Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-gxUP5P8JqdAVb9GUN-gLtlOLBU.roa
File: 1-gxUP5P8JqdAVb9GUN-gLtlOLBU.roa (raw, json)
Hash identifier: Oa+A5a+XnYf4jLsFirV2vSGSDMLpkCB4oRpbEpita2s=
Subject key identifier: FA:0C:54:3F:93:FC:26:A7:40:55:BF:46:50:DF:A0:2E:D9:4E:2C:15
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183044AFA4FFB631D7030B272C36A73F474
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-gxUP5P8JqdAVb9GUN-gLtlOLBU.roa
Signing time: Sat 03 Sep 2022 16:59:26 +0000
ROA not before: Sat 03 Sep 2022 16:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210542
IP address blocks: 2a0e:97c0:332::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:04:4a:fa:4f:fb:63:1d:70:30:b2:72:c3:6a:73:f4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 3 16:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa0c543f93fc26a74055bf4650dfa02ed94e2c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:2f:1a:ef:9a:8d:11:ad:96:a6:ab:51:a3:
e7:71:3f:9f:e4:2b:de:10:22:f0:5e:42:f2:67:9e:
fc:47:f6:ad:1f:64:e4:8e:5e:24:a6:72:fb:04:4a:
ce:22:db:8a:46:67:79:ae:6e:ff:81:02:09:07:d7:
96:13:94:84:36:01:87:b3:38:41:25:54:6d:66:48:
9d:66:91:1a:6d:22:60:b1:8c:8a:2c:13:0d:d9:f2:
eb:c3:c8:c4:a2:1b:54:f3:53:be:81:a9:df:fa:0a:
46:3d:29:e2:79:83:84:35:d5:c8:1a:eb:8d:d1:51:
5f:81:fa:ce:b9:25:35:f1:3c:3e:fd:45:4b:e2:43:
0c:31:79:d8:5b:3f:d1:32:1c:9f:17:4e:dc:fd:dc:
44:88:64:70:a6:c1:cc:bd:10:be:84:cc:89:81:94:
44:0a:dc:e5:71:83:aa:8a:b4:58:9b:06:df:24:b8:
29:22:06:85:b7:a7:76:33:45:2b:c2:68:0c:68:10:
e7:c6:39:8d:b5:d7:6e:c5:a7:7c:0c:ab:46:1f:29:
9f:30:38:a8:03:d7:65:b2:70:bf:06:41:d9:25:2a:
1d:e0:d1:62:9a:e3:86:71:59:a1:57:17:c0:c0:0f:
70:66:7c:d1:71:d7:ec:4b:37:2f:26:66:58:5a:54:
b4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0C:54:3F:93:FC:26:A7:40:55:BF:46:50:DF:A0:2E:D9:4E:2C:15
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-gxUP5P8JqdAVb9GUN-gLtlOLBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:332::/48
Signature Algorithm: sha256WithRSAEncryption
4c:1d:1e:80:36:3e:d7:73:f2:68:a5:35:6e:82:b2:b6:ec:b4:
2b:2b:17:e4:01:dc:f2:fa:86:9c:c3:92:94:cf:a5:f9:49:88:
a9:61:54:ba:f0:c1:01:c7:8d:01:c8:36:4f:03:ca:64:f0:35:
ba:50:2d:0f:9e:6e:f7:f0:87:70:8f:a8:1b:8e:ea:79:4a:0c:
5b:0f:a8:19:02:21:f2:90:40:a6:84:91:0f:c4:70:87:9a:9b:
94:0d:16:4c:d2:95:01:b8:80:ae:52:b3:74:58:41:fa:85:bd:
da:b2:63:a0:c7:51:7b:9e:8d:8c:9f:9e:b0:45:3c:3f:07:0d:
18:46:47:f4:d1:2f:a9:d5:d2:52:47:16:57:d4:e6:88:74:23:
83:dd:c7:e6:f2:47:b9:36:01:1d:7a:2f:07:3a:eb:c2:90:5a:
d1:ee:e5:16:0c:dc:37:b6:d8:b8:4f:21:fa:52:4e:2d:15:19:
7f:64:89:8b:72:bd:e5:90:1b:44:f6:b8:4f:3a:94:13:5e:39:
18:56:ed:48:a9:eb:b0:b6:5d:3c:83:fa:62:38:dc:82:6b:b2:
e4:b9:db:7c:90:dd:ea:84:af:3c:1b:c4:61:9b:bd:00:b7:84:
ee:9b:1f:5f:6d:4a:67:d3:26:47:f7:98:9a:fe:8d:66:41:8b:
94:89:3a:8a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYMESvpP+2MdcDCycsNqc/R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTAzMTY1OTI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBjNTQzZjkzZmMyNmE3NDA1NWJmNDY1MGRmYTAyZWQ5NGUyYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQvGu+ajRGtlqarUaPncT+f5Cve
ECLwXkLyZ578R/atH2Tkjl4kpnL7BErOItuKRmd5rm7/gQIJB9eWE5SENgGHszhB
JVRtZkidZpEabSJgsYyKLBMN2fLrw8jEohtU81O+ganf+gpGPSnieYOENdXIGuuN
0VFfgfrOuSU18Tw+/UVL4kMMMXnYWz/RMhyfF07c/dxEiGRwpsHMvRC+hMyJgZRE
CtzlcYOqirRYmwbfJLgpIgaFt6d2M0UrwmgMaBDnxjmNtdduxad8DKtGHymfMDio
A9dlsnC/BkHZJSod4NFimuOGcVmhVxfAwA9wZnzRcdfsSzcvJmZYWlS0pwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPoMVD+T/CanQFW/RlDfoC7ZTiwVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1neFVQNVA4SnFkQVZiOUdVTi1nTHRsT0xCVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOl8AD
MjANBgkqhkiG9w0BAQsFAAOCAQEATB0egDY+13PyaKU1boKytuy0KysX5AHc8vqG
nMOSlM+l+UmIqWFUuvDBAceNAcg2TwPKZPA1ulAtD55u9/CHcI+oG47qeUoMWw+o
GQIh8pBApoSRD8Rwh5qblA0WTNKVAbiArlKzdFhB+oW92rJjoMdRe56NjJ+esEU8
PwcNGEZH9NEvqdXSUkcWV9TmiHQjg93H5vJHuTYBHXovBzrrwpBa0e7lFgzcN7bY
uE8h+lJOLRUZf2SJi3K95ZAbRPa4TzqUE145GFbtSKnrsLZdPIP6Yjjcgmuy5Lnb
fJDd6oSvPBvEYZu9ALeE7psfX21KZ9MmR/eYmv6NZkGLlIk6ig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org