Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa
File: 1-J3owwjrS_UAfpSqfvDHMbwMasE.roa (raw, json)
Hash identifier: YD2ZP8SH3TqCGw45+i7c13luTnhVgNUITY9JCwzcLqk=
Subject key identifier: F8:9D:E8:C3:08:EB:4B:F5:00:7E:94:AA:7E:F0:C7:31:BC:0C:6A:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01840D5AFDCF294B71F5F365CBACEC8CB461
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa
Signing time: Tue 25 Oct 2022 04:16:17 +0000
ROA not before: Tue 25 Oct 2022 04:16:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:97c6:4000::/34 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:5a:fd:cf:29:4b:71:f5:f3:65:cb:ac:ec:8c:b4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 25 04:16:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f89de8c308eb4bf5007e94aa7ef0c731bc0c6ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:2c:97:5f:92:40:20:4f:18:c8:43:ab:ba:
cb:6c:e5:48:2d:fa:5c:e5:f7:dd:22:81:f6:49:af:
88:4f:fe:1a:ec:7a:92:9e:d1:50:7e:12:13:27:fe:
4f:c9:87:f6:60:21:a2:73:0f:de:d7:98:2b:94:1a:
04:f8:e9:61:0b:96:44:07:52:0f:0e:77:a6:71:75:
56:d2:e0:6c:ab:c0:e0:70:da:16:9b:33:bb:13:01:
41:df:bf:b0:76:6d:74:72:d2:f1:12:be:2c:8b:b3:
21:7e:1b:bf:85:9a:ba:26:0b:01:95:28:23:2b:42:
d6:e9:b3:94:32:d5:cc:cd:80:e0:e0:85:64:71:88:
bb:33:bc:d0:38:b4:c9:bc:ed:c4:03:a2:bb:76:fd:
98:c2:07:dc:6c:84:34:03:a6:cd:14:55:ca:2f:f0:
3e:b1:e3:40:5a:76:2a:6a:f5:39:a6:1d:b6:58:50:
47:cb:4b:c8:9b:ae:21:d0:ae:04:ee:cc:2d:73:85:
1a:a1:16:1d:48:4f:51:09:34:9e:8f:83:06:3e:c1:
6d:a9:0f:dc:72:a9:7e:d0:50:1e:12:c7:db:bf:21:
f6:80:0b:d4:f9:a7:9b:c9:79:a2:89:5e:f1:0d:26:
65:9a:0d:ec:d7:76:df:d1:72:91:1b:64:cf:cc:b9:
dc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9D:E8:C3:08:EB:4B:F5:00:7E:94:AA:7E:F0:C7:31:BC:0C:6A:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c6:4000::/34
2a10:cc42:1000::/36
Signature Algorithm: sha256WithRSAEncryption
96:3e:d5:5c:5e:f9:bb:04:b7:a1:f6:d0:35:23:d7:76:bb:6f:
25:c9:1a:63:54:87:8d:01:74:55:41:01:69:4d:99:03:12:49:
73:6d:bb:e4:7c:34:cf:09:6a:11:7c:dd:fe:8b:1a:2b:45:66:
86:22:f1:87:98:ee:ad:0a:22:9a:78:e6:82:52:82:00:6f:22:
55:77:f3:ff:d2:ed:1c:3b:3a:6a:38:86:49:ae:e1:4c:5a:39:
2a:23:87:2e:e0:fd:03:1a:3e:70:6e:96:1e:2a:a5:88:95:a8:
ea:a9:82:e8:3f:6c:a6:e6:10:4a:2c:88:ce:75:56:13:04:5f:
0b:e4:b9:cd:4f:5d:64:8d:c1:49:45:31:79:b2:ee:2b:cf:65:
76:5e:1c:e5:5a:4e:79:a7:e2:ba:fa:c6:da:0c:4d:5a:01:c9:
a6:b3:02:07:2d:e7:e9:75:f5:66:8a:e2:d4:a9:6b:ef:57:b3:
40:94:05:4c:ab:5b:20:bb:23:b4:38:57:9c:13:27:32:8c:4d:
61:fd:7b:c2:26:93:24:24:9f:e3:ae:30:0f:ae:45:a0:ae:a0:
c0:73:22:38:68:b5:0d:f9:0a:e6:55:e9:c6:13:53:3b:a1:4d:
de:a9:0b:9f:9b:94:41:ef:a8:85:7c:48:c0:5c:3c:26:8d:01:
63:61:bb:69
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYQNWv3PKUtx9fNly6zsjLRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MDQxNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODlkZThjMzA4ZWI0YmY1MDA3ZTk0YWE3ZWYwYzczMWJjMGM2YWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/0sl1+SQCBPGMhDq7rLbOVILfpc
5ffdIoH2Sa+IT/4a7HqSntFQfhITJ/5PyYf2YCGicw/e15grlBoE+OlhC5ZEB1IP
DnemcXVW0uBsq8DgcNoWmzO7EwFB37+wdm10ctLxEr4si7Mhfhu/hZq6JgsBlSgj
K0LW6bOUMtXMzYDg4IVkcYi7M7zQOLTJvO3EA6K7dv2YwgfcbIQ0A6bNFFXKL/A+
seNAWnYqavU5ph22WFBHy0vIm64h0K4E7swtc4UaoRYdSE9RCTSej4MGPsFtqQ/c
cql+0FAeEsfbvyH2gAvU+aebyXmiiV7xDSZlmg3s13bf0XKRG2TPzLncjQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPid6MMI60v1AH6Uqn7wxzG8DGrBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1KM293d2pyU19VQWZwU3FmdkRITWJ3TWFzRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAIwGAMGAyoOl8EI
AwYGKg6XxkADBgQqEMxCEDANBgkqhkiG9w0BAQsFAAOCAQEAlj7VXF75uwS3ofbQ
NSPXdrtvJckaY1SHjQF0VUEBaU2ZAxJJc2275Hw0zwlqEXzd/osaK0VmhiLxh5ju
rQoimnjmglKCAG8iVXfz/9LtHDs6ajiGSa7hTFo5KiOHLuD9Axo+cG6WHiqliJWo
6qmC6D9spuYQSiyIznVWEwRfC+S5zU9dZI3BSUUxebLuK89ldl4c5VpOeafiuvrG
2gxNWgHJprMCBy3n6XX1Zori1Klr71ezQJQFTKtbILsjtDhXnBMnMoxNYf17wiaT
JCSf464wD65FoK6gwHMiOGi1DfkK5lXpxhNTO6FN3qkLn5uUQe+ohXxIwFw8Jo0B
Y2G7aQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org