Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fohVg6sbClvQfgh1MX9bM4RO89k.roa
File: fohVg6sbClvQfgh1MX9bM4RO89k.roa (raw, json)
Hash identifier: WemHUbztAGL8KK5zZpMH1vU3RSbjKfzrNsiiaGoc3i4=
Subject key identifier: 7E:88:55:83:AB:1B:0A:5B:D0:7E:08:75:31:7F:5B:33:84:4E:F3:D9
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 34EB8A5F
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fohVg6sbClvQfgh1MX9bM4RO89k.roa
Signing time: Thu 31 Mar 2022 12:32:59 +0000
ROA not before: Thu 31 Mar 2022 12:32:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a10:eec0:800::/37 maxlen: 128
2a10:eec0:8000::/33 maxlen: 128
2a10:eec0:2000::/35 maxlen: 128
2a10:eec0:1000::/36 maxlen: 128
2a10:eec0:400::/38 maxlen: 128
2a10:eec0:40::/42 maxlen: 128
2a10:eec0:200::/39 maxlen: 128
2a10:eec0:4000::/34 maxlen: 128
2a10:eec0:100::/40 maxlen: 128
2a10:eec0:80::/41 maxlen: 128
2a10:eec0:e::/47 maxlen: 128
2a10:eec0:20::/43 maxlen: 128
2a10:eec0:d::/48 maxlen: 128
2a10:eec0:10::/44 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887851615 (0x34eb8a5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 31 12:32:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e885583ab1b0a5bd07e0875317f5b33844ef3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:ee:5c:42:55:61:df:a5:e2:e6:22:03:9c:
a4:0c:2f:10:15:3c:58:89:ff:e5:2a:ca:ed:bf:f3:
68:fd:b3:49:67:b6:0c:4d:09:03:ec:98:c4:0c:0f:
d1:c9:6b:35:b8:70:1f:1e:4b:5a:e3:28:f9:57:2f:
a7:70:26:90:9a:f8:fd:43:55:b6:2c:ec:5d:b2:78:
6b:bd:42:ca:f6:1e:46:35:bb:94:11:53:eb:5d:12:
e7:ca:7f:59:fc:b7:75:cf:ab:e2:25:44:d6:48:91:
bc:79:62:de:a0:04:2d:b5:c5:de:15:09:2c:3b:59:
ef:40:8f:e8:73:55:0b:4e:61:83:d8:47:41:2e:dc:
1c:b1:0d:9d:a0:15:ea:ce:82:94:c0:59:ec:9f:e2:
0b:ce:9e:85:50:00:24:c0:e6:47:f5:81:50:ee:90:
2c:e1:01:4c:a6:be:d4:01:28:09:fa:30:75:d1:89:
3c:47:22:f2:8c:76:8c:17:22:85:9d:7c:e3:40:81:
6f:74:bb:3c:8c:cb:70:cd:8f:2f:11:a2:28:d6:bf:
bf:b7:0a:f9:71:74:20:08:6f:2b:2b:97:ed:30:1c:
47:15:03:73:79:31:77:ed:86:a2:95:ad:04:d8:1b:
b6:bb:a0:d0:19:d9:35:a8:05:7e:2d:0a:74:79:c3:
10:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:88:55:83:AB:1B:0A:5B:D0:7E:08:75:31:7F:5B:33:84:4E:F3:D9
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fohVg6sbClvQfgh1MX9bM4RO89k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:eec0:d::-2a10:eec0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:2d:da:7d:68:4b:84:34:e0:74:fe:21:b4:52:ba:63:cd:97:
