Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0WWGeGdOgEvuQwBi86OnIPGvqyA.roa
File: 0WWGeGdOgEvuQwBi86OnIPGvqyA.roa (raw, json)
Hash identifier: qDnK0k5/j357qgjEVLA8RkTQQEk9zFrDmXFssxKfQ/g=
Subject key identifier: D1:65:86:78:67:4E:80:4B:EE:43:00:62:F3:A3:A7:20:F1:AF:AB:20
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10B0A381
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0WWGeGdOgEvuQwBi86OnIPGvqyA.roa
Signing time: Sat 01 Jan 2022 09:05:18 +0000
ROA not before: Sat 01 Jan 2022 09:05:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210661
IP address blocks: 2a0e:97c0:570::/44 maxlen: 48
2a10:cc47:2000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280011649 (0x10b0a381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1658678674e804bee430062f3a3a720f1afab20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e2:53:e3:e1:b4:6d:5c:43:b2:02:f7:43:4d:
0f:f7:6e:46:fa:36:61:3a:48:22:f3:54:6e:85:87:
9c:9c:e9:49:55:7e:4c:60:60:f4:81:24:f3:25:75:
d6:34:8c:31:e8:90:bb:b7:c7:d6:8f:ec:e4:a3:a9:
3f:28:c0:79:d5:41:59:85:24:68:c3:9a:91:0f:cb:
47:8d:40:3c:c9:97:16:fb:47:30:ea:42:04:1e:0f:
18:8c:ea:04:3c:ed:85:0e:d7:4a:23:b8:34:24:6a:
fa:6c:ea:17:81:3b:e7:47:45:3e:3e:8d:40:d3:b5:
4e:54:6d:65:39:13:98:22:e9:e5:38:e9:d7:cd:d5:
17:89:41:f7:01:c9:e0:5c:ac:0c:40:3a:90:6b:3c:
8d:80:a0:aa:2f:47:0d:94:f2:c2:12:c0:03:35:25:
86:8d:fd:cc:56:36:ed:c8:b1:4e:71:b5:63:b8:0b:
17:f3:0f:38:94:be:73:53:60:54:21:02:0b:f7:45:
92:20:18:b7:7e:49:bc:d8:3b:12:4a:4a:ba:cb:fb:
3a:22:7a:aa:c0:1f:2b:68:a3:db:b4:f5:4c:dd:71:
5f:4e:ed:8d:90:82:31:c4:12:93:38:98:db:a6:b7:
80:6e:09:aa:06:11:1b:e6:f6:2a:f1:50:cb:35:f4:
63:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:65:86:78:67:4E:80:4B:EE:43:00:62:F3:A3:A7:20:F1:AF:AB:20
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0WWGeGdOgEvuQwBi86OnIPGvqyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:570::/44
2a10:cc47:2000::/36
Signature Algorithm: sha256WithRSAEncryption
a7:f8:1e:22:8a:23:dd:02:24:57:80:29:59:b1:18:14:a2:0f:
64:e4:6a:28:38:14:9a:79:be:8b:bb:c6:59:4e:2c:50:77:29:
87:24:09:02:af:f4:51:4f:c4:ef:f5:a1:6e:93:46:f6:d3:7c:
84:fb:e9:0e:4b:ed:46:03:be:a6:36:3e:1c:81:72:d0:33:fa:
fb:0d:13:a4:d7:6e:12:8c:fd:24:64:58:0a:0b:c8:5f:ac:51:
dc:46:9c:9e:51:85:77:ef:5a:1b:b3:ec:c9:fb:6f:7c:72:f2:
bf:34:f4:83:f7:bc:4c:a2:d0:88:17:d3:f8:b8:d3:bf:6f:d0:
9a:b8:45:c5:ec:86:22:22:92:94:52:ec:d8:20:e7:00:a4:43:
7f:f0:3d:3c:15:78:ba:58:d2:19:7d:5b:f2:67:db:0d:cb:98:
20:b9:02:73:70:ff:19:7a:a3:00:80:19:d7:4d:f1:c3:3d:27:
3a:e0:99:ce:93:a6:f8:4f:ee:61:88:c4:c1:89:01:1f:29:32:
06:a4:e0:20:cc:19:1f:7c:d8:2f:1d:8c:e7:62:8b:79:65:1a:
87:ca:e2:0a:a6:32:23:10:94:d1:63:c8:2f:19:0a:6a:8e:6f:
87:ab:08:c4:d8:ec:26:dd:f8:5d:59:65:1e:10:2a:cf:9d:ea:
80:47:52:5e
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEELCjgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE2NTg2Nzg2NzRl
ODA0YmVlNDMwMDYyZjNhM2E3MjBmMWFmYWIyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTiU+PhtG1cQ7IC90NND/duRvo2YTpIIvNUboWHnJzpSVV+
TGBg9IEk8yV11jSMMeiQu7fH1o/s5KOpPyjAedVBWYUkaMOakQ/LR41APMmXFvtH
MOpCBB4PGIzqBDzthQ7XSiO4NCRq+mzqF4E750dFPj6NQNO1TlRtZTkTmCLp5Tjp
183VF4lB9wHJ4FysDEA6kGs8jYCgqi9HDZTywhLAAzUlho39zFY27cixTnG1Y7gL
F/MPOJS+c1NgVCECC/dFkiAYt35JvNg7EkpKusv7OiJ6qsAfK2ij27T1TN1xX07t
jZCCMcQSkziY26a3gG4JqgYRG+b2KvFQyzX0YxkCAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBTRZYZ4Z06AS+5DAGLzo6cg8a+rIDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzBXV0dlR2RPZ0V2dVF3Qmk4Nk9uSVBHdnF5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBCoOl8AFcAMGBCoQzEcgMA0GCSqG
SIb3DQEBCwUAA4IBAQCn+B4iiiPdAiRXgClZsRgUog9k5GooOBSaeb6Lu8ZZTixQ
dymHJAkCr/RRT8Tv9aFuk0b203yE++kOS+1GA76mNj4cgXLQM/r7DROk124SjP0k
ZFgKC8hfrFHcRpyeUYV371obs+zJ+298cvK/NPSD97xMotCIF9P4uNO/b9CauEXF
7IYiIpKUUuzYIOcApEN/8D08FXi6WNIZfVvyZ9sNy5gguQJzcP8ZeqMAgBnXTfHD
PSc64JnOk6b4T+5hiMTBiQEfKTIGpOAgzBkffNgvHYznYot5ZRqHyuIKpjIjEJTR
Y8gvGQpqjm+HqwjE2Owm3fhdWWUeECrPneqAR1Je
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:53 2023 by rpki-client on console-ams.rpki-client.org