Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/57zbi5TykKN5Zge9fgSmxRbuRo0.roa
File: 57zbi5TykKN5Zge9fgSmxRbuRo0.roa (raw, json)
Hash identifier: f1Mr4BpImtKfYqmGCp+x5TqrdOo1c1luYAe7YYjcf7Q=
Subject key identifier: E7:BC:DB:8B:94:F2:90:A3:79:66:07:BD:7E:04:A6:C5:16:EE:46:8D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11CFCB5E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/57zbi5TykKN5Zge9fgSmxRbuRo0.roa
Signing time: Tue 08 Feb 2022 07:08:11 +0000
ROA not before: Tue 08 Feb 2022 07:08:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211946
IP address blocks: 2a0e:97c0:140::/44 maxlen: 48
2a0e:97c0:143::/48 maxlen: 48
2a0e:97c0:141::/48 maxlen: 48
2a0e:97c0:144::/48 maxlen: 48
2a0e:97c0:142::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298830686 (0x11cfcb5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 8 07:08:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7bcdb8b94f290a3796607bd7e04a6c516ee468d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:77:9c:af:8b:fa:b9:72:cd:c1:2f:13:ff:3f:
97:e6:ab:b3:1c:b5:7b:00:66:9f:42:75:43:a7:94:
75:48:ea:c3:1d:67:6b:5a:84:25:72:a2:a2:d8:b2:
5c:76:57:76:0a:70:3c:27:2d:1f:44:6b:89:df:14:
be:45:70:5a:16:77:ae:fc:76:46:34:b4:e5:71:a4:
1b:b3:08:92:bc:78:9f:5c:7e:7a:b7:e1:fc:22:e9:
3d:8c:31:46:54:2a:d7:f1:c2:6f:d1:21:45:79:bc:
a5:22:b0:5e:40:92:02:0c:6f:c0:53:38:07:e0:46:
73:a7:1d:35:b4:e6:27:30:da:a1:cc:01:ee:86:7d:
58:f1:25:89:e2:f1:b0:83:c2:02:7e:dc:af:8f:8d:
0c:b1:5b:04:47:6c:da:5e:95:ab:d6:d5:3f:7e:e8:
36:73:2c:35:86:64:c3:d7:cd:5e:0b:ad:e3:58:b4:
75:7b:5a:69:7d:10:92:3c:25:50:32:d3:fb:92:06:
5b:1c:d3:8e:1a:93:52:b5:57:47:bf:c2:4f:8d:6d:
66:7e:87:31:57:3e:14:ce:e1:de:b8:01:d0:c2:35:
1b:da:43:e3:36:65:dd:bd:61:99:d7:9f:15:41:41:
c0:f9:20:c9:4d:dc:3a:0e:6f:fc:96:8e:68:dc:0e:
3b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BC:DB:8B:94:F2:90:A3:79:66:07:BD:7E:04:A6:C5:16:EE:46:8D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/57zbi5TykKN5Zge9fgSmxRbuRo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:140::/44
Signature Algorithm: sha256WithRSAEncryption
1c:15:1f:e1:94:ff:a3:8f:2c:d5:05:3c:ca:68:3b:2e:e6:be:
68:2d:74:f2:34:fc:0b:0c:09:94:bf:2b:c2:e9:17:58:23:ce:
c0:ad:b4:27:d1:4d:a6:21:c6:8f:28:55:ca:4a:45:0b:5b:ab:
ba:2c:48:e6:12:0b:6d:41:b0:c2:c8:1f:bf:89:13:2f:aa:39:
07:a7:b7:3f:60:58:80:1f:60:6a:1a:14:fd:0e:30:9a:68:fb:
36:86:32:13:3d:95:c7:c0:90:33:3d:6d:93:e4:14:a4:20:67:
db:60:45:68:b6:fa:43:83:4d:89:a9:c9:e0:b9:57:64:21:1e:
5c:56:39:23:10:f4:93:d3:6a:94:5b:50:09:00:73:0e:16:cb:
0c:6b:ff:b0:25:de:c8:0d:ae:5d:c4:c2:b2:0e:59:97:57:f4:
15:18:44:d4:9b:e3:be:1b:d4:4e:c0:6b:60:cf:81:7d:e0:63:
78:3d:2c:1d:05:40:aa:46:c1:c6:f6:9e:25:bc:3b:87:60:9f:
9e:fa:6a:2a:8d:96:db:34:b2:43:24:14:62:b2:11:c4:9d:7a:
b2:24:23:18:c2:05:96:d8:00:d8:17:6a:8c:51:2d:2f:9c:4d:
47:18:86:f6:30:6d:fc:f3:47:b6:ca:d1:16:9e:86:ff:ae:7d:
32:c4:bd:fe
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEc/LXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIw
ODA3MDgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdiY2RiOGI5NGYy
OTBhMzc5NjYwN2JkN2UwNGE2YzUxNmVlNDY4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALx3nK+L+rlyzcEvE/8/l+arsxy1ewBmn0J1Q6eUdUjqwx1n
a1qEJXKiotiyXHZXdgpwPCctH0Rrid8UvkVwWhZ3rvx2RjS05XGkG7MIkrx4n1x+
erfh/CLpPYwxRlQq1/HCb9EhRXm8pSKwXkCSAgxvwFM4B+BGc6cdNbTmJzDaocwB
7oZ9WPElieLxsIPCAn7cr4+NDLFbBEds2l6Vq9bVP37oNnMsNYZkw9fNXgut41i0
dXtaaX0QkjwlUDLT+5IGWxzTjhqTUrVXR7/CT41tZn6HMVc+FM7h3rgB0MI1G9pD
4zZl3b1hmdefFUFBwPkgyU3cOg5v/JaOaNwOO2cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTnvNuLlPKQo3lmB71+BKbFFu5GjTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzU3emJpNVR5a0tONVpnZTlmZ1NteFJidVJvMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8ABQDANBgkqhkiG9w0BAQsF
AAOCAQEAHBUf4ZT/o48s1QU8ymg7Lua+aC108jT8CwwJlL8rwukXWCPOwK20J9FN
piHGjyhVykpFC1uruixI5hILbUGwwsgfv4kTL6o5B6e3P2BYgB9gahoU/Q4wmmj7
NoYyEz2Vx8CQMz1tk+QUpCBn22BFaLb6Q4NNianJ4LlXZCEeXFY5IxD0k9NqlFtQ
CQBzDhbLDGv/sCXeyA2uXcTCsg5Zl1f0FRhE1JvjvhvUTsBrYM+BfeBjeD0sHQVA
qkbBxvaeJbw7h2CfnvpqKo2W2zSyQyQUYrIRxJ16siQjGMIFltgA2BdqjFEtL5xN
RxiG9jBt/PNHtsrRFp6G/659MsS9/g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:55 2023 by rpki-client on console-ams.rpki-client.org