Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ziAqiMzJ_CliXaKEQcUs2IWmy1g.roa
File: ziAqiMzJ_CliXaKEQcUs2IWmy1g.roa (raw, json)
Hash identifier: 4p67UrKEtOwSveZdvXUmkvhVMpAlfijeGd9e3R+d3OA=
Subject key identifier: CE:20:2A:88:CC:C9:FC:29:62:5D:A2:84:41:C5:2C:D8:85:A6:CB:58
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 08830AC8
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ziAqiMzJ_CliXaKEQcUs2IWmy1g.roa
Signing time: Wed 23 Feb 2022 11:06:22 +0000
ROA not before: Wed 23 Feb 2022 11:06:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210107
IP address blocks: 2a10:f40::/29 maxlen: 29
2a10:f45::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142805704 (0x8830ac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 23 11:06:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce202a88ccc9fc29625da28441c52cd885a6cb58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b8:e3:16:4f:d9:1d:0f:62:4c:71:c5:91:90:
e2:3b:57:31:8e:97:c3:63:d4:90:e1:db:20:40:c5:
d6:f8:8b:7a:c2:05:eb:56:13:1e:e2:1b:f2:96:cb:
6c:5b:77:0d:d9:48:cc:43:c3:8b:0d:6e:3d:bd:bd:
b4:cd:45:37:80:98:9c:32:4a:9e:e9:d7:70:68:00:
d6:08:ad:d9:77:20:cf:78:39:ab:2a:42:3f:5f:bc:
e7:03:de:c4:25:cb:27:52:3b:2a:d5:22:e0:16:dc:
e8:05:69:02:47:e7:7e:59:d7:83:40:c8:0f:03:7d:
8d:b5:73:8f:fa:32:e2:54:99:30:fe:e1:25:a9:0e:
4a:f5:4f:14:51:11:68:dc:aa:10:34:76:a8:dd:41:
2b:b4:ed:7f:d6:f0:bb:1a:4e:d1:5e:e5:dd:aa:5d:
9f:f4:37:ed:1d:0c:af:93:49:e9:b9:f3:78:3e:84:
db:35:e6:77:d8:4f:f6:02:47:49:27:85:fc:4b:5c:
78:46:0a:07:ea:cb:eb:c9:9a:cc:c4:87:ee:e5:32:
20:e5:a9:0b:96:8a:3e:a0:6d:b9:c1:cc:27:ea:0a:
1a:f0:2a:a9:7c:cf:6a:be:f0:5b:97:56:c2:ac:64:
68:b0:76:83:ec:f2:f8:57:db:1f:a0:2e:52:47:97:
f7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:20:2A:88:CC:C9:FC:29:62:5D:A2:84:41:C5:2C:D8:85:A6:CB:58
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ziAqiMzJ_CliXaKEQcUs2IWmy1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
41:25:ad:86:a2:53:a9:c4:41:2e:00:f2:35:85:45:54:9f:26:
51:d1:00:4a:e0:31:88:3b:a2:5e:6e:cf:10:0b:cd:c2:98:01:
1e:66:db:35:ca:8a:f6:e6:23:63:05:93:db:65:c2:cf:f5:c1:
2d:34:55:b3:f1:72:ce:68:e9:b2:ec:06:1a:59:72:48:01:72:
ae:2b:11:70:a4:ae:63:1d:69:35:2f:00:b0:21:0e:0c:5a:93:
14:d0:4f:04:bb:8d:fe:83:7f:d8:96:79:45:d5:c8:47:63:17:
c3:52:6e:38:29:4d:13:76:48:d9:35:fa:b4:89:8d:7c:4d:ab:
f6:f4:f3:05:56:a4:f7:1c:7e:b8:4e:b5:be:d7:d2:4a:b6:a8:
6b:4f:bb:01:2e:45:2a:51:5f:d3:55:66:c2:5e:7a:1b:54:13:
1b:c6:03:e2:50:c3:70:2c:8a:b5:a5:01:b9:57:cc:64:91:d2:
50:f4:2e:ab:5a:80:bf:d1:25:19:81:f7:93:0f:2f:25:6b:97:
a1:91:2a:1d:cb:f3:e8:e8:12:fe:07:c4:15:8f:53:c8:2b:6e:
1c:87:89:41:57:5c:94:e6:63:2e:21:a0:14:9b:72:ab:7a:65:
17:35:84:d6:da:88:36:ff:1a:55:51:c8:9d:51:c5:0d:34:7d:
14:e1:ea:0b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECIMKyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIy
MzExMDYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2UyMDJhODhjY2M5
ZmMyOTYyNWRhMjg0NDFjNTJjZDg4NWE2Y2I1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+44xZP2R0PYkxxxZGQ4jtXMY6Xw2PUkOHbIEDF1viLesIF
61YTHuIb8pbLbFt3DdlIzEPDiw1uPb29tM1FN4CYnDJKnunXcGgA1git2Xcgz3g5
qypCP1+85wPexCXLJ1I7KtUi4Bbc6AVpAkfnflnXg0DIDwN9jbVzj/oy4lSZMP7h
JakOSvVPFFERaNyqEDR2qN1BK7Ttf9bwuxpO0V7l3apdn/Q37R0Mr5NJ6bnzeD6E
2zXmd9hP9gJHSSeF/EtceEYKB+rL68mazMSH7uUyIOWpC5aKPqBtucHMJ+oKGvAq
qXzPar7wW5dWwqxkaLB2g+zy+FfbH6AuUkeX9z8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTOICqIzMn8KWJdooRBxSzYhabLWDAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L3ppQXFpTXpKX0NsaVhhS0VRY1VzMklXbXkxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoQD0AwDQYJKoZIhvcNAQELBQAD
ggEBAEElrYaiU6nEQS4A8jWFRVSfJlHRAErgMYg7ol5uzxALzcKYAR5m2zXKivbm
I2MFk9tlws/1wS00VbPxcs5o6bLsBhpZckgBcq4rEXCkrmMdaTUvALAhDgxakxTQ
TwS7jf6Df9iWeUXVyEdjF8NSbjgpTRN2SNk1+rSJjXxNq/b08wVWpPccfrhOtb7X
0kq2qGtPuwEuRSpRX9NVZsJeehtUExvGA+JQw3AsirWlAblXzGSR0lD0LqtagL/R
JRmB95MPLyVrl6GRKh3L8+joEv4HxBWPU8grbhyHiUFXXJTmYy4hoBSbcqt6ZRc1
hNbaiDb/GlVRyJ1RxQ00fRTh6gs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org