Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hLghSPlVQxolPLBbApuoC1cbUIs.roa
File: hLghSPlVQxolPLBbApuoC1cbUIs.roa (raw, json)
Hash identifier: 6ScdMq5ZJ0ljxuSS7Xfaig4VTcnVZCXHdJ+QFHVA9iI=
Subject key identifier: 84:B8:21:48:F9:55:43:1A:25:3C:B0:5B:02:9B:A8:0B:57:1B:50:8B
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0188E72F4DFE1710B52EDC49B51D04F4D68A
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hLghSPlVQxolPLBbApuoC1cbUIs.roa
Signing time: Fri 23 Jun 2023 07:36:56 +0000
ROA not before: Fri 23 Jun 2023 07:36:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 2a10:12c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:2f:4d:fe:17:10:b5:2e:dc:49:b5:1d:04:f4:d6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jun 23 07:36:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84b82148f955431a253cb05b029ba80b571b508b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:8a:a1:c1:4c:9f:99:4e:d4:2d:92:78:69:
7e:20:33:64:2f:9a:a2:bf:66:65:9e:3a:a7:2d:b9:
93:ef:62:1d:e0:03:16:e2:d4:1a:9f:6e:ae:e5:c1:
ca:4f:9c:96:b9:12:1d:fd:49:57:58:73:1b:a3:7c:
7a:81:29:e5:61:a4:d7:4a:65:90:08:e8:0f:2e:35:
19:82:27:0d:10:bd:46:03:29:a2:65:71:58:cd:d2:
5a:a3:dc:13:bd:c7:40:81:34:35:53:88:cd:06:10:
a7:d6:cf:01:fb:40:5d:d8:c3:ba:35:d8:3e:e7:c5:
54:66:e3:5b:30:00:ee:67:13:81:d6:17:c1:ee:58:
54:d3:77:58:d1:f0:e8:62:74:0d:a7:be:1e:e8:3e:
f0:13:86:a7:e2:f0:b3:87:d1:ac:d0:dc:6b:63:f7:
10:1d:f1:a3:9b:0f:3c:c8:ae:2f:ee:aa:0b:25:96:
d3:fc:1f:2b:d4:af:ca:93:d4:ff:06:9d:d0:af:b8:
de:4f:98:fa:9e:c4:6a:03:b9:c4:2a:5d:b6:12:79:
19:1c:92:d2:04:5d:68:4a:fe:e8:17:0e:c8:41:d6:
6a:87:ac:24:51:95:2d:27:52:db:76:a9:81:ee:fb:
cc:b2:58:0c:8c:e2:6a:32:0c:b0:11:d1:a6:34:ef:
99:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B8:21:48:F9:55:43:1A:25:3C:B0:5B:02:9B:A8:0B:57:1B:50:8B
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hLghSPlVQxolPLBbApuoC1cbUIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:3c:cd:e5:92:57:57:07:9f:89:5b:b0:a2:dc:bf:63:a2:d8:
5c:57:bd:9f:95:d5:28:37:85:13:38:ea:e3:10:6f:f7:82:c4:
bf:32:69:85:83:54:ce:07:90:07:4b:f2:51:d1:9e:41:59:e8:
a6:7e:ee:ef:2a:ba:2c:05:28:78:03:34:6e:7c:7b:03:b3:50:
99:44:d2:85:73:97:a6:c0:6d:8d:a4:f0:b8:8a:cc:8e:e3:dc:
00:ca:46:3a:99:92:f0:d6:52:22:78:90:70:6f:f6:23:aa:68:
f2:21:d2:d3:e3:2c:50:ca:0c:fd:68:11:01:8c:c9:a4:1e:ef:
74:29:61:68:9e:eb:46:b2:a2:ec:34:40:94:bd:ef:57:f2:eb:
42:0d:4c:b0:f9:14:0e:b8:9a:11:e4:21:1a:47:ab:47:6d:22:
33:0f:88:f6:a2:99:8d:b7:69:da:83:6f:d8:54:05:86:a8:b4:
d3:25:a8:27:23:ac:cb:31:19:0f:d1:16:3c:86:6a:b3:81:27:
97:a3:f3:de:75:3e:95:cd:d7:b2:3f:2e:fe:27:73:f6:98:52:
70:4b:30:45:c8:51:c3:89:b8:08:82:01:23:d5:21:a4:6e:41:
d7:e6:1e:33:fb:6e:a4:97:6b:c6:75:b4:53:4b:62:8f:21:7f:
5d:89:ef:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjnL03+FxC1LtxJtR0E9NaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwNjIzMDczNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI4MjE0OGY5NTU0MzFhMjUzY2IwNWIwMjliYTgwYjU3MWI1MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjheKocFMn5lO1C2SeGl+IDNkL5qi
v2ZlnjqnLbmT72Id4AMW4tQan26u5cHKT5yWuRId/UlXWHMbo3x6gSnlYaTXSmWQ
COgPLjUZgicNEL1GAymiZXFYzdJao9wTvcdAgTQ1U4jNBhCn1s8B+0Bd2MO6Ndg+
58VUZuNbMADuZxOB1hfB7lhU03dY0fDoYnQNp74e6D7wE4an4vCzh9Gs0NxrY/cQ
HfGjmw88yK4v7qoLJZbT/B8r1K/Kk9T/Bp3Qr7jeT5j6nsRqA7nEKl22EnkZHJLS
BF1oSv7oFw7IQdZqh6wkUZUtJ1LbdqmB7vvMslgMjOJqMgywEdGmNO+ZiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIS4IUj5VUMaJTywWwKbqAtXG1CLMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvaExnaFNQbFZReG9sUExCYkFwdW9DMWNiVUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhASwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhjzN5ZJXVwefiVuwoty/Y6LYXFe9n5XVKDeFEzjq
4xBv94LEvzJphYNUzgeQB0vyUdGeQVnopn7u7yq6LAUoeAM0bnx7A7NQmUTShXOX
psBtjaTwuIrMjuPcAMpGOpmS8NZSIniQcG/2I6po8iHS0+MsUMoM/WgRAYzJpB7v
dClhaJ7rRrKi7DRAlL3vV/LrQg1MsPkUDriaEeQhGkerR20iMw+I9qKZjbdp2oNv
2FQFhqi00yWoJyOsyzEZD9EWPIZqs4Enl6Pz3nU+lc3Xsj8u/idz9phScEswRchR
w4m4CIIBI9UhpG5B1+YeM/tupJdrxnW0U0tijyF/XYnvAQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:14 2025 by rpki-client