Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-aiqMn4_BswhvZGv90xW1g4ce88.roa
File: 1-aiqMn4_BswhvZGv90xW1g4ce88.roa (raw, json)
Hash identifier: nw3ykrQQ0c5EgrNCP/UlMHyU6FsTMqrR+WIbPILsfB4=
Subject key identifier: F9:A8:AA:32:7E:3F:06:CC:21:BD:91:AF:F7:4C:56:D6:0E:1C:7B:CF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184B33827D4364BF2684627C92B1AE4EF0D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-aiqMn4_BswhvZGv90xW1g4ce88.roa
Signing time: Sat 26 Nov 2022 09:15:12 +0000
ROA not before: Sat 26 Nov 2022 09:15:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203888
IP address blocks: 2a0e:b107:1b9f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b3:38:27:d4:36:4b:f2:68:46:27:c9:2b:1a:e4:ef:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 26 09:15:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9a8aa327e3f06cc21bd91aff74c56d60e1c7bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:26:32:fa:c2:e5:17:4d:bc:0b:bb:15:31:
1e:e4:08:ca:e8:1c:3b:7b:e4:88:74:f8:dd:e2:9f:
aa:96:82:ba:4d:4d:ea:ce:ca:87:59:af:b6:2a:36:
75:d4:8f:e8:9a:20:18:21:d5:26:06:de:ad:3f:05:
f7:d9:46:7d:a2:80:a4:88:f7:54:4c:96:28:06:f1:
1f:3b:58:a3:7a:c3:b0:62:20:d0:44:b5:41:8b:88:
a8:4f:ca:39:98:49:c3:0a:2c:c5:00:e8:db:00:62:
43:3b:84:9a:f3:d2:5e:a0:2e:ba:66:b8:15:3a:0a:
ee:17:f4:91:e7:6a:37:94:17:a7:3e:ce:b0:38:64:
5a:fd:8f:0a:f4:1f:96:c1:90:1c:39:f3:fa:a8:b1:
75:bb:42:02:9a:52:12:3f:ab:42:8e:5a:7c:f1:57:
60:8b:25:fb:64:e6:3e:e7:f7:4f:18:89:22:8a:9a:
06:e3:ee:da:47:e3:a6:05:44:77:dc:02:05:d5:87:
1c:a0:26:67:40:d9:11:52:0b:a3:00:7e:e5:51:9a:
b2:2c:ac:49:ac:db:18:90:a7:e4:bc:9f:3d:2a:ac:
8e:a9:43:7f:5f:b1:0d:3d:33:42:b1:c5:0e:f6:31:
06:05:58:33:3d:b7:a7:3e:a0:2e:d5:3f:ed:4c:4f:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A8:AA:32:7E:3F:06:CC:21:BD:91:AF:F7:4C:56:D6:0E:1C:7B:CF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-aiqMn4_BswhvZGv90xW1g4ce88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b9f::/48
Signature Algorithm: sha256WithRSAEncryption
52:7c:b3:bb:bb:d0:d3:8b:51:54:fa:e3:2b:e8:c1:3c:f7:70:
67:cb:b7:f5:4f:ca:aa:a5:6a:40:92:cb:e9:fe:4b:07:c9:ed:
b9:2f:62:a7:57:5f:33:4e:6a:d5:1a:87:93:f9:47:4f:53:88:
3e:00:e4:07:7e:78:b5:4c:2f:d0:e6:2c:3b:7e:88:53:4b:56:
cb:5e:68:32:05:e6:e2:e4:15:7d:01:96:d0:b6:fe:59:de:f2:
21:1c:ce:7a:af:41:f5:cc:ff:f6:bc:b7:fe:42:0f:66:c4:79:
03:fd:27:40:ae:6d:d8:d2:fe:28:61:31:79:a5:68:e2:fb:18:
58:71:a0:1e:3b:fb:c4:25:3c:49:bc:30:c0:76:d1:14:31:c9:
1a:10:9a:9b:d1:11:f5:37:ae:52:63:49:73:8f:9e:6d:66:96:
7a:06:26:1b:1d:ef:39:64:d3:34:58:1b:f0:47:40:e4:89:08:
b6:f0:e1:f7:85:3a:eb:da:6e:26:8b:2c:70:74:4f:9d:6d:3d:
70:43:c8:78:54:5a:eb:e3:14:08:e9:7e:b1:47:02:2c:0d:1f:
04:ff:03:cf:30:35:c5:79:82:5d:b0:ec:2e:43:84:8c:02:9d:
39:86:d8:f4:24:9d:f9:df:47:a6:90:97:1b:21:2b:39:7b:fa:
26:b8:8b:80
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYSzOCfUNkvyaEYnySsa5O8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI2MDkxNTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE4YWEzMjdlM2YwNmNjMjFiZDkxYWZmNzRjNTZkNjBlMWM3YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocYmMvrC5RdNvAu7FTEe5AjK6Bw7
e+SIdPjd4p+qloK6TU3qzsqHWa+2KjZ11I/omiAYIdUmBt6tPwX32UZ9ooCkiPdU
TJYoBvEfO1ijesOwYiDQRLVBi4ioT8o5mEnDCizFAOjbAGJDO4Sa89JeoC66ZrgV
OgruF/SR52o3lBenPs6wOGRa/Y8K9B+WwZAcOfP6qLF1u0ICmlISP6tCjlp88Vdg
iyX7ZOY+5/dPGIkiipoG4+7aR+OmBUR33AIF1YccoCZnQNkRUgujAH7lUZqyLKxJ
rNsYkKfkvJ89KqyOqUN/X7ENPTNCscUO9jEGBVgzPbenPqAu1T/tTE9IaQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPmoqjJ+PwbMIb2Rr/dMVtYOHHvPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1haXFNbjRfQnN3aHZaR3Y5MHhXMWc0Y2U4OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcb
nzANBgkqhkiG9w0BAQsFAAOCAQEAUnyzu7vQ04tRVPrjK+jBPPdwZ8u39U/KqqVq
QJLL6f5LB8ntuS9ip1dfM05q1RqHk/lHT1OIPgDkB354tUwv0OYsO36IU0tWy15o
MgXm4uQVfQGW0Lb+Wd7yIRzOeq9B9cz/9ry3/kIPZsR5A/0nQK5t2NL+KGExeaVo
4vsYWHGgHjv7xCU8SbwwwHbRFDHJGhCam9ER9TeuUmNJc4+ebWaWegYmGx3vOWTT
NFgb8EdA5IkItvDh94U669puJosscHRPnW09cEPIeFRa6+MUCOl+sUcCLA0fBP8D
zzA1xXmCXbDsLkOEjAKdOYbY9CSd+d9HppCXGyErOXv6JriLgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org