Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3kZl_D12M-IAIU-KSEaggXZhnJg.roa
File: 3kZl_D12M-IAIU-KSEaggXZhnJg.roa (raw, json)
Hash identifier: aJBMqarsF/ZWJGhBgZTJA9m83S1mlIKyMt0SZs/+COQ=
Subject key identifier: DE:46:65:FC:3D:76:33:E2:00:21:4F:8A:48:46:A0:81:76:61:9C:98
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018477AAAD819F8EFB1AC25C745884E406E3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3kZl_D12M-IAIU-KSEaggXZhnJg.roa
Signing time: Mon 14 Nov 2022 19:43:04 +0000
ROA not before: Mon 14 Nov 2022 19:43:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204729
IP address blocks: 2a0e:b107:1b9d::/48 maxlen: 48
2a0e:b107:1b9c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:77:aa:ad:81:9f:8e:fb:1a:c2:5c:74:58:84:e4:06:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 14 19:43:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de4665fc3d7633e200214f8a4846a08176619c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:69:6c:ac:af:34:c0:03:02:09:cd:fe:22:
e4:4f:de:c7:fa:cd:96:61:c0:21:e9:4d:ae:14:6a:
39:70:f9:3c:62:d4:ee:13:e0:f7:96:37:ca:05:36:
cc:4a:3d:bd:c9:79:0a:ad:67:0f:2a:83:45:19:ed:
b1:95:6d:ec:a0:5f:6e:52:cb:cd:51:cc:4a:b5:fb:
cc:7b:e7:ae:9b:b6:8c:a5:9b:06:15:f3:2e:73:9c:
f2:42:ae:fe:e5:43:da:05:c4:5d:ec:84:b2:ed:b7:
5f:e3:bd:16:dd:d5:ca:11:ec:c7:1c:e4:20:e0:29:
22:c7:29:ae:79:c3:1d:6e:67:ce:26:90:e5:f9:85:
5a:09:d1:2f:17:f9:3f:1f:e6:cb:6d:7b:05:cf:d8:
5e:f6:ef:86:0b:13:d4:35:97:fa:ef:77:d1:4b:92:
19:e8:2d:07:48:4a:0e:98:f0:5c:20:df:2d:71:3f:
06:9a:f9:44:04:b7:ab:a3:dd:df:b9:a7:39:7a:17:
d5:6b:ce:7d:20:34:eb:89:4a:05:8f:eb:a9:da:8e:
9f:65:d6:da:9c:04:3c:98:3d:61:63:b0:cc:d4:73:
e8:7f:6b:42:a9:46:63:9a:e8:4a:04:f1:82:55:39:
8a:ba:cc:f4:fb:df:26:42:b6:8c:59:26:84:d3:83:
30:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:46:65:FC:3D:76:33:E2:00:21:4F:8A:48:46:A0:81:76:61:9C:98
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3kZl_D12M-IAIU-KSEaggXZhnJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b9c::/47
Signature Algorithm: sha256WithRSAEncryption
63:4c:7d:2a:76:9c:28:9c:2c:c6:1b:e9:41:0f:39:6a:b3:ed:
4a:1a:20:ba:ef:f9:97:bd:30:7a:79:51:b9:c6:a2:c3:ef:a5:
23:72:20:40:36:b9:6e:8f:20:96:4d:8a:77:af:98:9e:f7:fa:
48:27:d8:3e:88:01:7d:4f:b6:c5:a2:55:ee:84:10:38:79:99:
6d:72:c0:ae:3d:b3:53:ac:5e:4b:a3:fd:cc:a9:b0:b6:dc:37:
87:d9:ff:76:b6:62:7f:03:1f:fd:c2:4b:0c:2a:6f:43:f1:4b:
67:d2:49:bf:2e:66:34:77:8a:32:94:08:1e:05:43:e1:70:e1:
6b:1b:b8:a4:45:ca:8e:74:bb:ba:8b:02:02:8c:ea:38:b6:10:
fa:06:39:29:52:58:17:54:15:67:2b:70:11:83:45:e9:2b:9a:
2f:32:55:ca:66:51:78:13:7d:5d:95:28:3c:a9:82:d6:f9:ca:
59:c5:8f:71:03:04:92:aa:51:93:70:8d:1a:d1:ac:94:78:69:
16:a5:90:0e:7a:b5:c9:aa:80:07:4c:b2:26:9b:95:bb:2d:bb:
6d:48:f0:9c:ba:2a:de:b1:65:a5:6f:0d:6b:ee:af:b2:dd:e2:
e8:91:b3:f2:3d:3d:b5:02:2a:dd:b3:ea:36:cd:5f:d8:34:c4:
0f:46:be:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYR3qq2Bn477GsJcdFiE5AbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE0MTk0MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ2NjVmYzNkNzYzM2UyMDAyMTRmOGE0ODQ2YTA4MTc2NjE5Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIBpbKyvNMADAgnN/iLkT97H+s2W
YcAh6U2uFGo5cPk8YtTuE+D3ljfKBTbMSj29yXkKrWcPKoNFGe2xlW3soF9uUsvN
UcxKtfvMe+eum7aMpZsGFfMuc5zyQq7+5UPaBcRd7ISy7bdf470W3dXKEezHHOQg
4CkixymuecMdbmfOJpDl+YVaCdEvF/k/H+bLbXsFz9he9u+GCxPUNZf673fRS5IZ
6C0HSEoOmPBcIN8tcT8GmvlEBLero93fuac5ehfVa859IDTriUoFj+up2o6fZdba
nAQ8mD1hY7DM1HPof2tCqUZjmuhKBPGCVTmKusz0+98mQraMWSaE04MwhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5GZfw9djPiACFPikhGoIF2YZyYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM2tabF9EMTJNLUlBSVUtS1NFYWdnWFpobkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBxuc
MA0GCSqGSIb3DQEBCwUAA4IBAQBjTH0qdpwonCzGG+lBDzlqs+1KGiC67/mXvTB6
eVG5xqLD76UjciBANrlujyCWTYp3r5ie9/pIJ9g+iAF9T7bFolXuhBA4eZltcsCu
PbNTrF5Lo/3MqbC23DeH2f92tmJ/Ax/9wksMKm9D8Utn0km/LmY0d4oylAgeBUPh
cOFrG7ikRcqOdLu6iwICjOo4thD6BjkpUlgXVBVnK3ARg0XpK5ovMlXKZlF4E31d
lSg8qYLW+cpZxY9xAwSSqlGTcI0a0ayUeGkWpZAOerXJqoAHTLImm5W7LbttSPCc
uiresWWlbw1r7q+y3eLokbPyPT21Airds+o2zV/YNMQPRr5b
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org