Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-WBg72ZoqrbXgVTwWYSIFeJgrJE.roa
File: 1-WBg72ZoqrbXgVTwWYSIFeJgrJE.roa (raw, json)
Hash identifier: olpVWvwLQEI3ioE83kvjTAWQY75169jpYjKID606UTc=
Subject key identifier: F9:60:60:EF:66:68:AA:B6:D7:81:54:F0:59:84:88:15:E2:60:AC:91
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01846C404DE597A4304041530BECC707FE15
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-WBg72ZoqrbXgVTwWYSIFeJgrJE.roa
Signing time: Sat 12 Nov 2022 14:31:04 +0000
ROA not before: Sat 12 Nov 2022 14:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204750
IP address blocks: 2a0e:97c0:3d5::/48 maxlen: 48
2a0e:97c0:3d0::/44 maxlen: 48
2a0e:97c0:3d0::/48 maxlen: 48
2a0e:97c0:3d3::/48 maxlen: 48
2a0e:97c0:3d6::/48 maxlen: 48
2a0e:97c0:3d1::/48 maxlen: 48
2a0e:97c0:3d9::/48 maxlen: 48
2a0e:97c0:3d4::/48 maxlen: 48
2a0e:97c0:3df::/48 maxlen: 48
2a0e:97c0:3d7::/48 maxlen: 48
2a0e:97c0:3d2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6c:40:4d:e5:97:a4:30:40:41:53:0b:ec:c7:07:fe:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 12 14:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f96060ef6668aab6d78154f059848815e260ac91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8b:a4:c7:c5:0f:4e:02:7c:13:97:af:2b:57:
b2:f7:3a:fc:1e:27:bd:08:0a:b0:48:55:d3:9a:ce:
24:02:e0:c7:ab:c2:14:15:4a:47:8c:97:52:0b:c8:
53:e4:33:1b:8f:da:7e:50:37:ba:f2:b5:a0:f8:89:
da:ef:15:75:70:a3:b4:d9:0f:49:8c:2f:94:d7:b5:
32:82:b4:2b:53:2e:da:dc:f3:68:0c:22:85:91:14:
ee:34:80:fe:cf:a2:3c:7f:9d:b0:18:69:ca:bb:a9:
47:39:0e:f4:13:cd:52:66:8b:b4:f1:a8:76:7c:0d:
02:cb:28:04:8e:ae:f4:1f:e0:cd:48:5f:1b:8c:87:
0e:fe:15:90:78:1a:36:ed:a3:d2:b5:61:50:f3:d5:
60:5b:81:72:64:18:b7:1c:86:a7:c5:4a:99:ca:08:
a1:24:c0:b9:a2:c0:81:c3:18:90:63:8c:86:46:16:
cc:50:6e:55:f7:35:7a:a3:27:ef:6d:64:a7:88:8e:
ce:8d:58:7f:18:4b:2e:27:3b:a4:c4:85:b4:15:c7:
1f:f7:9b:00:b2:9b:33:a9:92:aa:91:d0:b6:ed:49:
f3:38:28:22:71:2f:25:e2:24:22:20:2d:44:ac:85:
c4:dc:6b:13:ba:20:1c:d9:06:85:68:84:65:c7:03:
9a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:60:60:EF:66:68:AA:B6:D7:81:54:F0:59:84:88:15:E2:60:AC:91
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-WBg72ZoqrbXgVTwWYSIFeJgrJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3d0::/44
Signature Algorithm: sha256WithRSAEncryption
5a:da:79:4a:df:27:02:6f:d9:64:f7:be:97:25:4c:8d:36:35:
56:ff:dd:9c:36:fc:af:4c:48:5c:a4:c9:85:a4:d0:b5:56:74:
cf:57:23:c9:5d:02:d8:d9:b5:a7:67:e9:0d:d7:1f:b0:71:19:
73:9f:52:90:c2:27:bf:df:fc:0d:15:0f:cf:5d:3a:c3:4c:1e:
2c:c1:c4:03:24:02:a3:90:23:5c:65:13:3c:6a:c8:58:f5:1a:
0e:12:a6:18:cf:02:ee:49:1f:f6:a3:45:21:24:4a:77:56:b0:
13:af:c8:e8:d3:aa:32:ea:96:11:a0:24:5e:d5:03:25:74:ac:
24:da:5c:28:f3:7c:eb:dd:9d:2a:29:35:a6:39:5b:f3:70:68:
ec:f1:d1:5c:b4:cc:a9:9d:5b:88:16:9d:27:1a:2a:33:fc:8d:
41:50:60:31:8a:4a:bd:b9:0a:f3:aa:e8:f8:6c:60:14:32:38:
52:62:88:f3:14:66:24:b6:67:b7:5b:2e:6c:35:3f:0e:03:57:
de:a0:7b:cf:5f:13:45:95:cd:a5:98:e2:76:9b:7e:9e:72:f3:
4b:dd:4e:6b:8f:43:10:08:49:ba:a4:22:f4:b4:82:d6:2c:d8:
9d:96:24:3a:8c:59:b5:d6:3a:60:eb:37:a4:68:d2:65:d3:96:
5b:a4:a7:d5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYRsQE3ll6QwQEFTC+zHB/4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEyMTQzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYwNjBlZjY2NjhhYWI2ZDc4MTU0ZjA1OTg0ODgxNWUyNjBhYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYukx8UPTgJ8E5evK1ey9zr8Hie9
CAqwSFXTms4kAuDHq8IUFUpHjJdSC8hT5DMbj9p+UDe68rWg+Ina7xV1cKO02Q9J
jC+U17UygrQrUy7a3PNoDCKFkRTuNID+z6I8f52wGGnKu6lHOQ70E81SZou08ah2
fA0CyygEjq70H+DNSF8bjIcO/hWQeBo27aPStWFQ89VgW4FyZBi3HIanxUqZygih
JMC5osCBwxiQY4yGRhbMUG5V9zV6oyfvbWSniI7OjVh/GEsuJzukxIW0Fccf95sA
spszqZKqkdC27UnzOCgicS8l4iQiIC1ErIXE3GsTuiAc2QaFaIRlxwOauwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPlgYO9maKq214FU8FmEiBXiYKyRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1XQmc3MlpvcXJiWGdWVHdXWVNJRmVKZ3JKRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AD
0DANBgkqhkiG9w0BAQsFAAOCAQEAWtp5St8nAm/ZZPe+lyVMjTY1Vv/dnDb8r0xI
XKTJhaTQtVZ0z1cjyV0C2Nm1p2fpDdcfsHEZc59SkMInv9/8DRUPz106w0weLMHE
AyQCo5AjXGUTPGrIWPUaDhKmGM8C7kkf9qNFISRKd1awE6/I6NOqMuqWEaAkXtUD
JXSsJNpcKPN8692dKik1pjlb83Bo7PHRXLTMqZ1biBadJxoqM/yNQVBgMYpKvbkK
86ro+GxgFDI4UmKI8xRmJLZnt1subDU/DgNX3qB7z18TRZXNpZjidpt+nnLzS91O
a49DEAhJuqQi9LSC1izYnZYkOoxZtdY6YOs3pGjSZdOWW6Sn1Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org