Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vmm29xSU-Ov5-q8D9g2Z69xCiE.roa
File: 9vmm29xSU-Ov5-q8D9g2Z69xCiE.roa (raw, json)
Hash identifier: RtsPoOv7FZOUgpTexm7g/sq6+I5IwsM+ygLN9qWktKk=
Subject key identifier: F6:F9:A6:DB:DC:52:53:E3:AF:E7:EA:BC:0F:D8:36:67:AF:71:0A:21
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01833584AC14A824E37213C39160C60F4D2F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vmm29xSU-Ov5-q8D9g2Z69xCiE.roa
Signing time: Tue 13 Sep 2022 06:23:50 +0000
ROA not before: Tue 13 Sep 2022 06:23:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142289
IP address blocks: 2a0e:b107:15f0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:84:ac:14:a8:24:e3:72:13:c3:91:60:c6:0f:4d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 13 06:23:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6f9a6dbdc5253e3afe7eabc0fd83667af710a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7d:a3:08:23:a4:a4:8e:d4:06:30:59:62:6f:
b1:35:a0:c8:3f:95:cf:c1:90:5d:4c:c5:7f:12:95:
fd:1b:d7:99:81:e9:f3:3a:82:88:6f:d6:6f:61:8e:
53:80:89:18:e2:d0:93:91:7b:04:40:24:34:b7:80:
3c:fd:5a:3e:5d:61:a0:2c:7c:58:87:c1:a7:11:7b:
ae:c9:b8:b5:5c:3a:cd:22:39:ce:f1:aa:3e:6f:91:
2b:4a:1c:93:02:66:38:a0:4c:bd:d9:e7:e4:e9:6d:
61:49:7f:48:3e:67:52:29:e2:ea:13:d8:d0:80:bf:
d5:99:55:5d:e5:2b:79:e4:30:3f:1e:ff:97:ae:84:
63:97:ed:3c:d3:d6:66:d6:1e:14:fa:ae:d3:5f:1e:
25:c5:02:c9:37:01:55:d5:db:ea:ad:d9:55:46:01:
7f:19:1a:5b:9a:c1:ab:bc:f5:58:66:2a:c6:78:3d:
b7:f7:ff:21:1f:1c:8b:e0:f1:3d:2d:ba:0e:b6:a7:
9e:99:4d:fa:68:32:4f:59:ee:46:db:44:d0:c6:e5:
6f:22:15:7d:77:4a:c0:74:82:d1:b8:47:cf:a2:f6:
45:79:57:90:d7:d7:d1:3c:35:e3:6b:29:b6:18:c7:
d3:9e:f3:ed:95:d1:c6:7e:e3:94:ef:01:f9:fb:97:
66:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F9:A6:DB:DC:52:53:E3:AF:E7:EA:BC:0F:D8:36:67:AF:71:0A:21
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9vmm29xSU-Ov5-q8D9g2Z69xCiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:15f0::/44
Signature Algorithm: sha256WithRSAEncryption
5f:95:99:b7:4e:7a:a7:65:a4:8f:56:a7:a5:88:6e:11:da:32:
38:78:12:09:ce:65:d8:9d:51:4b:9c:81:56:17:fa:33:39:9f:
c1:03:dd:27:9e:9f:d5:b3:85:4f:cc:d5:97:ee:14:f4:9b:65:
0d:7f:77:cf:76:98:80:a6:b3:a6:bb:1e:dc:27:50:ad:fe:a9:
56:41:14:84:10:e6:93:3f:ed:17:df:cb:99:a3:b3:c9:c3:d2:
50:5e:62:de:73:ac:64:46:c3:97:fa:2d:8b:de:f2:29:d0:28:
80:85:e9:7c:47:4a:53:ca:e8:ef:86:44:20:b7:1a:a2:73:13:
90:d7:e0:d0:19:e4:d4:a2:e5:42:06:e3:2b:a8:be:f9:58:f1:
81:a5:74:61:88:e2:e6:4c:fe:35:0f:83:7b:94:21:87:94:b0:
73:91:04:38:54:c6:67:a4:f3:01:92:cd:c7:36:b0:36:58:13:
c6:a6:f2:aa:74:50:07:02:9d:1e:76:a6:7f:5b:bf:8f:4f:ea:
e2:74:9e:f3:60:68:c0:c5:14:f5:fe:77:c8:1e:bf:8f:f9:7c:
c8:e1:3d:73:0e:11:12:d4:55:a8:ea:5f:b6:8e:ff:f2:d6:30:
7c:18:e8:74:b6:9e:cf:f6:12:50:fb:97:f4:1a:d3:79:8a:80:
92:9f:41:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYM1hKwUqCTjchPDkWDGD00vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTEzMDYyMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY5YTZkYmRjNTI1M2UzYWZlN2VhYmMwZmQ4MzY2N2FmNzEwYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX2jCCOkpI7UBjBZYm+xNaDIP5XP
wZBdTMV/EpX9G9eZgenzOoKIb9ZvYY5TgIkY4tCTkXsEQCQ0t4A8/Vo+XWGgLHxY
h8GnEXuuybi1XDrNIjnO8ao+b5ErShyTAmY4oEy92efk6W1hSX9IPmdSKeLqE9jQ
gL/VmVVd5St55DA/Hv+XroRjl+0809Zm1h4U+q7TXx4lxQLJNwFV1dvqrdlVRgF/
GRpbmsGrvPVYZirGeD239/8hHxyL4PE9LboOtqeemU36aDJPWe5G20TQxuVvIhV9
d0rAdILRuEfPovZFeVeQ19fRPDXjaym2GMfTnvPtldHGfuOU7wH5+5dmhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPb5ptvcUlPjr+fqvA/YNmevcQohMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOXZtbTI5eFNVLU92NS1xOEQ5ZzJaNjl4Q2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxXw
MA0GCSqGSIb3DQEBCwUAA4IBAQBflZm3TnqnZaSPVqeliG4R2jI4eBIJzmXYnVFL
nIFWF/ozOZ/BA90nnp/Vs4VPzNWX7hT0m2UNf3fPdpiAprOmux7cJ1Ct/qlWQRSE
EOaTP+0X38uZo7PJw9JQXmLec6xkRsOX+i2L3vIp0CiAhel8R0pTyujvhkQgtxqi
cxOQ1+DQGeTUouVCBuMrqL75WPGBpXRhiOLmTP41D4N7lCGHlLBzkQQ4VMZnpPMB
ks3HNrA2WBPGpvKqdFAHAp0edqZ/W7+PT+ridJ7zYGjAxRT1/nfIHr+P+XzI4T1z
DhES1FWo6l+2jv/y1jB8GOh0tp7P9hJQ+5f0GtN5ioCSn0HZ
-----END CERTIFICATE-----