Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/NEtsffh7FjJaNG9AScCE12dzeEw.roa
File: NEtsffh7FjJaNG9AScCE12dzeEw.roa (raw, json)
Hash identifier: nf725MW0c7g21XFpXLGJdMw+KbmSZ/gSqVQJ1nDD/JQ=
Subject key identifier: 34:4B:6C:7D:F8:7B:16:32:5A:34:6F:40:49:C0:84:D7:67:73:78:4C
Certificate issuer: /CN=9416d8e02b5a1a75859f64a05c5a8d77c84c50f1
Certificate serial: 0386AA09
Authority key identifier: 94:16:D8:E0:2B:5A:1A:75:85:9F:64:A0:5C:5A:8D:77:C8:4C:50:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBbY4CtaGnWFn2SgXFqNd8hMUPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/NEtsffh7FjJaNG9AScCE12dzeEw.roa
Signing time: Sat 01 Jan 2022 12:56:34 +0000
ROA not before: Sat 01 Jan 2022 12:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a10:6640:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59157001 (0x386aa09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9416d8e02b5a1a75859f64a05c5a8d77c84c50f1
Validity
Not Before: Jan 1 12:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=344b6c7df87b16325a346f4049c084d76773784c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:46:80:a3:08:fe:b7:c4:1e:f3:04:aa:2d:
6a:0a:95:cb:2f:d2:31:13:ef:98:cb:36:28:fb:6c:
6c:5e:a5:ad:f3:5f:e6:5f:55:4c:9b:a6:b6:f6:d3:
e0:3c:dd:a7:6f:05:c6:7f:6f:99:2b:e2:b2:1d:47:
a7:6f:a1:49:6f:f2:01:71:a7:71:9d:ac:98:0a:99:
e7:b1:53:3e:f0:c7:97:84:eb:15:83:86:6a:88:5d:
4f:f2:8c:f3:52:3f:5b:9c:36:3f:0f:1e:fd:d2:66:
4a:19:93:97:4a:9c:09:32:38:bc:67:be:30:49:d1:
e4:8f:8a:49:a3:36:aa:f2:d0:14:a2:96:2f:3c:84:
1f:c5:f2:72:6e:29:d5:e0:84:1d:91:45:fb:39:de:
91:52:31:e7:39:e4:09:df:21:a2:64:ad:9a:c1:ba:
d8:da:fa:fa:c5:0d:fa:ca:18:6e:16:6e:91:79:5c:
42:d0:e9:86:e2:93:70:4e:72:fc:aa:07:aa:96:fd:
70:65:a5:7b:20:c4:9c:3b:cc:2e:16:75:2b:cf:a9:
19:71:87:6d:18:21:db:fb:4d:d6:f4:d7:bd:86:85:
db:90:94:f6:32:5b:1e:3c:67:96:16:b5:ae:58:32:
f0:d6:30:e1:72:20:5f:54:e7:22:22:91:af:1c:77:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4B:6C:7D:F8:7B:16:32:5A:34:6F:40:49:C0:84:D7:67:73:78:4C
X509v3 Authority Key Identifier:
keyid:94:16:D8:E0:2B:5A:1A:75:85:9F:64:A0:5C:5A:8D:77:C8:4C:50:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBbY4CtaGnWFn2SgXFqNd8hMUPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/NEtsffh7FjJaNG9AScCE12dzeEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/lBbY4CtaGnWFn2SgXFqNd8hMUPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6640:1::/48
Signature Algorithm: sha256WithRSAEncryption
