Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xTFRRLW-513CtRyVubAXosuN48.roa
File: 8xTFRRLW-513CtRyVubAXosuN48.roa (raw, json)
Hash identifier: o4v0XNW903dxpe7hQzNJpjH0G4OuTPcAobQT6/obrQE=
Subject key identifier: F3:14:C5:45:12:D6:FB:9D:77:0A:D4:72:56:E6:C0:5E:8B:2E:37:8F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 157D5B1A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xTFRRLW-513CtRyVubAXosuN48.roa
Signing time: Sun 03 Jul 2022 20:59:19 +0000
ROA not before: Sun 03 Jul 2022 20:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204374
IP address blocks: 2a0e:b107:ba0::/48 maxlen: 48
2a0e:b107:ba5::/48 maxlen: 48
2a0e:b107:baa::/48 maxlen: 48
2a0e:b107:baf::/48 maxlen: 48
2a0e:b107:ba4::/48 maxlen: 48
2a0e:b107:ba9::/48 maxlen: 48
2a0e:b107:bae::/48 maxlen: 48
2a0e:b107:ba3::/48 maxlen: 48
2a0e:b107:ba8::/48 maxlen: 48
2a0e:b107:bad::/48 maxlen: 48
2a0e:b107:ba0::/44 maxlen: 48
2a0e:b107:ba2::/48 maxlen: 48
2a0e:b107:ba7::/48 maxlen: 48
2a0e:b107:bac::/48 maxlen: 48
2a0e:b107:ba1::/48 maxlen: 48
2a0e:b107:ba6::/48 maxlen: 48
2a0e:b107:bab::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360536858 (0x157d5b1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 3 20:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f314c54512d6fb9d770ad47256e6c05e8b2e378f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:0a:b9:4b:bb:f5:e9:f4:b2:dc:63:90:12:
74:a9:f8:26:bc:7c:5c:dd:19:61:7b:e5:9d:ab:d4:
67:7b:62:0e:d3:c6:b5:99:a6:d8:cf:0b:34:a8:51:
6e:bc:a5:fa:df:e6:fb:4e:9d:28:3f:bd:e5:43:00:
75:a5:7a:4c:f1:95:8d:ee:41:b3:63:3a:8a:78:99:
0e:da:33:c7:eb:6e:73:02:0a:1b:86:77:8d:93:96:
86:36:2e:48:e7:6b:75:4b:e4:ea:e0:41:4a:ef:3a:
4f:4c:26:96:89:eb:01:ec:e5:71:2f:3f:f2:cb:4d:
77:46:c0:2c:ea:40:e8:03:f5:db:08:e1:6e:de:ca:
67:c0:6a:5d:d2:31:7c:57:cb:79:08:dc:c3:98:c6:
0b:4b:9f:36:ff:8a:4f:8c:a3:46:18:ae:e5:cd:10:
3a:1d:88:55:d6:c0:3f:25:e7:87:5d:e4:a0:c9:f0:
b4:da:ba:d2:48:d6:fd:c6:48:5b:78:eb:a6:40:86:
65:79:9f:fb:87:6f:44:6f:42:5b:94:fd:8c:75:e1:
dd:1b:4d:52:71:87:0a:ae:74:5a:14:22:4b:2b:0a:
96:6f:0f:57:cb:e6:39:3b:5d:87:fe:b7:31:f2:9d:
94:01:3f:e0:b7:b5:01:41:d4:c7:f5:bf:c0:1b:87:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:14:C5:45:12:D6:FB:9D:77:0A:D4:72:56:E6:C0:5E:8B:2E:37:8F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xTFRRLW-513CtRyVubAXosuN48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
36:76:49:16:60:84:04:6d:c5:7c:e3:1e:bc:bf:c3:d4:49:3b:
02:90:09:ed:af:e0:2d:89:f0:b2:4c:db:b8:4b:1b:d5:11:77:
f0:d5:1c:49:0d:57:c5:f7:c5:d9:ba:f0:b3:52:ac:cc:4e:ff:
a1:53:a1:f1:fc:12:ca:43:c0:e5:2b:b9:97:24:1a:98:fb:bc:
f2:20:18:32:63:b3:d4:05:41:fd:f3:ff:0f:4f:b4:10:98:76:
51:8c:c9:bf:89:f4:00:f7:98:76:f9:59:2c:2e:de:8e:f0:94:
76:81:37:76:57:4f:a7:a8:c5:9b:5e:8d:44:75:52:b2:44:c5:
a7:90:0f:11:09:3b:2b:a6:22:7a:a2:fe:95:0b:d1:fc:d0:19:
85:f7:9e:85:93:06:dd:f6:02:47:0c:ec:d6:0c:b8:48:69:e5:
ab:b4:a8:39:5d:21:46:27:ca:2d:07:b5:78:d6:b2:da:8c:32:
86:36:0c:69:94:62:ca:30:6f:0a:ca:ab:79:ef:a1:fd:77:58:
ad:3e:5e:3a:9c:78:6e:df:5c:ab:3b:17:43:ef:b3:bc:9c:60:
f3:5b:db:74:54:bf:4c:f2:4a:8e:ce:4e:c2:b3:f9:58:3d:72:
76:7e:05:f3:5a:ec:59:2b:1b:5a:d3:4c:e0:02:85:ba:a4:86:
37:c4:c0:41
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFX1bGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDcw
MzIwNTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjMxNGM1NDUxMmQ2
ZmI5ZDc3MGFkNDcyNTZlNmMwNWU4YjJlMzc4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdKCrlLu/Xp9LLcY5ASdKn4Jrx8XN0ZYXvlnavUZ3tiDtPG
tZmm2M8LNKhRbryl+t/m+06dKD+95UMAdaV6TPGVje5Bs2M6iniZDtozx+tucwIK
G4Z3jZOWhjYuSOdrdUvk6uBBSu86T0wmlonrAezlcS8/8stNd0bALOpA6AP12wjh
bt7KZ8BqXdIxfFfLeQjcw5jGC0ufNv+KT4yjRhiu5c0QOh2IVdbAPyXnh13koMnw
tNq60kjW/cZIW3jrpkCGZXmf+4dvRG9CW5T9jHXh3RtNUnGHCq50WhQiSysKlm8P
V8vmOTtdh/63MfKdlAE/4Le1AUHUx/W/wBuH5xMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTzFMVFEtb7nXcK1HJW5sBeiy43jzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
Lzh4VEZSUkxXLTUxM0N0UnlWdWJBWG9zdU40OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcLoDANBgkqhkiG9w0BAQsF
AAOCAQEANnZJFmCEBG3FfOMevL/D1Ek7ApAJ7a/gLYnwskzbuEsb1RF38NUcSQ1X
xffF2brws1KszE7/oVOh8fwSykPA5Su5lyQamPu88iAYMmOz1AVB/fP/D0+0EJh2
UYzJv4n0APeYdvlZLC7ejvCUdoE3dldPp6jFm16NRHVSskTFp5APEQk7K6YieqL+
lQvR/NAZhfeehZMG3fYCRwzs1gy4SGnlq7SoOV0hRifKLQe1eNay2owyhjYMaZRi
yjBvCsqree+h/XdYrT5eOpx4bt9cqzsXQ++zvJxg81vbdFS/TPJKjs5OwrP5WD1y
dn4F81rsWSsbWtNM4AKFuqSGN8TAQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org