:E0
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/aBZzh6i6nhfyBVKq-yzqNlMw9OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2b00::/29
Signature Algorithm: sha256WithRSAEncryption
71:d7:8f:d6:72:d0:72:d7:81:82:61:0f:74:07:72:e3:08:f7:
3a:fe:03:b8:07:f7:59:66:f4:68:0a:b1:33:66:b5:94:8d:7a:
d6:3c:48:b5:8b:45:48:42:92:dc:1b:75:dd:23:f1:bb:21:e5:
03:d2:75:e6:c3:ce:8d:a0:d1:32:18:f2:b8:01:14:f3:70:51:
dd:45:87:63:83:fc:48:ee:c3:d8:48:e1:8e:4e:d2:b5:26:c7:
61:72:31:4a:25:79:64:9d:d1:c3:ec:89:00:97:29:44:8b:e9:
cc:2f:e7:ed:a5:b4:12:b3:fe:2d:33:a4:39:ac:a3:4d:b9:34:
e2:09:00:08:8d:54:27:21:df:97:e0:91:de:79:98:f6:1c:94:
03:23:28:86:9b:c0:1d:4f:50:a2:a3:15:2b:d4:79:87:13:3f:
a2:f2:0e:e7:31:3f:9d:60:4b:eb:3c:eb:93:ee:6b:ef:05:29:
e7:b1:bf:24:d1:0a:29:b3:90:d4:a8:93:7a:3f:08:87:0f:7f:
e5:72:20:b2:8f:a9:d6:ed:c1:a6:4c:44:bb:e4:60:3f:91:73:
e7:08:76:e2:ca:ac:62:ae:78:2d:59:3f:49:6a:5e:3f:f2:76:
a9:ce:08:a2:f8:fe:8e:8e:0e:38:e3:46:be:d4:be:c0:51:17:
27:88:15:6a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECZJbqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDYw
ODE0MjkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgxNjczODdhOGJh
OWUxN2YyMDU1MmFhZmIyY2VhMzY1MzMwZjRlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKhaeJZmlF8jBku1uB23VvYstVgQODOmXEtD+dGCCH7fdd6
r7DTCbyKgIFxSV/B9c1QC6kLnr2uyaliw9m92bimwt42oQzmz6FpWlSCw8K0HD3v
LLW7Vcepfu6uUqtyZ8+Y4KFzo9CXVqA8tGwMK7LJSF+6qscfAN4Uf9voSVg6gPlJ
uTw1Tmk1gkXsCgWDYv782lKVWwpNpQouhRD013JOoLsBxZoVhO/XoXEjLd8ZT0Ep
RbilMMnUyBPycNLJqHMh2ZzD0SHvKNiwMa3TYY3vsrdznKFZ0XH22PeSFCxe0k1l
P+x8/EldC6XQz96QtJfKGZsUQW+Kzt0SVizRVN8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRoFnOHqLqeF/IFUqr7LOo2UzD04DAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L2FCWnpoNmk2bmhmeUJWS3EteXpxTmxNdzlPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOKwAwDQYJKoZIhvcNAQELBQAD
ggEBAHHXj9Zy0HLXgYJhD3QHcuMI9zr+A7gH91lm9GgKsTNmtZSNetY8SLWLRUhC
ktwbdd0j8bsh5QPSdebDzo2g0TIY8rgBFPNwUd1Fh2OD/Ejuw9hI4Y5O0rUmx2Fy
MUoleWSd0cPsiQCXKUSL6cwv5+2ltBKz/i0zpDmso025NOIJAAiNVCch35fgkd55
mPYclAMjKIabwB1PUKKjFSvUeYcTP6LyDucxP51gS+s865Pua+8FKeexvyTRCimz
kNSok3o/CIcPf+VyILKPqdbtwaZMRLvkYD+Rc+cIduLKrGKueC1ZP0lqXj/ydqnO
CKL4/o6ODjjjRr7UvsBRFyeIFWo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org