Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DK38Lj0DcZy1aIuy1xHZFSGVfQM.roa
File: DK38Lj0DcZy1aIuy1xHZFSGVfQM.roa (raw, json)
Hash identifier: QdYxknFTEVDf/HIcbXtEpOrlJyQb/VenXzReWIeol2I=
Subject key identifier: 0C:AD:FC:2E:3D:03:71:9C:B5:68:8B:B2:D7:11:D9:15:21:95:7D:03
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 108063A3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DK38Lj0DcZy1aIuy1xHZFSGVfQM.roa
Signing time: Sat 01 Jan 2022 09:04:50 +0000
ROA not before: Sat 01 Jan 2022 09:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134666
IP address blocks: 2a0e:b107:30f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 276849571 (0x108063a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cadfc2e3d03719cb5688bb2d711d91521957d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:0e:bb:bb:6b:57:49:7b:44:0b:49:2c:14:
3e:36:c7:51:67:de:27:64:0c:ec:9f:9e:80:af:2a:
ef:06:93:c2:10:64:57:1b:23:d7:ae:0f:87:8e:18:
dc:8b:97:4d:72:e7:be:8b:42:3c:22:f4:33:81:1c:
bd:23:4d:ea:57:77:d8:62:82:ef:82:19:c8:af:d7:
84:e4:e1:3c:4f:d4:9f:df:f7:ac:0b:21:05:f6:47:
2c:e7:24:40:91:5f:be:a8:19:da:79:5b:12:2d:03:
a8:11:2e:a9:9b:c4:2d:57:29:48:78:0b:f5:5a:57:
49:55:43:24:d8:88:74:1b:e4:ae:68:fd:4e:05:b1:
eb:60:20:84:24:d8:82:79:57:a2:cb:a8:b3:66:d6:
2f:9f:f3:bd:e3:85:15:ad:77:1a:c7:3e:8b:e2:f6:
30:2d:f4:c1:4c:7b:80:05:a0:04:d4:65:47:17:e4:
0a:63:9f:18:a0:94:f4:41:5e:56:ec:cf:18:2c:da:
ae:aa:ab:e0:17:ac:e6:03:96:42:8c:43:c8:a7:90:
ad:3e:8a:e3:1d:46:96:6a:c2:d8:25:d8:25:b6:72:
b5:e4:2d:b5:57:d1:f2:a1:f6:7e:8a:59:c8:68:73:
5f:4a:8d:85:e1:33:35:96:bf:7d:d6:eb:b3:7a:4d:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AD:FC:2E:3D:03:71:9C:B5:68:8B:B2:D7:11:D9:15:21:95:7D:03
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DK38Lj0DcZy1aIuy1xHZFSGVfQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:30f::/48
Signature Algorithm: sha256WithRSAEncryption
89:16:5d:6f:bf:3e:5a:e3:26:a8:d3:1b:8f:ae:f3:37:35:2a:
cc:f3:f1:6b:35:88:dd:cd:d0:b7:22:20:1f:e4:82:25:fb:30:
15:11:5e:36:b1:66:5d:a0:6f:c6:c3:ba:f7:ff:e6:0d:f1:9a:
df:74:45:15:f0:30:13:5a:4c:84:d2:46:cc:29:1a:45:18:29:
61:b7:e2:f3:39:d2:64:07:d0:da:ad:d8:86:88:87:43:95:1a:
71:48:f2:45:ad:4c:15:bc:35:22:47:e4:04:bc:13:0d:42:6f:
16:ca:61:d2:4b:0e:69:82:12:40:6b:e4:bc:e2:69:5d:49:c7:
92:54:70:8b:d8:60:6c:fe:37:ed:cc:8f:39:4a:94:3b:fe:33:
43:39:ae:cc:e0:38:fc:25:b5:4c:67:f2:75:c9:b5:40:ab:bb:
d8:78:ee:13:19:2f:f5:fa:25:3d:c5:0f:fe:b9:a3:ee:8b:c4:
83:5c:a9:fb:22:4b:41:30:da:83:59:cb:8b:33:29:4b:a3:74:
19:9e:60:13:a5:10:ff:d7:0b:5c:90:2f:10:df:8d:5a:f1:8b:
4a:1c:92:c4:4a:e3:63:55:44:ba:f1:bb:cc:56:d1:49:ca:1e:
dc:0a:42:5f:af:2e:ae:b4:1b:6e:f2:58:3a:d2:3e:68:da:97:
27:39:89:21
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEIBjozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhZGZjMmUzZDAz
NzE5Y2I1Njg4YmIyZDcxMWQ5MTUyMTk1N2QwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmEDru7a1dJe0QLSSwUPjbHUWfeJ2QM7J+egK8q7waTwhBk
Vxsj164Ph44Y3IuXTXLnvotCPCL0M4EcvSNN6ld32GKC74IZyK/XhOThPE/Un9/3
rAshBfZHLOckQJFfvqgZ2nlbEi0DqBEuqZvELVcpSHgL9VpXSVVDJNiIdBvkrmj9
TgWx62AghCTYgnlXosuos2bWL5/zveOFFa13Gsc+i+L2MC30wUx7gAWgBNRlRxfk
CmOfGKCU9EFeVuzPGCzarqqr4Bes5gOWQoxDyKeQrT6K4x1GlmrC2CXYJbZyteQt
tVfR8qH2fopZyGhzX0qNheEzNZa/fdbrs3pND8cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQMrfwuPQNxnLVoi7LXEdkVIZV9AzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0RLMzhMajBEY1p5MWFJdXkxeEhaRlNHVmZRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcDDzANBgkqhkiG9w0BAQsF
AAOCAQEAiRZdb78+WuMmqNMbj67zNzUqzPPxazWI3c3QtyIgH+SCJfswFRFeNrFm
XaBvxsO69//mDfGa33RFFfAwE1pMhNJGzCkaRRgpYbfi8znSZAfQ2q3YhoiHQ5Ua
cUjyRa1MFbw1IkfkBLwTDUJvFsph0ksOaYISQGvkvOJpXUnHklRwi9hgbP437cyP
OUqUO/4zQzmuzOA4/CW1TGfydcm1QKu72HjuExkv9folPcUP/rmj7ovEg1yp+yJL
QTDag1nLizMpS6N0GZ5gE6UQ/9cLXJAvEN+NWvGLShySxErjY1VEuvG7zFbRScoe
3ApCX68urrQbbvJYOtI+aNqXJzmJIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org