36:7d:93:7d:f5:94:bd:2a:ae:dd:de:55:74:d7:9c:a0:cc:3e:
de:4c:44:42:0f:b6:74:3b:12:a8:b8:c4:be:b7:d5:73:f6:b3:
b2:51:db:5b:96:d5:0d:3b:cb:50:d2:1a:fa:89:6c:b8:10:56:
cb:01:66:60:b7:29:b2:57:28:bb:fc:aa:5e:13:ce:c6:b9:05:
89:55:e3:d6:3d:81:57:d1:65:c0:4f:86:02:6b:6a:9a:01:b7:
2b:64:9e:51:7d:3a:89:4b:4b:8f:7c:63:e0:af:8a:db:e9:88:
87:1b:96:52:07:c5:05:fe:ef:15:5b:e5:2b:c0:a3:e2:43:60:
19:28:ce:a0:6e:5c:e6:da:ca:b4:20:5d:7b:e8:0d:d9:38:73:
f0:86:c6:d5:2f:f9:f4:ee:ae:01:35:d3:86:a4:34:82:3e:7b:
81:17:63:cf:76:a7:07:08:ff:18:ae:03:98:28:02:01:22:21:
58:73:73:15:b3:a3:4f:55:b0:a1:ce:54:84:96:dd:2a:63:fa:
92:04:54:d1:30:88:3e:0a:3f:a4:80:32:0b:94:e6:ca:61:20:
c6:be:34:3d:be:34:0a:09:79:f2:1f:5c:77:f2:50:e6:32:32:
a3:2b:04:05
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENOuKXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDM4MGI5YjhjMDcwNDU3ZWQ1NGJjNDVkMTJkZGRkMjQ0ZTA2ZDUyMB4XDTIyMDMz
MTEyMzI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U4ODU1ODNhYjFi
MGE1YmQwN2UwODc1MzE3ZjViMzM4NDRlZjNkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyM7lxCVWHfpeLmIgOcpAwvEBU8WIn/5SrK7b/zaP2zSWe2
DE0JA+yYxAwP0clrNbhwHx5LWuMo+Vcvp3AmkJr4/UNVtizsXbJ4a71CyvYeRjW7
lBFT610S58p/Wfy3dc+r4iVE1kiRvHli3qAELbXF3hUJLDtZ70CP6HNVC05hg9hH
QS7cHLENnaAV6s6ClMBZ7J/iC86ehVAAJMDmR/WBUO6QLOEBTKa+1AEoCfowddGJ
PEci8ox2jBcihZ1840CBb3S7PIzLcM2PLxGiKNa/v7cK+XF0IAhvKyuX7TAcRxUD
c3kxd+2GopWtBNgbtrug0BnZNagFfi0KdHnDEMMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR+iFWDqxsKW9B+CHUxf1szhE7z2TAfBgNVHSMEGDAWgBS0OAubjAcEV+1U
vEXRLd3SROBtUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3REZ0xtNHdIQkZmdFZMeEYwUzNkMGtUZ2JWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYmM5MmU2LWM4ZWUtNDhmMC1hZTdmLTM2Y2NiNWEwNjE5NS8x
L2ZvaFZnNnNiQ2x2UWZnaDFNWDliTTRSTzg5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YmM5MmU2LWM4ZWUtNDhmMC1hZTdmLTM2Y2NiNWEwNjE5NS8xL3REZ0xtNHdIQkZm
dFZMeEYwUzNkMGtUZ2JWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEjAQAwcAKhDuwAANAwUAKhDuwDANBgkq
hkiG9w0BAQsFAAOCAQEAny3afWhLhDTgdP4htFK6Y82XNn2TffWUvSqu3d5VdNec
oMw+3kxEQg+2dDsSqLjEvrfVc/azslHbW5bVDTvLUNIa+olsuBBWywFmYLcpslco
u/yqXhPOxrkFiVXj1j2BV9FlwE+GAmtqmgG3K2SeUX06iUtLj3xj4K+K2+mIhxuW
UgfFBf7vFVvlK8Cj4kNgGSjOoG5c5trKtCBde+gN2Thz8IbG1S/59O6uATXThqQ0
gj57gRdjz3anBwj/GK4DmCgCASIhWHNzFbOjT1Wwoc5UhJbdKmP6kgRU0TCIPgo/
pIAyC5TmymEgxr40Pb40Cgl58h9cd/JQ5jIyoysEBQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:38 2023 by rpki-client on console-ams.rpki-client.org