Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1fvVEytXWnoC1tgvpcrN39axHmc.roa
File: 1fvVEytXWnoC1tgvpcrN39axHmc.roa (raw, json)
Hash identifier: RB2yw0umnz8yKFqUnEO1dN0klhSWl/Q/1OHskNamkZI=
Subject key identifier: D5:FB:D5:13:2B:57:5A:7A:02:D6:D8:2F:A5:CA:CD:DF:D6:B1:1E:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13C8AC47
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1fvVEytXWnoC1tgvpcrN39axHmc.roa
Signing time: Tue 19 Apr 2022 02:05:10 +0000
ROA not before: Tue 19 Apr 2022 02:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138211
IP address blocks: 2a0e:b107:6d0::/44 maxlen: 48
2a0e:b107:580::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331918407 (0x13c8ac47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 19 02:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5fbd5132b575a7a02d6d82fa5cacddfd6b11e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:83:2e:79:79:cf:1a:a1:02:cc:7e:20:88:bc:
a4:b8:28:16:9c:d7:69:21:aa:21:15:4a:32:db:4e:
58:18:6e:df:af:5c:b2:01:64:5d:69:bb:a7:a4:78:
50:ee:64:a4:cb:c1:9b:b6:fc:b1:81:fe:0b:1f:b0:
4d:59:89:08:77:8a:e6:c8:bc:a3:de:35:81:05:b8:
05:1b:e6:41:15:9c:61:20:c9:6a:9b:c2:8e:9f:52:
88:6c:8a:c5:08:b9:1e:c5:b6:2c:8a:2c:04:ef:de:
81:ef:3e:18:c7:f8:d2:0b:d1:0f:5f:d4:5f:6a:3e:
be:10:1b:35:49:eb:61:ac:69:4f:09:4a:69:6e:68:
3d:39:73:d3:d7:02:d2:0b:55:96:f6:9d:f1:90:de:
94:f9:f4:51:6f:2b:f3:db:23:50:cc:84:27:d8:a8:
5d:ad:a9:62:27:a3:a6:f6:cf:bb:dc:d8:b3:6c:e0:
b8:26:6f:b8:40:71:49:f7:25:d7:22:7f:f9:01:57:
18:10:82:56:20:80:6f:e2:9f:2c:ae:4d:e1:fb:7f:
c4:18:fe:f1:74:0e:d2:df:44:1c:4a:b9:70:ab:a1:
59:e7:2a:5b:e4:00:20:03:b7:10:b2:64:a6:8b:c5:
19:40:65:ff:1b:29:c6:0c:aa:52:9d:24:99:e4:2b:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FB:D5:13:2B:57:5A:7A:02:D6:D8:2F:A5:CA:CD:DF:D6:B1:1E:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1fvVEytXWnoC1tgvpcrN39axHmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:580::/44
2a0e:b107:6d0::/44
Signature Algorithm: sha256WithRSAEncryption
4c:26:73:d0:5d:a2:04:2d:53:97:d1:76:89:2d:db:35:bc:f9:
6f:22:c2:10:14:35:3d:69:65:5c:d7:ef:f8:c8:3d:96:a5:69:
f0:78:8a:c8:be:f5:24:0f:4f:19:f1:c7:74:c2:81:e8:e1:0a:
88:7a:9b:72:2d:e3:91:f4:3f:74:06:15:34:04:cb:0b:ec:80:
19:a6:c3:c2:80:4d:42:58:3b:f6:7e:07:34:b9:52:c9:48:a8:
66:08:1d:67:f1:1e:5b:ba:6e:b7:76:98:b5:5e:08:6a:fb:e6:
5b:e7:b8:ca:99:21:90:ce:36:e7:f9:c5:a6:4a:ca:05:6c:cd:
fd:ee:17:96:61:97:a3:4f:0d:42:72:16:4c:c4:6b:54:11:fb:
74:63:2f:0d:7d:63:1a:be:b3:4b:97:79:90:88:87:5a:cf:cd:
72:b4:0d:80:bb:8c:4c:3a:cd:70:be:e4:7d:a7:9e:73:52:71:
fb:ac:a9:24:ec:6f:f7:d0:3e:3d:60:10:e5:35:5c:cc:cd:51:
95:49:a9:08:cf:d7:9b:ea:57:69:f2:50:20:ce:83:c7:8b:42:
3a:93:91:fc:65:9a:4e:95:6b:3e:b7:be:ff:8c:0d:f4:91:86:
ab:8a:51:fd:53:4e:1a:6c:b2:ff:92:73:67:cd:4f:dd:93:32:
d6:3d:87:8a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEE8isRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQx
OTAyMDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVmYmQ1MTMyYjU3
NWE3YTAyZDZkODJmYTVjYWNkZGZkNmIxMWU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+DLnl5zxqhAsx+IIi8pLgoFpzXaSGqIRVKMttOWBhu369c
sgFkXWm7p6R4UO5kpMvBm7b8sYH+Cx+wTVmJCHeK5si8o941gQW4BRvmQRWcYSDJ
apvCjp9SiGyKxQi5HsW2LIosBO/ege8+GMf40gvRD1/UX2o+vhAbNUnrYaxpTwlK
aW5oPTlz09cC0gtVlvad8ZDelPn0UW8r89sjUMyEJ9ioXa2pYiejpvbPu9zYs2zg
uCZvuEBxSfcl1yJ/+QFXGBCCViCAb+KfLK5N4ft/xBj+8XQO0t9EHEq5cKuhWecq
W+QAIAO3ELJkpovFGUBl/xspxgyqUp0kmeQrshkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTV+9UTK1daegLW2C+lys3f1rEeZzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzFmdlZFeXRYV25vQzF0Z3ZwY3JOMzlheEhtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOsQcFgAMHBCoOsQcG0DANBgkq
hkiG9w0BAQsFAAOCAQEATCZz0F2iBC1Tl9F2iS3bNbz5byLCEBQ1PWllXNfv+Mg9
lqVp8HiKyL71JA9PGfHHdMKB6OEKiHqbci3jkfQ/dAYVNATLC+yAGabDwoBNQlg7
9n4HNLlSyUioZggdZ/EeW7put3aYtV4IavvmW+e4ypkhkM425/nFpkrKBWzN/e4X
lmGXo08NQnIWTMRrVBH7dGMvDX1jGr6zS5d5kIiHWs/NcrQNgLuMTDrNcL7kfaee
c1Jx+6ypJOxv99A+PWAQ5TVczM1RlUmpCM/Xm+pXafJQIM6Dx4tCOpOR/GWaTpVr
Pre+/4wN9JGGq4pR/VNOGmyy/5JzZ81P3ZMy1j2Hig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org