Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CuKC1yNW719U2tKo-kiZ-YBqoR8.roa
File: CuKC1yNW719U2tKo-kiZ-YBqoR8.roa (raw, json)
Hash identifier: 6kXF3rca0hdnuGaK11403YjSkGRdxkbo/+eRc7mkSok=
Subject key identifier: 0A:E2:82:D7:23:56:EF:5F:54:DA:D2:A8:FA:48:99:F9:80:6A:A1:1F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 117B7A0D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CuKC1yNW719U2tKo-kiZ-YBqoR8.roa
Signing time: Mon 24 Jan 2022 11:09:48 +0000
ROA not before: Mon 24 Jan 2022 11:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210320
IP address blocks: 2a0e:b107:18c1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293304845 (0x117b7a0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 11:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ae282d72356ef5f54dad2a8fa4899f9806aa11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:45:2e:79:12:e3:06:50:6f:9b:ea:1a:06:
b3:e2:cb:4b:6a:c2:d8:4f:1e:45:d7:67:8e:91:10:
f3:a0:17:c9:72:69:06:7f:ca:cb:27:fc:eb:81:cc:
35:5c:3a:ee:b1:bc:4a:ec:2b:91:f7:da:81:36:03:
dc:d4:9e:cc:87:49:6b:6a:af:4a:4d:68:4b:06:08:
07:84:a3:61:44:16:b6:2f:0e:ab:f7:ad:ae:52:b9:
21:53:09:ca:2c:92:cf:30:f8:5b:04:73:68:02:0d:
86:7b:b1:ba:79:25:45:83:2a:2b:b5:3a:c3:75:5e:
4f:48:75:a4:a7:62:ff:36:57:4d:bf:90:00:94:7b:
5f:2a:07:96:60:21:45:72:f8:d2:7e:d6:b9:b5:9f:
f6:b4:fd:31:f6:41:3c:94:8b:9c:65:e6:64:f2:0c:
80:03:b7:2f:22:b5:f2:0a:ca:09:2b:76:eb:a6:a0:
0f:d2:c0:72:22:e5:5c:3f:03:4d:cf:54:12:0e:05:
c3:83:8e:75:1d:78:95:50:da:d3:94:ae:5a:2d:24:
1f:c3:32:e6:f3:93:62:89:d3:98:f2:1d:86:27:97:
bf:86:3e:e8:e0:eb:da:41:9d:98:66:70:a9:ac:be:
3a:3a:8b:32:94:b6:af:b9:3e:52:c8:72:f5:3a:1e:
17:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E2:82:D7:23:56:EF:5F:54:DA:D2:A8:FA:48:99:F9:80:6A:A1:1F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CuKC1yNW719U2tKo-kiZ-YBqoR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:18c1::/48
Signature Algorithm: sha256WithRSAEncryption
81:9c:df:99:0d:d7:73:95:82:02:2b:f1:4a:85:13:ca:30:2c:
f5:9b:67:8e:a3:cc:84:d6:cf:cf:e1:93:c1:29:37:16:eb:1e:
e2:60:56:65:df:c6:eb:b6:52:c2:06:62:98:0f:09:4a:89:cc:
7c:bb:a8:1c:ea:74:fd:0c:72:ad:b6:49:df:57:01:ca:4f:a8:
fa:bc:b6:ba:ec:8c:33:f3:01:4f:aa:70:ea:48:cc:54:8e:f8:
54:aa:30:67:1c:1e:f8:83:09:a3:df:6b:76:57:2d:30:33:ca:
43:97:29:16:94:cf:27:ed:db:41:de:b4:cc:2b:29:73:e5:17:
0b:ad:71:10:ca:ed:f0:c2:f4:03:e0:3b:54:3b:82:83:af:26:
69:6a:99:64:be:69:d0:69:91:55:27:a0:89:44:a0:45:8a:83:
00:82:50:d9:85:7b:15:00:21:7c:61:14:a3:fa:cd:69:43:df:
3b:fe:a0:69:c6:5e:bf:5e:df:83:f2:eb:19:57:fd:f7:f5:19:
29:81:f2:16:57:0a:ff:0a:06:36:a0:27:8f:1c:d4:4c:90:bc:
a5:d3:f2:26:d9:9e:82:64:fc:8c:1f:59:dd:1e:93:4a:70:56:
d9:3f:3a:04:eb:29:0b:28:fa:91:49:45:02:67:1a:8f:4f:6d:
53:ef:79:ac
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEXt6DTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEy
NDExMDk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFlMjgyZDcyMzU2
ZWY1ZjU0ZGFkMmE4ZmE0ODk5Zjk4MDZhYTExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLhRS55EuMGUG+b6hoGs+LLS2rC2E8eRddnjpEQ86AXyXJp
Bn/Kyyf864HMNVw67rG8SuwrkffagTYD3NSezIdJa2qvSk1oSwYIB4SjYUQWti8O
q/etrlK5IVMJyiySzzD4WwRzaAINhnuxunklRYMqK7U6w3VeT0h1pKdi/zZXTb+Q
AJR7XyoHlmAhRXL40n7WubWf9rT9MfZBPJSLnGXmZPIMgAO3LyK18grKCSt266ag
D9LAciLlXD8DTc9UEg4Fw4OOdR14lVDa05SuWi0kH8My5vOTYonTmPIdhieXv4Y+
6ODr2kGdmGZwqay+OjqLMpS2r7k+Ushy9ToeF+sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQK4oLXI1bvX1Ta0qj6SJn5gGqhHzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0N1S0MxeU5XNzE5VTJ0S28ta2laLVlCcW9SOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcYwTANBgkqhkiG9w0BAQsF
AAOCAQEAgZzfmQ3Xc5WCAivxSoUTyjAs9ZtnjqPMhNbPz+GTwSk3Fuse4mBWZd/G
67ZSwgZimA8JSonMfLuoHOp0/QxyrbZJ31cByk+o+ry2uuyMM/MBT6pw6kjMVI74
VKowZxwe+IMJo99rdlctMDPKQ5cpFpTPJ+3bQd60zCspc+UXC61xEMrt8ML0A+A7
VDuCg68maWqZZL5p0GmRVSegiUSgRYqDAIJQ2YV7FQAhfGEUo/rNaUPfO/6gacZe
v17fg/LrGVf99/UZKYHyFlcK/woGNqAnjxzUTJC8pdPyJtmegmT8jB9Z3R6TSnBW
2T86BOspCyj6kUlFAmcaj09tU+95rA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org