Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3CnWBid7_vZTDQl6B10DQYuNTnM.roa
File: 3CnWBid7_vZTDQl6B10DQYuNTnM.roa (raw, json)
Hash identifier: kaqtqPxEih2ms7fAYZwsZg/rb6GyJ2it9Hifuv2PsHs=
Subject key identifier: DC:29:D6:06:27:7B:FE:F6:53:0D:09:7A:07:5D:03:41:8B:8D:4E:73
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184E42C2A323865FF30CC7225B2795E1531
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3CnWBid7_vZTDQl6B10DQYuNTnM.roa
Signing time: Mon 05 Dec 2022 21:23:30 +0000
ROA not before: Mon 05 Dec 2022 21:23:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211275
IP address blocks: 2a0e:97c0:410::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:41c::/48 maxlen: 48
2a0e:97c0:41f::/48 maxlen: 48
2a0e:97c0:412::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e4:2c:2a:32:38:65:ff:30:cc:72:25:b2:79:5e:15:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 5 21:23:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc29d606277bfef6530d097a075d03418b8d4e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:50:43:b3:64:f8:db:99:8d:64:b6:cd:bd:
c9:5f:05:a5:23:0e:26:98:0c:9d:13:2c:ca:da:e8:
7f:46:6d:02:63:3b:79:1d:04:44:5e:96:58:0c:76:
e1:18:60:8e:d4:09:58:55:da:d7:3d:bc:73:f5:6d:
6f:e0:32:50:f0:f4:14:7c:0c:cb:da:a7:7c:52:2c:
27:a9:0b:b5:99:a8:9f:2b:02:58:e1:4f:f5:0f:1d:
6a:d9:04:4e:3e:6f:b0:f0:33:18:38:06:7b:9e:bf:
b3:c7:e8:36:2e:72:50:ea:9b:8a:7f:12:be:03:7d:
1b:cb:a3:3a:d9:7d:c8:c4:6d:7f:95:8d:cb:fa:3b:
ac:c5:29:8d:47:9f:7e:71:96:34:ec:da:5b:df:1a:
55:08:88:d6:5e:ff:88:1f:d3:28:21:8e:89:b2:fe:
a1:0f:1c:fd:4c:55:f0:ed:be:64:01:d8:a3:6c:eb:
1b:8f:f8:3f:b6:6a:33:d2:b6:11:d5:c9:d3:47:50:
22:51:22:c0:f2:7c:d5:6c:6b:42:58:1c:90:46:3b:
bf:1b:06:50:b6:b2:ce:a5:77:8b:d3:7b:3a:51:65:
55:b1:e3:5e:83:89:76:13:5f:7e:ad:55:3e:93:fb:
69:48:99:30:b9:80:00:79:3c:cb:3d:73:90:1f:80:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:29:D6:06:27:7B:FE:F6:53:0D:09:7A:07:5D:03:41:8B:8D:4E:73
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3CnWBid7_vZTDQl6B10DQYuNTnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:410::-2a0e:97c0:412:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:41c::/48
2a0e:97c0:41f::/48
Signature Algorithm: sha256WithRSAEncryption
49:38:b1:92:64:c0:f5:49:e3:a6:07:b2:af:00:e5:be:77:18:
fd:2f:ba:ce:2a:1b:54:bf:04:e6:e5:d6:d3:67:5f:31:f5:df:
49:55:60:98:d4:55:59:86:71:ea:51:69:31:db:bb:0c:8b:f5:
52:48:e9:02:2a:22:ea:40:c8:ae:3e:66:32:6e:2b:4b:7c:e8:
82:b7:a8:f0:f2:59:f3:a9:30:49:63:73:e0:fb:1d:ed:ba:b4:
b7:e7:08:e3:20:df:0b:b6:8c:8d:37:36:1f:02:8c:66:a6:c8:
94:6b:96:97:2c:c5:af:de:18:3a:a5:15:49:2f:67:40:b1:75:
64:df:a3:81:ce:f8:5e:8f:2f:70:d5:fd:c6:22:53:45:1c:f4:
3b:29:91:71:a1:bb:2a:aa:8b:10:96:a6:de:97:0d:6d:57:a9:
15:27:7d:d2:97:ec:d7:79:f2:71:9a:e7:7a:5f:fc:c7:99:75:
51:4e:3f:f1:af:42:b2:65:a4:cb:ef:2b:56:9f:f2:49:9b:ae:
19:6c:f2:c2:2d:20:2b:5a:1b:a5:ae:51:1c:ff:80:4a:ab:57:
f9:fc:17:24:6b:d6:9e:7f:52:1b:e2:a7:6b:68:e9:e2:79:37:
ba:2d:d6:42:9a:bc:c5:5f:e1:3f:04:a9:bf:84:01:d7:fb:58:
50:98:3c:8c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTkLCoyOGX/MMxyJbJ5XhUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA1MjEyMzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI5ZDYwNjI3N2JmZWY2NTMwZDA5N2EwNzVkMDM0MThiOGQ0ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/JQQ7Nk+NuZjWS2zb3JXwWlIw4m
mAydEyzK2uh/Rm0CYzt5HQREXpZYDHbhGGCO1AlYVdrXPbxz9W1v4DJQ8PQUfAzL
2qd8UiwnqQu1maifKwJY4U/1Dx1q2QROPm+w8DMYOAZ7nr+zx+g2LnJQ6puKfxK+
A30by6M62X3IxG1/lY3L+jusxSmNR59+cZY07Npb3xpVCIjWXv+IH9MoIY6Jsv6h
Dxz9TFXw7b5kAdijbOsbj/g/tmoz0rYR1cnTR1AiUSLA8nzVbGtCWByQRju/GwZQ
trLOpXeL03s6UWVVseNeg4l2E19+rVU+k/tpSJkwuYAAeTzLPXOQH4AHfwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNwp1gYne/72Uw0JegddA0GLjU5zMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM0NuV0JpZDdfdlpURFFsNkIxMERRWXVOVG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQqDpfA
BBADBwAqDpfABBIDBwAqDpfABBwDBwAqDpfABB8wDQYJKoZIhvcNAQELBQADggEB
AEk4sZJkwPVJ46YHsq8A5b53GP0vus4qG1S/BObl1tNnXzH130lVYJjUVVmGcepR
aTHbuwyL9VJI6QIqIupAyK4+ZjJuK0t86IK3qPDyWfOpMEljc+D7He26tLfnCOMg
3wu2jI03Nh8CjGamyJRrlpcsxa/eGDqlFUkvZ0CxdWTfo4HO+F6PL3DV/cYiU0Uc
9DspkXGhuyqqixCWpt6XDW1XqRUnfdKX7Nd58nGa53pf/MeZdVFOP/GvQrJlpMvv
K1af8kmbrhls8sItICtaG6WuURz/gEqrV/n8FyRr1p5/Uhvip2to6eJ5N7ot1kKa
vMVf4T8Eqb+EAdf7WFCYPIw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org