Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/53foRvHnE2DK1L063kZClnSvq0s.roa
File: 53foRvHnE2DK1L063kZClnSvq0s.roa (raw, json)
Hash identifier: xnCHDyM8YjYadx4OBpyvnTLXUaOT5ZrcByxknxDx9MQ=
Subject key identifier: E7:77:E8:46:F1:E7:13:60:CA:D4:BD:3A:DE:46:42:96:74:AF:AB:4B
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08B461D7
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/53foRvHnE2DK1L063kZClnSvq0s.roa
Signing time: Sat 01 Jan 2022 14:01:49 +0000
ROA not before: Sat 01 Jan 2022 14:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211480
IP address blocks: 2a0e:8f02:f026::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146039255 (0x8b461d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e777e846f1e71360cad4bd3ade46429674afab4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:80:f6:f3:51:c9:cb:a2:a2:a5:42:f3:4a:
7c:8e:db:1c:e1:17:67:ec:e6:ee:69:16:e8:66:16:
fa:1d:ac:8b:d6:e8:8f:d8:d6:38:e8:c8:fe:99:b2:
70:96:7f:e5:1a:0d:7b:72:2f:5b:40:cc:d9:d0:6a:
51:27:69:5b:57:ce:6a:10:26:af:bd:01:b1:b1:ea:
da:68:e2:3c:c2:52:86:71:15:50:9e:ce:97:9a:cd:
d9:79:3b:15:27:23:2b:9e:4c:96:a1:05:ac:80:b6:
77:34:b3:71:85:00:2a:99:e4:06:89:dc:b6:13:62:
7e:db:3f:2f:b4:9f:f8:ba:e5:65:ed:62:04:a9:59:
0e:39:98:cf:ff:d4:16:c8:81:d3:15:4f:ed:e6:10:
04:09:e2:3a:bd:93:44:17:7c:f7:a2:ed:83:22:59:
41:c5:09:91:aa:4c:4f:7b:2b:2d:d1:e2:72:de:39:
22:92:b3:c5:42:76:45:3c:62:ef:20:49:92:3f:bc:
01:ef:1d:b7:9c:b7:90:60:b3:e7:64:4b:e3:69:14:
9d:77:f7:f2:da:f1:0a:4e:7f:90:ee:a6:1a:94:0a:
8e:82:d1:f5:cc:f4:01:6d:5d:d9:b0:d3:58:0a:34:
78:84:0d:6c:83:fa:95:97:fe:6a:e4:68:c8:53:90:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:77:E8:46:F1:E7:13:60:CA:D4:BD:3A:DE:46:42:96:74:AF:AB:4B
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/53foRvHnE2DK1L063kZClnSvq0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f026::/48
Signature Algorithm: sha256WithRSAEncryption
4c:61:30:a4:ca:3c:e4:5b:d9:1b:bf:64:04:4f:d3:98:87:32:
00:9c:f6:f5:4f:38:23:de:cf:95:cb:88:af:ce:94:93:12:1b:
dc:8c:c8:57:56:2e:14:a0:be:31:da:d2:d6:6f:33:55:66:93:
82:1b:d9:80:e4:cb:54:d4:af:f1:58:5c:e7:ef:71:a1:51:4b:
cb:39:d2:65:c5:70:a6:2f:de:3f:dd:54:81:38:ea:73:29:cb:
27:e7:db:04:77:21:51:3a:66:3b:f1:70:5c:e3:3b:c4:91:ec:
8f:33:64:70:33:88:dc:ab:b0:19:1b:1b:6f:f2:2f:90:c6:14:
54:ef:72:51:0d:2f:1c:72:4d:27:a0:08:4f:a8:bf:fc:01:2f:
e0:60:0c:c3:a0:de:97:df:d9:a9:88:26:fe:a3:d5:9b:42:b2:
ba:2b:83:40:f9:f0:49:81:cc:ba:5f:02:5e:78:a1:79:13:45:
6a:98:6b:9e:29:d2:77:10:72:6e:42:ef:52:7c:67:b3:32:1d:
bc:87:3f:6b:fa:e7:ee:78:8f:31:81:10:f5:18:4f:5c:60:01:
0d:74:07:56:5b:18:f3:d7:90:1b:47:f0:07:5f:5b:09:91:b7:
74:4b:21:73:4f:5d:31:1d:9d:ef:7d:db:86:c8:2d:33:11:28:
df:05:eb:65
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECLRh1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3N2U4NDZmMWU3
MTM2MGNhZDRiZDNhZGU0NjQyOTY3NGFmYWI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3egPbzUcnLoqKlQvNKfI7bHOEXZ+zm7mkW6GYW+h2si9bo
j9jWOOjI/pmycJZ/5RoNe3IvW0DM2dBqUSdpW1fOahAmr70BsbHq2mjiPMJShnEV
UJ7Ol5rN2Xk7FScjK55MlqEFrIC2dzSzcYUAKpnkBoncthNifts/L7Sf+LrlZe1i
BKlZDjmYz//UFsiB0xVP7eYQBAniOr2TRBd896LtgyJZQcUJkapMT3srLdHict45
IpKzxUJ2RTxi7yBJkj+8Ae8dt5y3kGCz52RL42kUnXf38trxCk5/kO6mGpQKjoLR
9cz0AW1d2bDTWAo0eIQNbIP6lZf+auRoyFOQ90ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTnd+hG8ecTYMrUvTreRkKWdK+rSzAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzUzZm9SdkhuRTJESzFMMDYza1pDbG5TdnEwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwJjANBgkqhkiG9w0BAQsF
AAOCAQEATGEwpMo85FvZG79kBE/TmIcyAJz29U84I97PlcuIr86UkxIb3IzIV1Yu
FKC+MdrS1m8zVWaTghvZgOTLVNSv8Vhc5+9xoVFLyznSZcVwpi/eP91UgTjqcynL
J+fbBHchUTpmO/FwXOM7xJHsjzNkcDOI3KuwGRsbb/IvkMYUVO9yUQ0vHHJNJ6AI
T6i//AEv4GAMw6Del9/ZqYgm/qPVm0KyuiuDQPnwSYHMul8CXniheRNFaphrninS
dxBybkLvUnxnszIdvIc/a/rn7niPMYEQ9RhPXGABDXQHVlsY89eQG0fwB19bCZG3
dEshc09dMR2d733bhsgtMxEo3wXrZQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org