Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gDR4SujbZtOq31qiPPfkBRbqAmo.roa
File: gDR4SujbZtOq31qiPPfkBRbqAmo.roa (raw, json)
Hash identifier: KMgmQITkmBuE7/yR+q2AmlSnuSrcuXQUKCz9K0Lr0e8=
Subject key identifier: 80:34:78:4A:E8:DB:66:D3:AA:DF:5A:A2:3C:F7:E4:05:16:EA:02:6A
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01856C784D76D4F03FCEE2124EB916CB075C
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gDR4SujbZtOq31qiPPfkBRbqAmo.roa
Signing time: Sun 01 Jan 2023 08:35:01 +0000
ROA not before: Sun 01 Jan 2023 08:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 2a10:12c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:4d:76:d4:f0:3f:ce:e2:12:4e:b9:16:cb:07:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 08:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8034784ae8db66d3aadf5aa23cf7e40516ea026a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:7f:7d:6c:e3:23:b5:56:6f:d9:14:37:a6:
1f:5b:b1:51:0b:45:77:27:58:b5:eb:77:9d:fd:3f:
6c:b9:bc:af:31:e4:5a:60:90:fe:51:ec:e7:3c:cd:
3f:76:ae:67:7e:e0:b7:56:16:71:01:b6:72:f3:b2:
d3:95:ab:af:70:7f:41:e9:6d:03:67:47:50:6c:fe:
be:11:ca:51:e8:f5:58:02:f3:52:67:72:f1:d2:f6:
ed:cc:5c:d0:bc:8e:b3:a0:73:d4:a3:cf:c1:c1:a8:
e5:08:4c:35:f2:5b:4e:df:60:c3:7f:2e:bc:45:30:
2d:2d:00:4b:fd:a1:d0:f6:3d:c0:67:4c:fd:ac:0c:
ff:68:71:e3:ab:b7:3e:5b:4e:f4:d8:9f:a8:78:d9:
1c:9b:81:ca:2d:9d:3b:e6:61:0b:e1:31:0c:8c:87:
db:da:ea:bd:19:3b:c6:9d:77:d7:2f:0e:e5:da:fe:
05:98:5d:86:47:d2:73:27:3d:ca:03:89:0c:28:3b:
ec:b8:a6:2d:35:af:0b:b8:dd:2d:b8:a1:a2:d7:a4:
e3:48:dd:09:82:02:3a:bf:f2:e8:8e:e9:c9:14:fe:
9a:5e:0f:38:05:8f:67:67:24:3e:df:7c:1f:10:84:
fe:fc:d2:04:68:47:bf:be:d5:82:eb:92:ab:fe:c8:
31:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:34:78:4A:E8:DB:66:D3:AA:DF:5A:A2:3C:F7:E4:05:16:EA:02:6A
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gDR4SujbZtOq31qiPPfkBRbqAmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:ae:68:98:cd:e8:71:13:ba:15:f3:08:c1:52:e5:01:13:2f:
5f:e1:0d:7e:c1:67:7a:38:fd:c0:fa:18:c8:19:25:67:58:7a:
a0:7e:5a:bb:11:50:10:d6:21:0b:94:61:ce:5b:5b:14:8d:c2:
6a:e3:6d:54:93:1f:97:6f:b2:32:73:6e:d0:de:fa:1e:d4:57:
f7:1a:df:53:12:43:72:f7:74:ea:df:ce:cd:27:36:0b:3f:83:
5e:bb:ee:e8:5e:fa:d4:ce:1c:f4:27:94:ee:86:9e:b7:db:c6:
97:be:77:df:a7:b2:65:ce:a6:7e:07:2d:85:8c:87:4e:24:e0:
c1:dc:28:6a:f0:bb:2b:dc:29:b6:cd:fb:02:8d:fe:aa:57:1c:
46:44:06:fb:ee:8c:d9:cf:e4:90:1d:fb:a4:25:70:8d:fd:d7:
48:1c:47:8a:b7:66:79:f9:4b:1f:3c:67:17:8f:be:f9:10:15:
44:32:03:2d:14:ed:cf:e2:81:1a:43:61:b4:be:1e:5f:b0:f0:
27:ae:0f:de:3f:e6:3d:e9:46:d6:ee:5d:04:c7:e2:81:09:59:
1a:89:25:d8:1a:57:ba:d6:d6:1b:62:a2:55:71:56:32:49:0c:
99:f9:c3:dc:37:5e:cc:81:86:69:d9:bf:7d:5f:cd:f1:9c:f7:
98:3d:3c:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVseE121PA/zuISTrkWywdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwMTAxMDgzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM0Nzg0YWU4ZGI2NmQzYWFkZjVhYTIzY2Y3ZTQwNTE2ZWEwMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A9/fWzjI7VWb9kUN6YfW7FRC0V3
J1i163ed/T9subyvMeRaYJD+UeznPM0/dq5nfuC3VhZxAbZy87LTlauvcH9B6W0D
Z0dQbP6+EcpR6PVYAvNSZ3Lx0vbtzFzQvI6zoHPUo8/BwajlCEw18ltO32DDfy68
RTAtLQBL/aHQ9j3AZ0z9rAz/aHHjq7c+W0702J+oeNkcm4HKLZ075mEL4TEMjIfb
2uq9GTvGnXfXLw7l2v4FmF2GR9JzJz3KA4kMKDvsuKYtNa8LuN0tuKGi16TjSN0J
ggI6v/LojunJFP6aXg84BY9nZyQ+33wfEIT+/NIEaEe/vtWC65Kr/sgxRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIA0eEro22bTqt9aojz35AUW6gJqMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvZ0RSNFN1amJadE9xMzFxaVBQZmtCUmJxQW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhASwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQK5omM3ocRO6FfMIwVLlARMvX+ENfsFnejj9wPoY
yBklZ1h6oH5auxFQENYhC5RhzltbFI3CauNtVJMfl2+yMnNu0N76HtRX9xrfUxJD
cvd06t/OzSc2Cz+DXrvu6F761M4c9CeU7oaet9vGl75336eyZc6mfgcthYyHTiTg
wdwoavC7K9wpts37Ao3+qlccRkQG++6M2c/kkB37pCVwjf3XSBxHirdmeflLHzxn
F4+++RAVRDIDLRTtz+KBGkNhtL4eX7DwJ64P3j/mPelG1u5dBMfigQlZGokl2BpX
utbWG2KiVXFWMkkMmfnD3DdezIGGadm/fV/N8Zz3mD08Ng==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:44 2025 by rpki-client