Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/54hbv1_7dr_egWbXIy-4Yp4KwLY.roa
File: 54hbv1_7dr_egWbXIy-4Yp4KwLY.roa (raw, json)
Hash identifier: QYypFpzrKwwrym532BejIBoY6VX5jab/eor26mPNTIo=
Subject key identifier: E7:88:5B:BF:5F:FB:76:BF:DE:81:66:D7:23:2F:B8:62:9E:0A:C0:B6
Certificate issuer: /CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Certificate serial: 01852B2E34BB7FBAE25500CC1B1AA4883EBD
Authority key identifier: 4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/54hbv1_7dr_egWbXIy-4Yp4KwLY.roa
Signing time: Mon 19 Dec 2022 16:18:46 +0000
ROA not before: Mon 19 Dec 2022 16:18:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210579
IP address blocks: 2a13:46c1:200::/48 maxlen: 48
2a13:46c1:100::/48 maxlen: 48
2a13:46c0::/32 maxlen: 48
2a13:46c1::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:2e:34:bb:7f:ba:e2:55:00:cc:1b:1a:a4:88:3e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Validity
Not Before: Dec 19 16:18:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7885bbf5ffb76bfde8166d7232fb8629e0ac0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:08:69:69:77:e1:95:4f:c1:59:14:c4:d3:
c4:37:ed:7b:77:e7:7e:6a:c8:9f:4f:bf:2f:4d:e4:
2f:de:dd:5d:97:2b:79:6c:68:2f:b2:be:f9:1d:73:
4c:3c:3d:d4:08:5b:84:47:f7:3a:f0:9a:84:da:48:
ac:c7:84:da:e4:2d:22:31:cf:92:96:00:00:7a:42:
38:96:16:54:63:5d:c5:f3:75:2a:47:03:e6:17:c0:
55:de:2b:5c:34:75:76:8c:33:74:45:e7:4b:2f:4a:
76:6d:33:5a:23:ea:a9:be:de:aa:2b:57:76:c7:7a:
7f:7f:31:8e:e2:c3:40:ed:19:58:59:b3:e6:47:5b:
1f:98:e0:3c:67:6f:47:26:77:6b:96:9a:da:35:61:
57:6e:ef:d4:32:87:67:3c:c5:60:a1:53:85:a6:1d:
c4:c8:0b:94:ed:94:9f:6a:a2:9f:d0:a2:2f:b4:84:
28:bc:94:5d:a4:8d:8e:a1:ec:56:22:0d:d7:28:2a:
53:54:b0:4c:69:66:2c:65:81:4b:78:51:98:c2:70:
4a:b9:75:ec:ea:51:0e:2c:1f:e8:06:c0:04:36:3a:
9a:cf:20:f3:92:fd:6a:23:09:88:2a:00:80:dc:9f:
b2:8d:2d:8e:4d:50:2b:ba:8c:3e:7b:7d:e6:2e:58:
4b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:88:5B:BF:5F:FB:76:BF:DE:81:66:D7:23:2F:B8:62:9E:0A:C0:B6
X509v3 Authority Key Identifier:
keyid:4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/54hbv1_7dr_egWbXIy-4Yp4KwLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/TIl_GjSX674nueLw1vPq4rvmiyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:46c0::/31
Signature Algorithm: sha256WithRSAEncryption
90:5f:c4:c4:ad:e1:3a:e5:8f:85:28:e2:da:69:8f:74:b3:b7:
ef:29:93:cf:40:5f:8c:02:b5:ce:0c:92:ed:38:96:96:85:5b:
b4:16:e5:97:2b:e1:40:fa:32:b7:49:be:11:10:f1:6a:5e:0b:
66:cd:f8:4f:34:52:e3:c0:c9:50:b3:7a:ff:4a:ed:1c:5a:b6:
ab:3a:61:42:b9:dd:87:8e:42:d6:fc:12:d4:09:b7:2b:07:56:
bf:d8:82:f8:64:7a:22:e9:c1:86:0c:46:9e:44:b1:61:c0:d5:
e8:66:4f:a8:84:72:33:8d:7f:f5:f8:1f:62:f8:08:f3:a7:6c:
4b:9b:22:1e:af:5e:76:37:87:96:88:d5:40:ac:55:a4:c1:cd:
3a:98:93:78:c7:39:2b:98:0c:19:a8:78:17:31:88:33:f8:a2:
1b:b9:fb:e5:a7:66:d1:32:b4:09:fd:88:b8:61:d3:19:8f:a9:
49:87:a2:25:4f:2d:bf:d5:7a:92:ba:06:59:b2:d8:e6:74:0d:
90:b0:09:b3:86:03:ce:ae:83:ae:4b:19:09:f7:03:f1:1f:72:
33:0b:7c:d0:66:2f:6f:42:91:26:ad:b2:de:6a:20:07:18:cc:
59:09:9f:1b:6d:88:01:97:bf:dc:19:21:3c:7a:60:fd:48:03:
06:4d:f2:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUrLjS7f7riVQDMGxqkiD69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODk3ZjFhMzQ5N2ViYmUyN2I5ZTJmMGQ2ZjNlYWUyYmJl
NjhiMjcwHhcNMjIxMjE5MTYxODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzg4NWJiZjVmZmI3NmJmZGU4MTY2ZDcyMzJmYjg2MjllMGFjMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd4IaWl34ZVPwVkUxNPEN+17d+d+
asifT78vTeQv3t1dlyt5bGgvsr75HXNMPD3UCFuER/c68JqE2kisx4Ta5C0iMc+S
lgAAekI4lhZUY13F83UqRwPmF8BV3itcNHV2jDN0RedLL0p2bTNaI+qpvt6qK1d2
x3p/fzGO4sNA7RlYWbPmR1sfmOA8Z29HJndrlpraNWFXbu/UModnPMVgoVOFph3E
yAuU7ZSfaqKf0KIvtIQovJRdpI2OoexWIg3XKCpTVLBMaWYsZYFLeFGYwnBKuXXs
6lEOLB/oBsAENjqazyDzkv1qIwmIKgCA3J+yjS2OTVAruow+e33mLlhLKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOeIW79f+3a/3oFm1yMvuGKeCsC2MB8GA1UdIwQY
MBaAFEyJfxo0l+u+J7ni8Nbz6uK75osnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEt
YTc5ZGExYTg1NTEzLzEvNTRoYnYxXzdkcl9lZ1diWEl5LTRZcDRLd0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEtYTc5ZGExYTg1NTEz
LzEvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhNGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkF/ExK3hOuWPhSji2mmPdLO37ymTz0BfjAK1zgyS
7TiWloVbtBbllyvhQPoyt0m+ERDxal4LZs34TzRS48DJULN6/0rtHFq2qzphQrnd
h45C1vwS1Am3KwdWv9iC+GR6IunBhgxGnkSxYcDV6GZPqIRyM41/9fgfYvgI86ds
S5siHq9edjeHlojVQKxVpMHNOpiTeMc5K5gMGah4FzGIM/iiG7n75adm0TK0Cf2I
uGHTGY+pSYeiJU8tv9V6kroGWbLY5nQNkLAJs4YDzq6DrksZCfcD8R9yMwt80GYv
b0KRJq2y3mogBxjMWQmfG22IAZe/3BkhPHpg/UgDBk3y/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:39 2024 by rpki-client on console-fra.rpki-client.org