Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kwV8IiW5E40cFussczvdUFsyJQ.roa
File: 0kwV8IiW5E40cFussczvdUFsyJQ.roa (raw, json)
Hash identifier: lCkprtrY3heFUfOUEOQU0wLaNSjbsiAt2U570LUYGRo=
Subject key identifier: D2:4C:15:F0:88:96:E4:4E:34:70:5B:AC:B1:CC:EF:75:41:6C:C8:94
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10D55418
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kwV8IiW5E40cFussczvdUFsyJQ.roa
Signing time: Sat 01 Jan 2022 09:05:40 +0000
ROA not before: Sat 01 Jan 2022 09:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212034
IP address blocks: 2a0e:b107:3e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282416152 (0x10d55418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d24c15f08896e44e34705bacb1ccef75416cc894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0a:49:b4:e1:d4:03:d8:c2:c2:b2:89:02:fe:
12:ad:d8:ac:d8:db:9c:ae:f4:aa:09:e0:07:15:ef:
7e:43:d7:d8:34:8d:5b:7a:73:85:16:3a:38:d7:36:
b5:87:cf:19:c7:ac:00:dc:74:35:99:ed:0e:4b:54:
55:57:3b:51:76:65:68:59:71:ad:5d:55:26:e6:a4:
f5:48:80:65:fb:48:d7:27:a7:1f:01:8e:6f:b4:18:
c2:ce:91:7a:27:77:3f:b1:d4:a3:68:e4:9f:cb:fd:
a5:23:9b:c6:68:2b:b9:f3:c7:ce:48:06:9c:04:64:
2f:f4:47:1e:85:10:50:de:a7:b0:1b:59:a4:1a:dc:
8a:b3:83:44:18:b7:e9:03:c5:35:b6:b5:b3:ea:ba:
43:df:60:d4:8d:f1:0b:2a:02:97:ff:b0:ba:aa:e2:
07:14:65:b2:ec:42:73:c2:a4:ce:15:b8:9e:f2:8d:
2b:38:62:80:58:58:af:fa:85:8f:52:c4:68:50:38:
b1:2d:7a:54:e6:60:e0:f2:8e:f9:c6:c3:85:47:c3:
8e:0a:8a:59:de:4e:7a:54:b2:b5:84:31:1f:54:f7:
bb:41:a0:17:46:93:c9:78:9a:d0:83:fc:84:19:f0:
7a:b6:e7:8b:29:3d:47:91:df:8c:22:bb:76:15:c1:
95:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4C:15:F0:88:96:E4:4E:34:70:5B:AC:B1:CC:EF:75:41:6C:C8:94
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kwV8IiW5E40cFussczvdUFsyJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
71:50:4b:13:36:a7:f9:bc:2f:f6:80:bf:1e:40:75:84:72:03:
6d:6a:73:23:67:40:65:2c:69:81:f3:57:42:f6:b0:fd:55:93:
b3:5f:3e:9e:96:f4:ca:43:84:23:75:91:5f:25:99:e2:6b:9d:
d7:f4:60:21:e4:04:d1:05:67:9b:83:c2:ab:14:59:7d:90:4a:
34:28:62:2f:1a:51:9d:4b:f7:ea:65:86:00:83:cf:bc:ee:28:
c9:02:19:0b:7a:61:45:5a:7e:1f:f1:ba:fd:44:d7:b3:19:0f:
fd:fa:75:8d:bd:cd:7a:c5:e7:2d:0a:f3:8c:c8:28:a8:77:9a:
ad:37:df:02:21:0f:ca:c6:ac:1d:be:b0:ae:c3:74:c5:48:8a:
c5:bf:12:59:bf:6e:bc:b9:d9:fb:9e:d1:e2:a3:03:4c:5c:3b:
db:53:ea:53:0a:2b:8f:79:05:f7:eb:70:ee:3d:2c:a9:b5:dc:
67:2f:97:7b:ac:47:29:cd:10:28:ab:77:5f:14:b8:72:44:71:
4e:c9:4e:61:bb:51:03:12:62:58:95:13:bc:f7:3d:be:c9:43:
c7:5a:ad:60:62:95:aa:ee:e8:0d:75:4a:1e:4c:3d:a5:96:3f:
0e:4c:83:9d:f2:7a:f5:10:f3:be:0a:ad:44:f2:9a:60:85:0d:
da:0d:f9:1f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEENVUGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI0YzE1ZjA4ODk2
ZTQ0ZTM0NzA1YmFjYjFjY2VmNzU0MTZjYzg5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEKSbTh1APYwsKyiQL+Eq3YrNjbnK70qgngBxXvfkPX2DSN
W3pzhRY6ONc2tYfPGcesANx0NZntDktUVVc7UXZlaFlxrV1VJuak9UiAZftI1yen
HwGOb7QYws6Reid3P7HUo2jkn8v9pSObxmgrufPHzkgGnARkL/RHHoUQUN6nsBtZ
pBrcirODRBi36QPFNba1s+q6Q99g1I3xCyoCl/+wuqriBxRlsuxCc8KkzhW4nvKN
KzhigFhYr/qFj1LEaFA4sS16VOZg4PKO+cbDhUfDjgqKWd5OelSytYQxH1T3u0Gg
F0aTyXia0IP8hBnwerbniyk9R5HfjCK7dhXBlRMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTSTBXwiJbkTjRwW6yxzO91QWzIlDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzBrd1Y4SWlXNUU0MGNGdXNzY3p2ZFVGc3lKUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcD4DANBgkqhkiG9w0BAQsF
AAOCAQEAcVBLEzan+bwv9oC/HkB1hHIDbWpzI2dAZSxpgfNXQvaw/VWTs18+npb0
ykOEI3WRXyWZ4mud1/RgIeQE0QVnm4PCqxRZfZBKNChiLxpRnUv36mWGAIPPvO4o
yQIZC3phRVp+H/G6/UTXsxkP/fp1jb3NesXnLQrzjMgoqHearTffAiEPysasHb6w
rsN0xUiKxb8SWb9uvLnZ+57R4qMDTFw721PqUworj3kF9+tw7j0sqbXcZy+Xe6xH
Kc0QKKt3XxS4ckRxTslOYbtRAxJiWJUTvPc9vslDx1qtYGKVqu7oDXVKHkw9pZY/
DkyDnfJ69RDzvgqtRPKaYIUN2g35Hw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org