Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/65Y4WpUPzl5mVgRONLPL0eHWCnw.roa
File: 65Y4WpUPzl5mVgRONLPL0eHWCnw.roa (raw, json)
Hash identifier: el/yQ5beC5g3SZqRu5D3nNTgtTtEtf5JyIlgamNNJ6k=
Subject key identifier: EB:96:38:5A:95:0F:CE:5E:66:56:04:4E:34:B3:CB:D1:E1:D6:0A:7C
Certificate issuer: /CN=fa4e405359a2131708fc02438d472568e2c03470
Certificate serial: 018534EF366C85CD9A9030EB2D27DDC1CBDB
Authority key identifier: FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/65Y4WpUPzl5mVgRONLPL0eHWCnw.roa
Signing time: Wed 21 Dec 2022 13:46:10 +0000
ROA not before: Wed 21 Dec 2022 13:46:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15404
IP address blocks: 2a10:8802::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:ef:36:6c:85:cd:9a:90:30:eb:2d:27:dd:c1:cb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa4e405359a2131708fc02438d472568e2c03470
Validity
Not Before: Dec 21 13:46:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb96385a950fce5e6656044e34b3cbd1e1d60a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d9:72:f3:ff:4a:2a:d9:3c:0a:8b:62:a0:02:
bf:5e:fe:13:99:9d:6e:b4:53:a6:df:35:eb:c5:f8:
cb:82:67:55:93:69:1b:a3:ed:8a:7b:45:10:30:78:
e6:1c:cd:62:be:25:c1:5e:4d:27:71:d9:7d:2c:4d:
68:37:b4:d2:cb:66:e9:07:c6:1f:d7:65:82:d0:e4:
19:84:a9:5f:9e:e8:49:1b:79:07:5e:a0:dc:40:10:
64:fa:fd:1a:1c:ee:f2:a7:d9:38:d4:98:3f:e1:6b:
c7:69:76:7e:21:98:60:04:f8:20:df:23:5b:82:3c:
c7:5a:22:3b:ff:ee:1c:98:fa:1b:60:39:28:e3:a7:
df:16:59:27:34:76:42:a8:55:03:f1:62:00:3e:fe:
0d:43:3b:4a:c4:82:75:fe:30:47:b3:4e:c9:05:ed:
35:6e:aa:45:b5:4d:f4:fd:97:dd:55:cd:d6:20:1f:
45:82:88:7a:5b:cb:6f:44:88:e2:a1:df:2d:9f:0d:
b4:6c:78:27:cd:f5:02:56:e6:61:00:22:52:2a:d7:
ce:d0:d8:44:82:bb:70:80:9c:20:8b:90:b7:b9:8d:
af:9c:f7:f4:bd:09:95:69:40:fe:1b:69:eb:dd:19:
10:be:f3:ed:3c:6a:6d:6b:b5:9c:8d:58:82:d1:cf:
79:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:96:38:5A:95:0F:CE:5E:66:56:04:4E:34:B3:CB:D1:E1:D6:0A:7C
X509v3 Authority Key Identifier:
keyid:FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/65Y4WpUPzl5mVgRONLPL0eHWCnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/1-k5AU1miExcI_AJDjUclaOLANHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8802::/36
Signature Algorithm: sha256WithRSAEncryption
95:f3:ab:71:67:12:6c:b3:ef:7d:6b:5b:ca:40:49:63:c1:c5:
a5:30:d5:11:7b:4b:33:06:44:9d:35:49:32:28:d7:b0:4c:8a:
8e:6a:d8:d8:98:f2:43:69:2c:9a:36:cf:67:69:3a:bb:3d:9e:
0c:de:f9:d0:c6:60:bd:a6:16:94:cb:24:0f:ef:cd:54:0b:67:
e7:b0:49:3d:9a:f3:c8:30:a2:94:24:c3:43:a0:5d:6c:01:e7:
84:3a:a4:4f:97:9a:60:b0:a5:24:ee:2d:70:ba:5b:b9:47:b1:
8a:3a:11:e7:07:81:20:f2:2b:dd:c3:3e:ce:0b:53:5e:d5:24:
aa:37:ad:76:1a:3b:5e:f6:25:07:7c:79:0c:0f:5b:fe:5c:ee:
b6:d5:50:35:be:ac:d8:88:6d:4a:2e:d3:da:c3:13:5c:a4:24:
5a:1e:9c:74:88:6a:6e:fb:59:25:da:98:1d:01:34:2a:36:9f:
ba:91:0a:8c:91:aa:73:11:d5:1f:d9:bd:67:32:3c:67:e0:c9:
52:28:0b:c1:3e:1b:06:90:05:b3:5b:bd:30:07:32:d8:22:81:
9b:bf:23:ec:22:f0:77:8e:95:f9:41:2d:0f:83:11:10:83:66:
57:78:94:97:4b:ce:08:91:31:65:ce:50:44:6e:5f:ed:16:f3:
8f:8e:7b:81
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYU07zZshc2akDDrLSfdwcvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNGU0MDUzNTlhMjEzMTcwOGZjMDI0MzhkNDcyNTY4ZTJj
MDM0NzAwHhcNMjIxMjIxMTM0NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk2Mzg1YTk1MGZjZTVlNjY1NjA0NGUzNGIzY2JkMWUxZDYwYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidly8/9KKtk8CotioAK/Xv4TmZ1u
tFOm3zXrxfjLgmdVk2kbo+2Ke0UQMHjmHM1iviXBXk0ncdl9LE1oN7TSy2bpB8Yf
12WC0OQZhKlfnuhJG3kHXqDcQBBk+v0aHO7yp9k41Jg/4WvHaXZ+IZhgBPgg3yNb
gjzHWiI7/+4cmPobYDko46ffFlknNHZCqFUD8WIAPv4NQztKxIJ1/jBHs07JBe01
bqpFtU30/ZfdVc3WIB9Fgoh6W8tvRIjiod8tnw20bHgnzfUCVuZhACJSKtfO0NhE
grtwgJwgi5C3uY2vnPf0vQmVaUD+G2nr3RkQvvPtPGpta7WcjViC0c95pwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFOuWOFqVD85eZlYETjSzy9Hh1gp8MB8GA1UdIwQY
MBaAFPpOQFNZohMXCPwCQ41HJWjiwDRwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rNUFVMW1pRXhjSV9BSkRqVWNsYU9MQU5IQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0
LWI4MThmYWVjYjcxNy8xLzY1WTRXcFVQemw1bVZnUk9OTFBMMGVIV0Nudy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0LWI4MThmYWVjYjcx
Ny8xLzEtazVBVTFtaUV4Y0lfQUpEalVjbGFPTEFOSEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqEIgC
ADANBgkqhkiG9w0BAQsFAAOCAQEAlfOrcWcSbLPvfWtbykBJY8HFpTDVEXtLMwZE
nTVJMijXsEyKjmrY2JjyQ2ksmjbPZ2k6uz2eDN750MZgvaYWlMskD+/NVAtn57BJ
PZrzyDCilCTDQ6BdbAHnhDqkT5eaYLClJO4tcLpbuUexijoR5weBIPIr3cM+zgtT
XtUkqjetdho7XvYlB3x5DA9b/lzuttVQNb6s2IhtSi7T2sMTXKQkWh6cdIhqbvtZ
JdqYHQE0KjafupEKjJGqcxHVH9m9ZzI8Z+DJUigLwT4bBpAFs1u9MAcy2CKBm78j
7CLwd46V+UEtD4MREINmV3iUl0vOCJExZc5QRG5f7Rbzj457gQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net