Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-djWUA7CFG-toszbvMJM4sWgBwI.roa
File: 1-djWUA7CFG-toszbvMJM4sWgBwI.roa (raw, json)
Hash identifier: 5a9QxHmIezD6j66vyPAl/dq5Lp3BBXz5TKo0zVkQeTI=
Subject key identifier: F9:D8:D6:50:0E:C2:14:6F:AD:A2:CC:DB:BC:C2:4C:E2:C5:A0:07:02
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 112462A8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-djWUA7CFG-toszbvMJM4sWgBwI.roa
Signing time: Thu 06 Jan 2022 11:16:41 +0000
ROA not before: Thu 06 Jan 2022 11:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211350
IP address blocks: 2a0e:97c0:1c8::/48 maxlen: 48
2a0e:97c0:1c0::/45 maxlen: 48
2a0e:b107:1408::/45 maxlen: 48
2a0e:b107:1668::/45 maxlen: 48
2a0e:b107:1660::/45 maxlen: 48
2a0e:b107:1670::/45 maxlen: 48
2a0e:b107:1400::/45 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287597224 (0x112462a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 6 11:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9d8d6500ec2146fada2ccdbbcc24ce2c5a00702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:35:bd:44:7e:ba:22:ea:67:b6:a9:aa:c8:36:
7d:89:87:3f:f4:89:ad:95:41:ea:51:45:2e:0c:d9:
7a:5f:1f:4e:06:4a:44:6a:f7:e1:11:74:34:d5:6b:
17:49:ae:ad:f4:db:a7:30:47:8f:b1:b6:56:8c:1d:
75:20:11:df:a4:81:b1:3b:8e:5f:bc:56:31:10:ba:
0a:27:34:95:47:6f:79:27:92:4b:80:a6:60:1b:63:
81:64:af:9d:0e:af:5f:f9:a6:10:14:22:15:f0:f8:
5b:9f:53:dc:c6:63:f0:6e:a1:0c:ff:cf:c6:80:a5:
60:9d:be:41:27:40:08:08:bd:e3:9c:27:24:2d:13:
66:89:f6:93:a1:64:f3:4f:39:f1:b1:94:8d:7d:4e:
6e:3e:ee:66:4f:16:5f:1b:f2:16:b1:6a:ed:38:fe:
74:e9:ec:b2:fe:a1:0c:49:c2:9d:e8:f1:bb:d9:b0:
18:ce:40:95:62:05:79:24:38:b3:bd:7d:d6:43:4a:
02:0e:98:c3:a5:56:41:a0:f6:8d:ec:b6:d2:a6:a6:
29:7b:e2:77:39:1b:ff:2e:86:77:a8:97:a1:a6:0e:
6b:35:d3:99:aa:cc:5b:96:c8:4e:d0:69:20:41:2e:
0e:6b:bf:90:fe:97:e7:6b:0a:35:66:8b:82:9e:c6:
79:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D8:D6:50:0E:C2:14:6F:AD:A2:CC:DB:BC:C2:4C:E2:C5:A0:07:02
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-djWUA7CFG-toszbvMJM4sWgBwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1c0::-2a0e:97c0:1c8:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1400::/44
2a0e:b107:1660::-2a0e:b107:1677:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:55:75:51:63:7a:ea:98:e2:c4:37:09:89:16:dd:cd:e0:aa:
af:e2:89:03:43:bf:d9:14:21:ba:ad:6b:b2:26:40:30:88:f7:
b6:88:12:02:4d:dc:02:92:69:b5:33:36:28:ea:8d:56:15:43:
37:4e:be:1b:12:c8:3a:ef:0d:d7:0d:52:48:2b:3f:51:e0:8f:
ef:72:88:49:e4:4e:e3:7f:2b:36:9f:01:e4:b9:cb:0c:b1:dc:
c8:f9:bc:ee:e4:0e:ac:f3:35:10:1d:e1:65:28:04:37:9f:a8:
99:9c:64:da:03:5c:8e:64:ce:be:de:f6:2a:4f:55:f6:c1:53:
e1:7b:13:21:0d:3d:a9:85:43:f3:b1:15:75:6c:79:de:9b:6c:
0f:ca:95:49:14:69:9d:a5:4a:cc:b1:bb:cd:21:17:b6:73:50:
37:9a:f9:0d:dc:8b:65:81:dc:d3:c8:03:4d:45:ca:5f:20:44:
d6:5c:82:6a:80:f5:33:6a:96:b5:f8:eb:fe:f2:2c:ad:0f:44:
b7:b6:3b:6c:1c:56:78:06:bc:28:02:99:4e:95:4a:c1:25:73:
d1:aa:2f:26:8c:4e:b3:22:0d:47:4e:1f:e2:5a:04:0d:26:a2:
6d:0f:4c:4c:78:32:54:17:24:e0:24:0e:26:73:09:ef:36:45:
0f:1a:8a:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEESRiqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
NjExMTY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlkOGQ2NTAwZWMy
MTQ2ZmFkYTJjY2RiYmNjMjRjZTJjNWEwMDcwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMo1vUR+uiLqZ7apqsg2fYmHP/SJrZVB6lFFLgzZel8fTgZK
RGr34RF0NNVrF0murfTbpzBHj7G2VowddSAR36SBsTuOX7xWMRC6Cic0lUdveSeS
S4CmYBtjgWSvnQ6vX/mmEBQiFfD4W59T3MZj8G6hDP/PxoClYJ2+QSdACAi945wn
JC0TZon2k6Fk80858bGUjX1Obj7uZk8WXxvyFrFq7Tj+dOnssv6hDEnCnejxu9mw
GM5AlWIFeSQ4s7191kNKAg6Yw6VWQaD2jey20qamKXvidzkb/y6Gd6iXoaYOazXT
marMW5bITtBpIEEuDmu/kP6X52sKNWaLgp7GeWUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBT52NZQDsIUb62izNu8wkzixaAHAjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzEtZGpXVUE3Q0ZHLXRvc3pidk1KTTRzV2dCd0kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUx
LzQ5NTdhNC1jZTU5LTQzMTUtOTk3Ni1kYzVlYzc0OGY2YTUvMS9ZLWtXY1hxeEhN
enhIdkg3WEJMdVFaVVByWnMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
SgYIKwYBBQUHAQcBAf8EOzA5MDcEAgACMDEwEgMHBioOl8ABwAMHACoOl8AByAMH
BCoOsQcUADASAwcFKg6xBxZgAwcDKg6xBxZwMA0GCSqGSIb3DQEBCwUAA4IBAQAm
VXVRY3rqmOLENwmJFt3N4Kqv4okDQ7/ZFCG6rWuyJkAwiPe2iBICTdwCkmm1MzYo
6o1WFUM3Tr4bEsg67w3XDVJIKz9R4I/vcohJ5E7jfys2nwHkucsMsdzI+bzu5A6s
8zUQHeFlKAQ3n6iZnGTaA1yOZM6+3vYqT1X2wVPhexMhDT2phUPzsRV1bHnem2wP
ypVJFGmdpUrMsbvNIRe2c1A3mvkN3ItlgdzTyANNRcpfIETWXIJqgPUzapa1+Ov+
8iytD0S3tjtsHFZ4BrwoAplOlUrBJXPRqi8mjE6zIg1HTh/iWgQNJqJtD0xMeDJU
FyTgJA4mcwnvNkUPGorJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org