Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/78bun0VfDJMKmsuWC1234acE-oI.roa
File: 78bun0VfDJMKmsuWC1234acE-oI.roa (raw, json)
Hash identifier: Kn74RKESFZWH32fH7BJcCa+wm26HVCJMB/4yG1sP8V8=
Subject key identifier: EF:C6:EE:9F:45:5F:0C:93:0A:9A:CB:96:0B:5D:B7:E1:A7:04:FA:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13203606
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/78bun0VfDJMKmsuWC1234acE-oI.roa
Signing time: Thu 24 Mar 2022 05:03:28 +0000
ROA not before: Thu 24 Mar 2022 05:03:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47316
IP address blocks: 2a0e:97c0:78d::/48 maxlen: 48
2a0e:97c0:780::/44 maxlen: 48
2a0e:97c0:788::/48 maxlen: 48
2a0e:97c0:783::/48 maxlen: 48
2a0e:97c0:78e::/48 maxlen: 48
2a0e:97c0:781::/48 maxlen: 48
2a0e:97c0:78c::/48 maxlen: 48
2a0e:97c0:787::/48 maxlen: 48
2a0e:97c0:782::/48 maxlen: 48
2a0e:97c0:785::/48 maxlen: 48
2a0e:97c0:780::/48 maxlen: 48
2a0e:97c0:78b::/48 maxlen: 48
2a0e:97c0:786::/48 maxlen: 48
2a0e:97c0:789::/48 maxlen: 48
2a0e:97c0:784::/48 maxlen: 48
2a0e:97c0:78f::/48 maxlen: 48
2a0e:97c0:78a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320878086 (0x13203606)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 24 05:03:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efc6ee9f455f0c930a9acb960b5db7e1a704fa82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:61:e7:64:b6:ac:4b:cd:a2:b5:db:eb:98:56:
9a:3c:66:59:44:37:a4:9b:1e:78:cf:39:86:9a:60:
5c:db:19:79:c0:01:5e:c5:3d:cf:22:fb:ea:f7:18:
d9:50:a8:62:40:fa:7c:09:14:e0:78:1c:26:2a:93:
6b:f3:c5:5b:d6:fa:c1:37:68:8d:93:ef:57:01:99:
89:4f:74:65:08:6e:30:e2:93:a2:ac:ce:61:47:86:
65:bc:0a:e4:10:ce:94:40:6a:2d:79:87:a5:f3:41:
ff:48:79:dd:c1:6b:60:10:15:ea:a4:cf:11:d1:9d:
13:f1:90:dd:f3:48:fb:88:13:c5:74:fa:a5:26:59:
b2:bf:37:af:fc:0d:4f:17:ad:53:f1:50:89:f7:81:
e9:18:85:81:8f:2c:0a:87:ac:23:2b:42:cc:58:a6:
a4:b0:aa:b5:bc:43:dd:26:13:24:27:f7:53:d5:cd:
50:0f:3b:6d:14:b7:7e:77:01:32:63:1e:a1:18:de:
58:13:e9:ff:ab:50:a6:d5:78:84:8f:7d:ab:3a:39:
ec:18:95:df:0f:38:26:75:6c:50:ed:0c:8a:ac:33:
0f:57:37:c7:a4:e6:af:41:10:bb:a2:85:20:da:b6:
b5:a3:b8:37:b2:48:3b:8f:d2:5c:55:be:5e:dc:7a:
b7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:C6:EE:9F:45:5F:0C:93:0A:9A:CB:96:0B:5D:B7:E1:A7:04:FA:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/78bun0VfDJMKmsuWC1234acE-oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:780::/44
Signature Algorithm: sha256WithRSAEncryption
a9:5c:bd:36:dc:9c:50:09:27:4a:b8:e7:3d:a1:95:ac:57:c4:
44:90:66:50:d8:0c:af:f3:33:df:8d:de:7a:b2:7f:a3:57:32:
b4:c0:7c:cf:e6:43:7c:0c:0d:18:7b:4b:c9:e6:46:a4:9b:aa:
93:d7:af:45:6c:ad:1d:c5:97:26:31:56:0b:cb:03:7f:d5:af:
98:6f:d8:bf:bd:f9:08:a4:42:98:e2:20:c9:1d:80:47:17:b3:
e9:48:53:72:2b:8d:7e:7f:5d:63:0d:8b:6c:dd:60:4e:fd:43:
78:eb:7f:69:9b:ad:c6:4e:37:cf:5f:a3:34:5f:92:3e:cd:9a:
88:8c:47:cf:aa:2c:5d:87:f1:76:c3:78:d0:47:7a:30:74:3f:
dd:1b:fb:bf:94:05:66:5d:a2:f5:29:16:76:c6:bc:ad:1e:e6:
aa:9c:8b:5a:23:63:35:00:16:f4:f0:74:e3:68:be:dc:96:80:
4e:73:6e:ed:fd:ab:61:11:4f:71:b2:66:f4:d8:c1:28:d1:37:
7b:19:5c:a8:c5:cc:67:d8:27:52:bd:b7:07:8e:36:e2:fc:17:
37:03:c6:99:6d:44:86:9b:6c:44:7b:e6:17:51:7c:09:86:b5:
89:a4:7e:00:9c:00:ee:83:ad:ec:80:a7:71:c4:8f:34:1e:23:
cb:19:b0:f1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEyA2BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
NDA1MDMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZjNmVlOWY0NTVm
MGM5MzBhOWFjYjk2MGI1ZGI3ZTFhNzA0ZmE4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJh52S2rEvNorXb65hWmjxmWUQ3pJseeM85hppgXNsZecAB
XsU9zyL76vcY2VCoYkD6fAkU4HgcJiqTa/PFW9b6wTdojZPvVwGZiU90ZQhuMOKT
oqzOYUeGZbwK5BDOlEBqLXmHpfNB/0h53cFrYBAV6qTPEdGdE/GQ3fNI+4gTxXT6
pSZZsr83r/wNTxetU/FQifeB6RiFgY8sCoesIytCzFimpLCqtbxD3SYTJCf3U9XN
UA87bRS3fncBMmMeoRjeWBPp/6tQptV4hI99qzo57BiV3w84JnVsUO0MiqwzD1c3
x6Tmr0EQu6KFINq2taO4N7JIO4/SXFW+Xtx6t+sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTvxu6fRV8Mkwqay5YLXbfhpwT6gjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
Lzc4YnVuMFZmREpNS21zdVdDMTIzNGFjRS1vSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AHgDANBgkqhkiG9w0BAQsF
AAOCAQEAqVy9NtycUAknSrjnPaGVrFfERJBmUNgMr/Mz343eerJ/o1cytMB8z+ZD
fAwNGHtLyeZGpJuqk9evRWytHcWXJjFWC8sDf9WvmG/Yv735CKRCmOIgyR2ARxez
6UhTciuNfn9dYw2LbN1gTv1DeOt/aZutxk43z1+jNF+SPs2aiIxHz6osXYfxdsN4
0Ed6MHQ/3Rv7v5QFZl2i9SkWdsa8rR7mqpyLWiNjNQAW9PB042i+3JaATnNu7f2r
YRFPcbJm9NjBKNE3exlcqMXMZ9gnUr23B4424vwXNwPGmW1EhptsRHvmF1F8CYa1
iaR+AJwA7oOt7ICnccSPNB4jyxmw8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org