Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AHrmqegBKyuXASvdh6kHEUzVrbc.roa
File: AHrmqegBKyuXASvdh6kHEUzVrbc.roa (raw, json)
Hash identifier: uYmNFD/D9UNxqt+WZe1bepUCniU0IXDAm9BeS/Eyzmo=
Subject key identifier: 00:7A:E6:A9:E8:01:2B:2B:97:01:2B:DD:87:A9:07:11:4C:D5:AD:B7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183F557C30D0D6A5BB966D99877B47BCC38
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AHrmqegBKyuXASvdh6kHEUzVrbc.roa
Signing time: Thu 20 Oct 2022 12:21:52 +0000
ROA not before: Thu 20 Oct 2022 12:21:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:97c6:6300::/40 maxlen: 48
2a0e:97c6:5400::/40 maxlen: 48
2a0e:97c6:6c00::/40 maxlen: 48
2a0e:97c6:4400::/40 maxlen: 48
2a0e:97c6:6900::/40 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a0e:97c6:4200::/40 maxlen: 48
2a0e:97c6:7a00::/40 maxlen: 48
2a0e:97c6:5a00::/40 maxlen: 48
2a0e:97c6:5200::/40 maxlen: 48
2a10:cc42:1900::/40 maxlen: 48
2a10:cc42:1a00::/40 maxlen: 48
2a10:cc42:1700::/40 maxlen: 48
2a10:cc42:1b00::/40 maxlen: 48
2a10:cc42:1000::/40 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:57:c3:0d:0d:6a:5b:b9:66:d9:98:77:b4:7b:cc:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 20 12:21:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=007ae6a9e8012b2b97012bdd87a907114cd5adb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:fc:55:c2:ea:36:98:94:35:5c:bf:28:82:
7e:50:a4:ec:27:a1:39:7e:2b:6e:72:60:be:46:df:
5e:b0:51:ce:00:85:81:5b:27:84:f0:03:2d:85:6e:
64:ce:0e:33:6a:93:ac:8f:e9:71:da:f3:fb:c6:48:
0f:56:88:4f:5e:83:36:5b:2b:68:f1:f2:c3:56:23:
8f:16:e2:9e:b8:32:cf:1e:81:98:9a:09:7c:58:3a:
24:e5:2f:89:f1:1e:2d:3e:02:7f:41:f7:96:fa:16:
a2:a4:77:ad:89:ab:81:35:79:df:08:89:e5:67:1c:
b5:56:fb:96:27:28:3c:64:a7:64:f5:3f:07:83:ef:
5d:c6:5a:61:65:0e:de:a6:7b:95:7f:67:93:17:89:
19:2e:88:a3:6b:e5:df:ea:34:a3:31:27:19:b9:9a:
9e:3f:9b:9a:13:e1:1a:cb:03:ae:4d:fc:2d:2e:2f:
5f:70:c1:c1:f9:7e:55:a2:fb:cd:8a:16:35:57:e3:
f0:e4:f4:19:f8:04:73:61:6d:71:dd:f2:e4:d8:d1:
bd:36:ce:5c:65:bb:79:23:49:fe:a3:4c:9b:cb:29:
dd:8d:22:d7:29:8d:ea:8e:9c:c6:57:50:eb:07:6c:
fb:c1:ff:7e:df:4d:de:d2:99:85:60:0d:51:0f:2c:
10:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7A:E6:A9:E8:01:2B:2B:97:01:2B:DD:87:A9:07:11:4C:D5:AD:B7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AHrmqegBKyuXASvdh6kHEUzVrbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:4000::/34
2a10:cc42:1000::/36
Signature Algorithm: sha256WithRSAEncryption
8e:3e:31:52:ab:10:57:08:09:10:fb:70:18:7a:f7:15:53:c4:
08:4f:d6:db:64:a5:65:9d:11:fc:89:0d:7d:44:f1:05:fe:05:
9f:c5:8b:16:97:67:86:40:81:68:1d:81:ad:1b:37:6b:db:e8:
b1:f7:86:74:39:c6:88:b6:e2:48:42:30:0c:d9:61:13:8a:21:
d7:31:50:32:a1:53:58:76:91:ef:74:56:8c:5a:e3:31:3f:04:
99:90:4e:00:aa:e1:b1:e2:52:e9:e9:18:40:88:0e:7e:f5:03:
50:37:11:20:d9:21:95:5a:a7:82:95:c3:2c:5c:a9:29:7b:92:
86:78:c9:86:2a:ae:2b:e8:92:96:f4:cd:2c:c0:e0:05:af:05:
c4:09:5d:74:2b:e2:24:27:c9:36:85:80:bd:33:ac:ca:d2:92:
3c:66:5d:83:e1:31:8f:3d:e9:89:58:ab:82:98:2e:bc:6a:b0:
e9:a6:63:e1:85:35:67:ad:da:40:d3:d9:06:f5:59:2e:7d:9d:
93:e5:2b:8f:3b:c4:4f:3f:29:7e:9a:94:2f:fb:8f:6c:ef:a2:
de:2d:78:bd:0c:10:c8:58:b3:17:27:7a:e5:b3:40:63:44:1c:
8b:e5:14:51:c7:b8:49:aa:cc:e0:1e:0e:24:a3:a8:e6:c4:46:
99:c1:05:12
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYP1V8MNDWpbuWbZmHe0e8w4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIwMTIyMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdhZTZhOWU4MDEyYjJiOTcwMTJiZGQ4N2E5MDcxMTRjZDVhZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1v8VcLqNpiUNVy/KIJ+UKTsJ6E5
fitucmC+Rt9esFHOAIWBWyeE8AMthW5kzg4zapOsj+lx2vP7xkgPVohPXoM2Wyto
8fLDViOPFuKeuDLPHoGYmgl8WDok5S+J8R4tPgJ/QfeW+haipHetiauBNXnfCInl
Zxy1VvuWJyg8ZKdk9T8Hg+9dxlphZQ7epnuVf2eTF4kZLoija+Xf6jSjMScZuZqe
P5uaE+EaywOuTfwtLi9fcMHB+X5VovvNihY1V+Pw5PQZ+ARzYW1x3fLk2NG9Ns5c
Zbt5I0n+o0ybyyndjSLXKY3qjpzGV1DrB2z7wf9+303e0pmFYA1RDywQNQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFAB65qnoASsrlwEr3YepBxFM1a23MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQUhybXFlZ0JLeXVYQVN2ZGg2a0hFVXpWcmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYGKg6XxkAD
BgQqEMxCEDANBgkqhkiG9w0BAQsFAAOCAQEAjj4xUqsQVwgJEPtwGHr3FVPECE/W
22SlZZ0R/IkNfUTxBf4Fn8WLFpdnhkCBaB2BrRs3a9vosfeGdDnGiLbiSEIwDNlh
E4oh1zFQMqFTWHaR73RWjFrjMT8EmZBOAKrhseJS6ekYQIgOfvUDUDcRINkhlVqn
gpXDLFypKXuShnjJhiquK+iSlvTNLMDgBa8FxAlddCviJCfJNoWAvTOsytKSPGZd
g+Exjz3piVirgpguvGqw6aZj4YU1Z63aQNPZBvVZLn2dk+UrjzvETz8pfpqUL/uP
bO+i3i14vQwQyFizFyd65bNAY0Qci+UUUce4SarM4B4OJKOo5sRGmcEFEg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org