Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2M47hw1jBbBA1uhUQo_t_b1k1LA.roa
File: 2M47hw1jBbBA1uhUQo_t_b1k1LA.roa (raw, json)
Hash identifier: 3btX4mA1HVzd2qjDUqPVkMoAA0AxVOzHW8F85SiA6Pk=
Subject key identifier: D8:CE:3B:87:0D:63:05:B0:40:D6:E8:54:42:8F:ED:FD:BD:64:D4:B0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 15299959
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2M47hw1jBbBA1uhUQo_t_b1k1LA.roa
Signing time: Wed 15 Jun 2022 10:17:56 +0000
ROA not before: Wed 15 Jun 2022 10:17:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204750
IP address blocks: 2a0e:97c0:3d5::/48 maxlen: 48
2a0e:97c0:3d0::/48 maxlen: 48
2a0e:97c0:3d3::/48 maxlen: 48
2a0e:97c0:3d1::/48 maxlen: 48
2a0e:97c0:3d4::/48 maxlen: 48
2a0e:97c0:3d2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355047769 (0x15299959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 15 10:17:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8ce3b870d6305b040d6e854428fedfdbd64d4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cb:d1:92:b0:83:08:9e:0c:d3:8f:a0:a2:69:
f9:c8:e4:5a:0a:01:6a:08:18:6a:2e:04:94:58:13:
99:93:93:bc:be:6f:c9:2c:99:41:dc:2e:cf:b6:a5:
38:33:39:5a:6f:30:8b:33:09:5f:81:12:38:da:6e:
24:9d:24:61:0b:71:fe:42:01:de:e3:cc:60:a3:61:
58:de:1d:0a:01:d6:e7:66:1e:5d:12:db:68:58:c1:
ce:04:bf:62:dd:76:97:29:4c:2d:80:1b:08:07:2a:
2e:5f:2e:9b:50:b9:65:0c:3c:2c:a3:25:06:72:c8:
95:23:9d:9d:4f:91:ec:32:45:bf:87:3f:ff:3a:11:
25:a2:94:c5:5c:76:93:1d:3a:5b:8c:35:08:1f:08:
61:5f:e9:f3:a6:27:05:83:4d:8a:4a:47:18:5d:fe:
da:c9:c4:f4:3c:94:63:0d:5c:64:8d:93:ce:38:e9:
d2:a4:ff:d2:2e:f4:6f:59:a2:2f:8f:57:76:f8:c7:
01:50:43:ba:ed:b1:3f:3a:44:04:d2:45:cc:b2:a5:
b0:3d:8c:a4:7d:30:40:06:9d:09:24:08:7e:b1:9c:
e8:81:04:04:08:4e:44:68:c0:93:3d:9b:76:18:67:
14:b9:86:c9:64:8b:76:5d:71:82:d4:f7:f0:3e:83:
c1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CE:3B:87:0D:63:05:B0:40:D6:E8:54:42:8F:ED:FD:BD:64:D4:B0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2M47hw1jBbBA1uhUQo_t_b1k1LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3d0::-2a0e:97c0:3d5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ca:bb:90:60:91:3a:d3:6a:8f:36:27:74:c8:67:40:6c:27:79:
92:79:1c:ef:89:c3:44:59:87:8f:1a:fa:35:cb:ec:f2:15:e2:
e0:3a:0f:ac:c3:89:5c:71:d4:7b:d3:a2:a9:e6:d5:98:cc:24:
7c:c3:ed:4e:67:36:c9:4f:05:04:45:2f:5b:c1:4e:8a:b2:16:
75:ee:eb:46:bb:0b:4b:c0:81:ff:7b:9a:29:da:39:4f:0d:37:
d8:c8:10:af:f7:80:6b:85:c8:72:b5:5a:cc:04:f5:0c:16:48:
9e:9d:ff:9a:d8:80:04:e2:19:f9:01:2f:96:45:ab:ed:1b:ad:
85:d5:ed:7b:11:40:9d:38:10:dd:ba:b6:93:5a:a8:1c:d5:b1:
7a:3b:ef:b9:1a:5e:d2:75:9a:0c:1d:3e:53:fa:ee:de:7a:31:
02:94:a4:e7:3e:70:77:1f:0b:dc:c3:7a:bc:c2:d4:bb:b3:ed:
e1:b7:5e:97:a8:59:14:c3:39:26:4e:1d:4d:50:34:03:39:0e:
14:11:bb:0a:1c:53:75:86:bc:78:a3:d7:9e:3c:37:f5:3f:b9:
7a:09:e7:8e:64:db:55:3d:fd:7e:8c:a6:29:5c:ef:7e:b6:4e:
6c:fe:fb:88:6f:22:6c:b2:b7:e2:e5:69:3b:cf:41:08:80:ae:
9a:9d:99:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEFSmZWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYx
NTEwMTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhjZTNiODcwZDYz
MDViMDQwZDZlODU0NDI4ZmVkZmRiZDY0ZDRiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/L0ZKwgwieDNOPoKJp+cjkWgoBaggYai4ElFgTmZOTvL5v
ySyZQdwuz7alODM5Wm8wizMJX4ESONpuJJ0kYQtx/kIB3uPMYKNhWN4dCgHW52Ye
XRLbaFjBzgS/Yt12lylMLYAbCAcqLl8um1C5ZQw8LKMlBnLIlSOdnU+R7DJFv4c/
/zoRJaKUxVx2kx06W4w1CB8IYV/p86YnBYNNikpHGF3+2snE9DyUYw1cZI2Tzjjp
0qT/0i70b1miL49XdvjHAVBDuu2xPzpEBNJFzLKlsD2MpH0wQAadCSQIfrGc6IEE
BAhORGjAkz2bdhhnFLmGyWSLdl1xgtT38D6DwckCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTYzjuHDWMFsEDW6FRCj+39vWTUsDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzJNNDdodzFqQmJCQTF1aFVRb190X2IxazFMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcEKg6XwAPQAwcBKg6XwAPUMA0G
CSqGSIb3DQEBCwUAA4IBAQDKu5BgkTrTao82J3TIZ0BsJ3mSeRzvicNEWYePGvo1
y+zyFeLgOg+sw4lccdR706Kp5tWYzCR8w+1OZzbJTwUERS9bwU6KshZ17utGuwtL
wIH/e5op2jlPDTfYyBCv94BrhchytVrMBPUMFkienf+a2IAE4hn5AS+WRavtG62F
1e17EUCdOBDduraTWqgc1bF6O++5Gl7SdZoMHT5T+u7eejEClKTnPnB3Hwvcw3q8
wtS7s+3ht16XqFkUwzkmTh1NUDQDOQ4UEbsKHFN1hrx4o9eePDf1P7l6CeeOZNtV
Pf1+jKYpXO9+tk5s/vuIbyJssrfi5Wk7z0EIgK6anZn+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org