Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5k9IPIagLb7MDrwIam-8u-JQnc.roa
File: C5k9IPIagLb7MDrwIam-8u-JQnc.roa (raw, json)
Hash identifier: 5Qh/CU8zKNOXu6ENGonHeEtmQucEMna1NxpW29AL33w=
Subject key identifier: 0B:99:3D:20:F2:1A:80:B6:FB:30:3A:F0:21:A9:BE:F2:EF:89:42:77
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018506F1E571AFC4AE4FDAEF4166868A8886
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5k9IPIagLb7MDrwIam-8u-JQnc.roa
Signing time: Mon 12 Dec 2022 15:26:34 +0000
ROA not before: Mon 12 Dec 2022 15:26:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d20::/48 maxlen: 48
2a0e:b107:1d22::/48 maxlen: 48
2a0e:b107:1d21::/48 maxlen: 48
2a0e:b107:1d23::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:f1:e5:71:af:c4:ae:4f:da:ef:41:66:86:8a:88:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 12 15:26:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b993d20f21a80b6fb303af021a9bef2ef894277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9a:23:c0:44:eb:72:d7:49:a6:15:69:d2:b4:
70:2a:6f:24:c4:e6:ad:24:fc:01:b5:5f:ae:a7:e4:
58:21:80:50:60:f3:73:5a:d8:b6:b1:45:a1:43:23:
9a:80:e8:ad:76:81:97:66:01:6c:9e:cd:c4:5f:95:
7d:1c:f7:07:ac:3b:e9:fc:ef:f4:a2:a2:b3:99:28:
20:38:b4:ab:5c:e3:3b:33:c8:4d:97:a1:71:50:57:
45:97:74:bd:b8:9c:e3:73:94:b0:df:2b:a4:d3:f4:
cc:09:fb:88:24:ed:82:b5:f1:4a:1d:85:fa:9a:90:
09:2e:6d:82:89:b9:b7:68:b1:c7:ca:0d:2c:fc:b8:
df:18:ae:d5:96:7d:16:6a:5e:09:12:1c:8e:62:74:
7d:22:27:fd:95:65:6f:af:12:e6:e1:38:19:c0:94:
10:17:31:5b:aa:52:b5:4e:2c:de:5e:f2:d5:e5:fc:
cb:34:11:99:77:54:8e:c0:88:51:f3:7f:1f:10:5a:
51:bc:64:41:83:56:5b:27:eb:0b:ae:e6:85:73:c3:
82:fb:12:58:55:7a:e6:56:75:a6:90:3e:05:0b:3a:
9b:57:cf:fd:58:ad:3f:d1:70:de:28:b0:2c:ba:48:
52:c4:c5:f7:ca:e0:52:54:29:87:e8:b5:4c:1b:65:
64:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:99:3D:20:F2:1A:80:B6:FB:30:3A:F0:21:A9:BE:F2:EF:89:42:77
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5k9IPIagLb7MDrwIam-8u-JQnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d20::/46
Signature Algorithm: sha256WithRSAEncryption
20:23:dc:0f:fd:cf:ca:7a:cf:13:02:6f:cf:61:dd:3c:6e:4a:
e3:b1:c6:74:ec:d4:71:43:45:29:34:b7:de:96:f6:e7:1c:98:
b2:68:1f:fe:c0:d8:eb:9d:44:bb:61:97:16:34:87:13:70:47:
78:79:b2:9b:16:8e:92:b1:39:9c:84:1c:3b:6c:09:7f:d9:70:
94:81:50:1a:99:51:e2:7d:3c:fc:67:26:94:40:a0:91:c0:cb:
01:3e:8c:37:59:2b:b0:e5:09:0e:fe:50:21:5b:16:b6:90:94:
cb:53:3c:84:67:06:3f:2c:5f:a9:6e:46:68:97:57:a0:fb:8c:
79:02:21:7f:3d:3d:f3:9f:38:54:af:95:35:bc:9c:51:33:cc:
30:0f:c8:12:f8:3c:b9:59:22:21:d7:b5:36:5a:4f:66:06:26:
05:6f:bd:bf:f5:80:cc:c8:4a:2e:86:f9:13:a5:7c:f6:3d:77:
27:01:5c:38:2c:40:05:1f:eb:f1:ad:18:c3:8f:f8:c7:06:94:
88:c1:81:7f:83:57:ef:a9:d6:9e:cd:4a:18:06:ad:de:f7:e5:
a9:fc:36:ac:46:f1:95:6a:6c:de:62:73:a1:71:38:e3:7d:1a:
d6:97:0a:a1:aa:d6:f3:c6:d9:2a:10:d0:36:c1:f2:d3:ca:c6:
ef:a3:0f:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUG8eVxr8SuT9rvQWaGioiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEyMTUyNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk5M2QyMGYyMWE4MGI2ZmIzMDNhZjAyMWE5YmVmMmVmODk0Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pojwETrctdJphVp0rRwKm8kxOat
JPwBtV+up+RYIYBQYPNzWti2sUWhQyOagOitdoGXZgFsns3EX5V9HPcHrDvp/O/0
oqKzmSggOLSrXOM7M8hNl6FxUFdFl3S9uJzjc5Sw3yuk0/TMCfuIJO2CtfFKHYX6
mpAJLm2Cibm3aLHHyg0s/LjfGK7Vln0Wal4JEhyOYnR9Iif9lWVvrxLm4TgZwJQQ
FzFbqlK1TizeXvLV5fzLNBGZd1SOwIhR838fEFpRvGRBg1ZbJ+sLruaFc8OC+xJY
VXrmVnWmkD4FCzqbV8/9WK0/0XDeKLAsukhSxMX3yuBSVCmH6LVMG2Vk9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAuZPSDyGoC2+zA68CGpvvLviUJ3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQzVrOUlQSWFnTGI3TURyd0lhbS04dS1KUW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBx0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAgI9wP/c/Kes8TAm/PYd08bkrjscZ07NRxQ0Up
NLfelvbnHJiyaB/+wNjrnUS7YZcWNIcTcEd4ebKbFo6SsTmchBw7bAl/2XCUgVAa
mVHifTz8ZyaUQKCRwMsBPow3WSuw5QkO/lAhWxa2kJTLUzyEZwY/LF+pbkZol1eg
+4x5AiF/PT3znzhUr5U1vJxRM8wwD8gS+Dy5WSIh17U2Wk9mBiYFb72/9YDMyEou
hvkTpXz2PXcnAVw4LEAFH+vxrRjDj/jHBpSIwYF/g1fvqdaezUoYBq3e9+Wp/Das
RvGVamzeYnOhcTjjfRrWlwqhqtbzxtkqENA2wfLTysbvow8n
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org