Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9nLj6cRtIAL7Ruvq6KGs4IHERlM.roa
File: 9nLj6cRtIAL7Ruvq6KGs4IHERlM.roa (raw, json)
Hash identifier: CbBBAqFH0RaYXXcFn/zmx/ro+soWMgENVG67tbbQiq4=
Subject key identifier: F6:72:E3:E9:C4:6D:20:02:FB:46:EB:EA:E8:A1:AC:E0:81:C4:46:53
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 109380B5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9nLj6cRtIAL7Ruvq6KGs4IHERlM.roa
Signing time: Sat 01 Jan 2022 09:05:02 +0000
ROA not before: Sat 01 Jan 2022 09:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204307
IP address blocks: 2a0e:b107:ac0::/48 maxlen: 48
2a0e:b107:ac2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278102197 (0x109380b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f672e3e9c46d2002fb46ebeae8a1ace081c44653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:1f:6b:9f:1a:63:d5:30:56:3e:89:04:68:
f0:18:ce:a8:52:e3:30:0c:d2:16:0c:ac:00:85:4a:
8d:8d:37:b2:ac:96:95:0e:ea:b5:71:5e:54:45:9e:
7a:59:00:29:4f:95:8d:c7:e2:3b:b9:da:78:53:54:
5e:55:ff:7c:4c:68:30:0b:21:6a:90:93:4c:2a:2d:
d1:f5:53:20:1d:06:14:44:0f:87:07:38:06:55:d6:
01:d2:40:30:98:c9:a0:b7:f1:ad:39:e4:83:86:53:
f5:93:a6:4e:aa:d9:15:ec:27:88:d8:e2:fd:9a:68:
48:92:09:75:57:6e:d8:ca:95:47:f5:04:ac:8e:c7:
88:30:fd:62:81:d3:11:ea:89:c0:b1:4c:b2:ed:b4:
80:35:1c:84:d7:44:fb:7e:78:2e:9f:8c:e5:7f:02:
26:91:fa:bb:a0:73:06:bb:84:88:4e:8e:2a:df:91:
71:a7:dc:59:cf:8f:6d:42:24:eb:53:d8:b1:d0:2e:
64:24:01:55:82:d4:69:ac:9a:71:69:10:e9:1b:09:
dc:67:86:c7:0d:cc:64:a7:89:d1:4e:ea:8e:b6:ff:
2e:fa:74:c5:8b:85:bd:ac:44:ba:e2:68:2a:8b:c9:
a6:62:88:13:69:03:62:49:de:a2:9f:1e:f8:d2:c5:
d4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:72:E3:E9:C4:6D:20:02:FB:46:EB:EA:E8:A1:AC:E0:81:C4:46:53
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9nLj6cRtIAL7Ruvq6KGs4IHERlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ac0::/48
2a0e:b107:ac2::/48
Signature Algorithm: sha256WithRSAEncryption
4e:20:cd:95:7f:60:72:b9:13:64:a3:97:9d:eb:9a:3d:3f:92:
e6:ae:24:3d:45:03:86:23:1f:6b:c2:47:6e:3f:7f:e4:a4:ab:
b2:1a:b0:c5:0c:e8:3c:5b:d0:fa:5a:be:0b:0c:0f:c7:fa:7a:
3d:25:1e:8f:a3:c5:fe:63:b9:e1:c2:d5:f2:ee:6e:b9:cf:54:
d1:3a:63:00:13:a4:4f:27:65:e4:a4:cb:4f:a2:17:86:d2:87:
c1:46:86:68:49:6c:c4:ae:7a:34:3a:58:60:2c:97:d4:17:8d:
6d:dc:6d:0d:39:8d:5c:46:67:e4:c0:1e:7d:25:47:ea:06:21:
db:3e:1a:9f:b5:82:9f:5a:b4:02:a0:40:5d:83:bd:60:e8:3c:
a1:d7:a8:3a:79:e5:ac:df:4b:c3:ad:c3:15:98:a1:e5:af:00:
05:16:76:fb:f4:65:1d:7a:8e:69:da:a7:be:39:06:ce:50:b4:
ea:12:f8:32:9e:4a:1b:ed:83:aa:6f:22:8f:fd:56:ad:28:8e:
4f:8b:32:ce:ef:6c:0f:4d:35:e5:f4:34:e3:47:2e:7c:6c:6e:
ec:dc:69:4c:e5:f5:75:e6:a3:5f:44:b6:02:52:f4:85:73:56:
63:bc:43:2d:27:4a:7b:a8:97:f3:9d:64:3d:38:df:1b:72:b7:
e9:9a:0c:0f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEJOAtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY3MmUzZTljNDZk
MjAwMmZiNDZlYmVhZThhMWFjZTA4MWM0NDY1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5IH2ufGmPVMFY+iQRo8BjOqFLjMAzSFgysAIVKjY03sqyW
lQ7qtXFeVEWeelkAKU+VjcfiO7naeFNUXlX/fExoMAshapCTTCot0fVTIB0GFEQP
hwc4BlXWAdJAMJjJoLfxrTnkg4ZT9ZOmTqrZFewniNji/ZpoSJIJdVdu2MqVR/UE
rI7HiDD9YoHTEeqJwLFMsu20gDUchNdE+354Lp+M5X8CJpH6u6BzBruEiE6OKt+R
cafcWc+PbUIk61PYsdAuZCQBVYLUaayacWkQ6RsJ3GeGxw3MZKeJ0U7qjrb/Lvp0
xYuFvaxEuuJoKovJpmKIE2kDYkneop8e+NLF1OECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT2cuPpxG0gAvtG6+rooazggcRGUzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzluTGo2Y1J0SUFMN1J1dnE2S0dzNElIRVJsTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOsQcKwAMHACoOsQcKwjANBgkq
hkiG9w0BAQsFAAOCAQEATiDNlX9gcrkTZKOXneuaPT+S5q4kPUUDhiMfa8JHbj9/
5KSrshqwxQzoPFvQ+lq+CwwPx/p6PSUej6PF/mO54cLV8u5uuc9U0TpjABOkTydl
5KTLT6IXhtKHwUaGaElsxK56NDpYYCyX1BeNbdxtDTmNXEZn5MAefSVH6gYh2z4a
n7WCn1q0AqBAXYO9YOg8odeoOnnlrN9Lw63DFZih5a8ABRZ2+/RlHXqOadqnvjkG
zlC06hL4Mp5KG+2Dqm8ij/1WrSiOT4syzu9sD0015fQ040cufGxu7NxpTOX1deaj
X0S2AlL0hXNWY7xDLSdKe6iX851kPTjfG3K36ZoMDw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org