Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4epvhplHrOinOSeypdPZw8a07rI.roa
File: 4epvhplHrOinOSeypdPZw8a07rI.roa (raw, json)
Hash identifier: YoAw4QxivCyJ7KCyCf0BU7uPgLhCIfZjtNL2hjJry7o=
Subject key identifier: E1:EA:6F:86:99:47:AC:E8:A7:39:27:B2:A5:D3:D9:C3:C6:B4:EE:B2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018499A80D96BF4F9D2FE5361F17006EA863
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4epvhplHrOinOSeypdPZw8a07rI.roa
Signing time: Mon 21 Nov 2022 10:07:18 +0000
ROA not before: Mon 21 Nov 2022 10:07:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202929
IP address blocks: 2a0e:97c0:510::/48 maxlen: 48
2a0e:97c0:511::/48 maxlen: 48
2a0e:97c0:512::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:a8:0d:96:bf:4f:9d:2f:e5:36:1f:17:00:6e:a8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 21 10:07:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1ea6f869947ace8a73927b2a5d3d9c3c6b4eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bc:a8:50:55:61:a5:77:c5:d2:cd:ef:0b:eb:
8b:fb:4f:dc:b6:2d:59:bc:5c:cf:a7:ee:69:58:07:
29:40:dc:a1:cb:ec:1b:ce:3a:be:bc:68:55:68:4f:
b9:c0:dd:6c:f0:83:7b:7c:1e:dc:fd:7b:cb:30:5c:
69:61:0f:5a:3b:f1:1e:e8:48:f7:4f:f4:58:64:58:
45:81:9d:19:0a:e1:ae:fc:29:0a:ad:b9:50:73:fd:
b0:c4:05:63:96:5a:c3:f3:0c:85:05:94:3c:76:f9:
0e:bb:85:00:a1:90:a4:cb:1d:97:5e:16:c9:74:ff:
3e:51:13:39:fb:26:7f:ce:1d:13:b2:75:23:0f:18:
c2:84:40:a8:1c:6d:3b:fc:41:5a:57:69:a0:15:b3:
dd:bb:c7:cb:b5:bb:f6:6d:36:03:88:6e:8b:3f:4e:
c7:a3:d2:97:f5:4e:80:31:34:e7:e2:d5:cb:eb:a7:
40:f8:f9:c5:48:b7:87:23:de:d2:cd:59:cd:6c:0f:
2b:60:6a:5a:53:56:f5:f4:34:7f:d8:a6:89:15:d3:
25:44:44:b8:94:be:91:72:b4:35:ae:b5:11:31:90:
aa:10:e0:22:8d:5a:a3:4f:6f:b2:34:0c:53:e6:55:
9c:aa:5c:12:55:c0:9b:b7:62:1f:f8:14:9d:8c:95:
a9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EA:6F:86:99:47:AC:E8:A7:39:27:B2:A5:D3:D9:C3:C6:B4:EE:B2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4epvhplHrOinOSeypdPZw8a07rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:510::-2a0e:97c0:512:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:16:ec:cf:2e:b4:4b:d1:4f:1d:35:4b:d0:b6:a4:7a:01:36:
97:0c:76:ab:00:f8:1e:1a:15:a4:a0:3d:0c:77:9b:fb:1b:8f:
ff:32:d7:4b:cb:65:2b:3c:e5:e0:95:f3:db:0d:6b:07:0e:01:
3a:c2:10:5f:2e:38:3a:62:92:20:b9:56:ec:0a:22:35:fc:0f:
89:a7:16:10:97:49:60:f4:4b:33:24:f7:4c:c5:0a:4d:05:35:
b6:70:8f:60:47:f4:a8:28:fb:30:f9:1e:26:dc:1b:e2:f0:49:
a8:19:7f:47:62:09:23:e7:07:f3:3a:4d:37:3c:60:1a:0a:b5:
9e:42:c8:6a:e0:ca:28:10:70:b8:b7:a3:53:f6:fb:b4:50:5b:
32:14:28:cb:e6:b0:43:33:55:8d:38:54:5f:9c:e6:26:0b:f1:
ef:af:51:80:67:38:6f:b1:f8:57:43:0c:3a:1f:c1:db:22:99:
55:20:a2:6a:cb:63:55:13:08:6f:e8:0d:52:58:b3:f7:b1:89:
0d:b5:be:85:15:c0:3e:97:46:5d:d0:14:da:0e:cb:e7:f4:38:
2a:8f:1f:72:91:6a:4d:90:7f:f1:51:8e:bd:dd:80:dc:1a:a7:
a7:8c:95:f3:d1:a4:e9:da:bf:87:33:a2:9e:76:3a:4f:13:9d:
fb:59:1e:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSZqA2Wv0+dL+U2HxcAbqhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTIxMTAwNzE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWVhNmY4Njk5NDdhY2U4YTczOTI3YjJhNWQzZDljM2M2YjRlZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7yoUFVhpXfF0s3vC+uL+0/cti1Z
vFzPp+5pWAcpQNyhy+wbzjq+vGhVaE+5wN1s8IN7fB7c/XvLMFxpYQ9aO/Ee6Ej3
T/RYZFhFgZ0ZCuGu/CkKrblQc/2wxAVjllrD8wyFBZQ8dvkOu4UAoZCkyx2XXhbJ
dP8+URM5+yZ/zh0TsnUjDxjChECoHG07/EFaV2mgFbPdu8fLtbv2bTYDiG6LP07H
o9KX9U6AMTTn4tXL66dA+PnFSLeHI97SzVnNbA8rYGpaU1b19DR/2KaJFdMlRES4
lL6RcrQ1rrURMZCqEOAijVqjT2+yNAxT5lWcqlwSVcCbt2If+BSdjJWpbQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOHqb4aZR6zopzknsqXT2cPGtO6yMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNGVwdmhwbEhyT2luT1NleXBkUFp3OGEwN3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
BRADBwAqDpfABRIwDQYJKoZIhvcNAQELBQADggEBABAW7M8utEvRTx01S9C2pHoB
NpcMdqsA+B4aFaSgPQx3m/sbj/8y10vLZSs85eCV89sNawcOATrCEF8uODpikiC5
VuwKIjX8D4mnFhCXSWD0SzMk90zFCk0FNbZwj2BH9Kgo+zD5HibcG+LwSagZf0di
CSPnB/M6TTc8YBoKtZ5CyGrgyigQcLi3o1P2+7RQWzIUKMvmsEMzVY04VF+c5iYL
8e+vUYBnOG+x+FdDDDofwdsimVUgomrLY1UTCG/oDVJYs/exiQ21voUVwD6XRl3Q
FNoOy+f0OCqPH3KRak2Qf/FRjr3dgNwap6eMlfPRpOnav4czop52Ok8TnftZHuA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org