69:ba:47:38:65:86:aa:15:c4:67:88:26:2e:af:9b:b9:f7:3b:
86:06:35:04:2a:4b:d9:e2:cd:c1:41:2d:25:8c:3b:5b:26:e6:
eb:84:10:aa:e6:4f:74:42:df:f7:8a:7a:22:f7:47:23:f6:74:
c8:08:0a:8f:55:ae:e8:ce:57:68:2f:73:b0:b9:9c:4f:c9:67:
0c:6a:d1:6b:4a:9b:28:68:69:54:f1:66:88:9d:78:b7:78:d3:
6e:0b:38:08:af:1d:93:d9:3f:05:2b:ae:82:96:20:9e:02:1d:
26:5b:c7:75:23:f5:fb:40:3c:a8:7a:b1:0f:ab:f0:10:65:62:
9d:d5:89:f7:1e:55:69:c9:a4:43:7b:b1:f0:9e:84:92:f9:7c:
05:54:0f:d5:55:3f:34:c6:50:e1:c4:d0:73:ba:86:a4:08:13:
82:d5:e9:41:7e:cb:f3:ae:59:b1:63:a7:a1:c5:d9:f3:13:ba:
bc:43:e1:e5:f8:86:0c:31:2e:41:90:a1:7f:b6:af:1a:b7:ef:
ba:52:0e:55:8f:ff:f9:9c:c7:fa:6d:f8:35:1f:a0:dd:90:c0:
87:14:2b:ac:da:52:88:aa:e7:aa:d4:9b:9a:b8:f8:0f:fa:87:
ee:dd:3e:96:e7:71:da:33:b8:00:72:6f:d3:15:f1:0c:8e:9c:
0f:09:a6:f1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA4aqCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2ZDhlMDJiNWExYTc1ODU5ZjY0YTA1YzVhOGQ3N2M4NGM1MGYxMB4XDTIyMDEw
MTEyNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ0YjZjN2RmODdi
MTYzMjVhMzQ2ZjQwNDljMDg0ZDc2NzczNzg0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4QRoCjCP63xB7zBKotagqVyy/SMRPvmMs2KPtsbF6lrfNf
5l9VTJumtvbT4Dzdp28Fxn9vmSvish1Hp2+hSW/yAXGncZ2smAqZ57FTPvDHl4Tr
FYOGaohdT/KM81I/W5w2Pw8e/dJmShmTl0qcCTI4vGe+MEnR5I+KSaM2qvLQFKKW
LzyEH8Xycm4p1eCEHZFF+znekVIx5znkCd8homStmsG62Nr6+sUN+soYbhZukXlc
QtDphuKTcE5y/KoHqpb9cGWleyDEnDvMLhZ1K8+pGXGHbRgh2/tN1vTXvYaF25CU
9jJbHjxnlha1rlgy8NYw4XIgX1TnIiKRrxx3hfECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ0S2x9+HsWMlo0b0BJwITXZ3N4TDAfBgNVHSMEGDAWgBSUFtjgK1oadYWf
ZKBcWo13yExQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCYlk0Q3RhR25XRm4yU2dYRnFOZDhoTVVQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvMDEzYzk5LTdkN2EtNDgyYi1iYjUxLWViNGUxM2JlNTA2YS8x
L05FdHNmZmg3RmpKYU5HOUFTY0NFMTJkemVFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
MDEzYzk5LTdkN2EtNDgyYi1iYjUxLWViNGUxM2JlNTA2YS8xL2xCYlk0Q3RhR25X
Rm4yU2dYRnFOZDhoTVVQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQZkAAATANBgkqhkiG9w0BAQsF
AAOCAQEAabpHOGWGqhXEZ4gmLq+bufc7hgY1BCpL2eLNwUEtJYw7Wybm64QQquZP
dELf94p6IvdHI/Z0yAgKj1Wu6M5XaC9zsLmcT8lnDGrRa0qbKGhpVPFmiJ14t3jT
bgs4CK8dk9k/BSuugpYgngIdJlvHdSP1+0A8qHqxD6vwEGVindWJ9x5VacmkQ3ux
8J6Ekvl8BVQP1VU/NMZQ4cTQc7qGpAgTgtXpQX7L865ZsWOnocXZ8xO6vEPh5fiG
DDEuQZChf7avGrfvulIOVY//+ZzH+m34NR+g3ZDAhxQrrNpSiKrnqtSbmrj4D/qH
7t0+ludx2jO4AHJv0xXxDI6cDwmm8Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:05 2023 by rpki-client on console-fra.rpki-client.org