Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8GfUll21Skto6RFDdMwiUvdvkdg.roa
File: 8GfUll21Skto6RFDdMwiUvdvkdg.roa (raw, json)
Hash identifier: npDXwD/WG5Wt3QMqAPkBKzmm9gbC2tHw2N2buSbUdsI=
Subject key identifier: F0:67:D4:96:5D:B5:4A:4B:68:E9:11:43:74:CC:22:52:F7:6F:91:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184CFE6368208D2FD635DDD58B97A837FFB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8GfUll21Skto6RFDdMwiUvdvkdg.roa
Signing time: Thu 01 Dec 2022 22:54:41 +0000
ROA not before: Thu 01 Dec 2022 22:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:97c0:5d0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cf:e6:36:82:08:d2:fd:63:5d:dd:58:b9:7a:83:7f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 22:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f067d4965db54a4b68e9114374cc2252f76f91d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:97:ac:04:e1:f7:a2:46:cb:f2:24:76:3d:5d:
e3:ca:ab:41:18:d0:d6:92:8a:70:c4:5c:80:05:6d:
f3:c9:08:60:47:6d:db:7c:27:94:7f:af:ea:8e:ea:
1c:f6:f1:00:dc:1e:0a:64:8f:d6:dd:bd:d9:a7:8f:
3e:f5:5a:31:db:cc:52:f6:2e:2b:07:69:f8:02:49:
1f:ef:0e:f4:26:6a:0d:df:ef:68:83:67:1e:16:99:
1e:aa:32:e5:24:f0:23:65:74:88:ea:4d:ff:f1:91:
74:8d:b1:5e:74:19:60:12:ba:8e:89:dd:55:ff:dd:
8c:42:b6:c5:c6:0c:ba:7b:fa:b4:3e:b9:99:44:6e:
1f:ad:e1:94:61:30:0a:90:ac:13:70:0d:dd:46:31:
3e:d1:40:7d:fb:30:3a:08:1c:49:c8:07:04:a0:7f:
b9:66:a1:2e:67:32:d7:57:15:3b:73:12:cf:c0:e4:
3c:3f:20:5f:5c:e5:fe:8d:aa:be:c5:fa:e8:6e:30:
eb:c1:6a:d7:55:b6:4e:f0:10:4d:4a:4d:ec:32:f2:
b3:a5:aa:3b:04:05:3c:88:82:fb:47:fb:11:1d:24:
5c:a5:55:9e:6e:b9:2d:b3:62:8a:71:61:b7:b4:e0:
bb:76:aa:07:be:dc:77:03:42:36:f0:b9:84:d2:cf:
37:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:67:D4:96:5D:B5:4A:4B:68:E9:11:43:74:CC:22:52:F7:6F:91:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8GfUll21Skto6RFDdMwiUvdvkdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5d0::/48
Signature Algorithm: sha256WithRSAEncryption
01:7e:30:b8:e0:f7:71:f9:50:52:8b:bd:9e:f7:32:6d:2f:c2:
63:92:75:0b:fd:98:29:f6:3c:62:94:51:b1:e1:1d:b2:de:9f:
b6:ff:92:fb:61:10:d0:54:2a:05:0e:90:a0:38:60:4c:8e:7b:
0c:39:59:62:31:8d:9e:37:fa:42:48:32:9e:1f:79:38:ce:72:
41:12:70:54:26:d0:d3:16:61:13:8d:b3:59:27:c4:ec:79:d1:
86:12:e4:c7:bd:42:90:00:ca:03:48:b8:e1:01:91:e6:7c:38:
65:69:f6:5f:5c:27:98:81:03:b0:a6:28:9c:47:e0:64:5b:1b:
80:66:c7:b6:ab:95:14:bd:b3:fa:26:b7:7a:a5:d9:b8:dd:57:
c4:92:2e:ee:cf:84:0c:c6:0f:6c:67:f1:1c:91:e4:81:6c:59:
7c:6a:61:f4:71:dd:4d:0d:1a:a8:14:1f:50:b4:bb:6c:ee:a1:
db:03:bd:4e:73:56:90:06:3c:22:9d:67:f2:0f:26:06:d0:4a:
c7:b1:7c:c0:7b:3f:25:9c:44:9c:ff:51:cd:1f:95:e0:52:4f:
12:2f:2a:20:26:20:be:32:94:20:ca:b8:ec:2e:6f:51:3c:5a:
f1:1a:8e:ab:c5:b4:6b:7b:78:46:26:da:de:80:61:e8:9d:09:
b5:7a:39:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTP5jaCCNL9Y13dWLl6g3/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjAxMjI1NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDY3ZDQ5NjVkYjU0YTRiNjhlOTExNDM3NGNjMjI1MmY3NmY5MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpesBOH3okbL8iR2PV3jyqtBGNDW
kopwxFyABW3zyQhgR23bfCeUf6/qjuoc9vEA3B4KZI/W3b3Zp48+9Vox28xS9i4r
B2n4Akkf7w70JmoN3+9og2ceFpkeqjLlJPAjZXSI6k3/8ZF0jbFedBlgErqOid1V
/92MQrbFxgy6e/q0PrmZRG4freGUYTAKkKwTcA3dRjE+0UB9+zA6CBxJyAcEoH+5
ZqEuZzLXVxU7cxLPwOQ8PyBfXOX+jaq+xfrobjDrwWrXVbZO8BBNSk3sMvKzpao7
BAU8iIL7R/sRHSRcpVWebrkts2KKcWG3tOC7dqoHvtx3A0I28LmE0s83mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPBn1JZdtUpLaOkRQ3TMIlL3b5HYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOEdmVWxsMjFTa3RvNlJGRGRNd2lVdmR2a2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAXQ
MA0GCSqGSIb3DQEBCwUAA4IBAQABfjC44Pdx+VBSi72e9zJtL8JjknUL/Zgp9jxi
lFGx4R2y3p+2/5L7YRDQVCoFDpCgOGBMjnsMOVliMY2eN/pCSDKeH3k4znJBEnBU
JtDTFmETjbNZJ8TsedGGEuTHvUKQAMoDSLjhAZHmfDhlafZfXCeYgQOwpiicR+Bk
WxuAZse2q5UUvbP6Jrd6pdm43VfEki7uz4QMxg9sZ/EckeSBbFl8amH0cd1NDRqo
FB9QtLts7qHbA71Oc1aQBjwinWfyDyYG0ErHsXzAez8lnESc/1HNH5XgUk8SLyog
JiC+MpQgyrjsLm9RPFrxGo6rxbRre3hGJtregGHonQm1ejkr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org