Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/58JOO8NDIjO8jpdISLyHX80uXu0.roa
File: 58JOO8NDIjO8jpdISLyHX80uXu0.roa (raw, json)
Hash identifier: DxkZV982iDm+y4IqQHi16xjJ3aCH/URDtpEmThjv0Ss=
Subject key identifier: E7:C2:4E:3B:C3:43:22:33:BC:8E:97:48:48:BC:87:5F:CD:2E:5E:ED
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018296D2EF392D3B3E0F8B04FD023D96F98C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/58JOO8NDIjO8jpdISLyHX80uXu0.roa
Signing time: Sat 13 Aug 2022 10:49:42 +0000
ROA not before: Sat 13 Aug 2022 10:49:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212767
IP address blocks: 2a0e:b107:cc8::/48 maxlen: 48
2a10:2f00:14a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:96:d2:ef:39:2d:3b:3e:0f:8b:04:fd:02:3d:96:f9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 13 10:49:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7c24e3bc3432233bc8e974848bc875fcd2e5eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:1b:ea:c6:21:33:8d:c0:14:d5:f3:9e:03:
4a:fc:39:46:51:36:1e:af:05:94:59:0d:7a:ca:ea:
4d:c8:25:d0:cd:f9:b7:47:b3:27:6d:81:df:ce:2d:
5a:5b:2b:4d:0d:bc:36:a9:68:50:00:fd:4e:31:0a:
e2:c0:73:31:40:1b:f4:aa:21:b9:47:b5:a8:03:a4:
a7:4b:28:dc:df:e6:07:c1:a4:92:43:65:d8:0a:cd:
9c:33:d3:c2:1c:21:0c:a7:da:18:91:b9:3b:c8:2c:
fe:cf:be:99:04:60:4a:d3:d0:56:c3:4c:56:c9:f5:
ef:14:08:c1:15:dc:57:c8:0a:15:8c:9e:b9:98:c3:
8f:69:12:41:7a:94:60:e4:a4:3d:8c:7b:cb:e4:73:
be:a9:8b:c8:17:9d:fc:c3:b4:3d:9f:bf:97:9e:e1:
0c:0c:89:8c:56:f9:d9:f8:5e:9e:d1:4b:22:0b:0d:
db:4a:ee:56:a4:15:f5:0f:70:e1:f8:ec:27:52:2b:
88:f3:c3:11:8b:17:06:8e:3d:5c:4e:63:4e:4d:63:
78:49:2d:78:94:a0:47:b9:95:6e:e5:3d:1e:29:3f:
bc:9d:7c:88:3e:4c:ae:10:15:3c:cb:e4:ab:f9:96:
1a:3b:85:77:2f:e5:59:2a:15:76:fc:b8:ab:c7:d3:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C2:4E:3B:C3:43:22:33:BC:8E:97:48:48:BC:87:5F:CD:2E:5E:ED
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/58JOO8NDIjO8jpdISLyHX80uXu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:cc8::/48
2a10:2f00:14a::/48
Signature Algorithm: sha256WithRSAEncryption
7a:f7:72:f5:d4:6c:95:8d:15:a8:ea:63:86:72:d6:b1:84:bd:
3a:07:ff:aa:4a:c6:46:94:c6:2a:92:22:f8:3d:46:14:20:25:
0a:3e:86:db:5a:6c:84:48:e6:9c:c5:9c:00:18:18:26:41:00:
03:df:d3:51:9a:35:ed:71:02:d7:0b:08:3b:36:9a:78:94:3c:
73:aa:d2:60:a8:6a:b6:f1:a8:83:0c:06:11:e7:a2:03:46:a4:
74:f6:54:84:84:93:71:77:ff:12:62:dd:a7:69:ae:1c:24:50:
ad:81:d4:8f:35:f4:3c:84:e5:79:ed:8f:3e:f1:82:a6:c7:d3:
50:00:0c:e6:48:c7:8d:1b:ee:89:c7:c9:0e:a4:42:3b:92:67:
16:a8:4c:b2:45:be:ff:2b:66:00:be:2a:f9:16:8f:88:9e:25:
a5:55:07:6e:2f:85:b5:d6:5a:fd:ec:c2:2e:89:49:d2:f1:9a:
eb:e8:79:35:97:6a:f4:e5:7a:ae:02:6a:9c:36:88:e5:e9:5b:
c3:da:7f:ea:eb:0a:d8:55:e1:a8:6a:60:c7:1a:03:3c:16:b1:
b9:25:34:4e:da:ae:df:98:35:50:29:0a:74:60:71:8b:e0:21:
7b:9e:12:a8:93:db:74:92:52:16:90:8d:c9:f6:6f:22:63:d1:
4e:09:45:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKW0u85LTs+D4sE/QI9lvmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODEzMTA0OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2MyNGUzYmMzNDMyMjMzYmM4ZTk3NDg0OGJjODc1ZmNkMmU1ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZgb6sYhM43AFNXzngNK/DlGUTYe
rwWUWQ16yupNyCXQzfm3R7MnbYHfzi1aWytNDbw2qWhQAP1OMQriwHMxQBv0qiG5
R7WoA6SnSyjc3+YHwaSSQ2XYCs2cM9PCHCEMp9oYkbk7yCz+z76ZBGBK09BWw0xW
yfXvFAjBFdxXyAoVjJ65mMOPaRJBepRg5KQ9jHvL5HO+qYvIF538w7Q9n7+XnuEM
DImMVvnZ+F6e0UsiCw3bSu5WpBX1D3Dh+OwnUiuI88MRixcGjj1cTmNOTWN4SS14
lKBHuZVu5T0eKT+8nXyIPkyuEBU8y+Sr+ZYaO4V3L+VZKhV2/Lirx9PRFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOfCTjvDQyIzvI6XSEi8h1/NLl7tMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNThKT084TkRJak84anBkSVNMeUhYODB1WHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwzI
AwcAKhAvAAFKMA0GCSqGSIb3DQEBCwUAA4IBAQB693L11GyVjRWo6mOGctaxhL06
B/+qSsZGlMYqkiL4PUYUICUKPobbWmyESOacxZwAGBgmQQAD39NRmjXtcQLXCwg7
Npp4lDxzqtJgqGq28aiDDAYR56IDRqR09lSEhJNxd/8SYt2naa4cJFCtgdSPNfQ8
hOV57Y8+8YKmx9NQAAzmSMeNG+6Jx8kOpEI7kmcWqEyyRb7/K2YAvir5Fo+IniWl
VQduL4W11lr97MIuiUnS8Zrr6Hk1l2r05XquAmqcNojl6VvD2n/q6wrYVeGoamDH
GgM8FrG5JTRO2q7fmDVQKQp0YHGL4CF7nhKok9t0klIWkI3J9m8iY9FOCUWz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org