Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E5cVBcF96ZnNgEQgAfKLxQdl4jc.roa
File: E5cVBcF96ZnNgEQgAfKLxQdl4jc.roa (raw, json)
Hash identifier: 5tkZFAn4MoqTSafxKHNRNfwA0x7vEoPJl8PvDRf1Gmk=
Subject key identifier: 13:97:15:05:C1:7D:E9:99:CD:80:44:20:01:F2:8B:C5:07:65:E2:37
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11E4BFED
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E5cVBcF96ZnNgEQgAfKLxQdl4jc.roa
Signing time: Thu 10 Feb 2022 14:24:31 +0000
ROA not before: Thu 10 Feb 2022 14:24:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:b107:1870::/48 maxlen: 48
2a0e:97c0:6d0::/44 maxlen: 48
2a0e:b107:5d0::/44 maxlen: 48
2a0e:b107:5e0::/44 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300204013 (0x11e4bfed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 10 14:24:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13971505c17de999cd80442001f28bc50765e237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:ce:57:89:bd:54:59:6e:52:3d:07:35:c8:
00:a0:0e:40:80:57:84:2c:8f:53:e5:1c:0e:16:ae:
a6:0b:bc:a4:d6:44:27:19:ef:31:12:1f:c4:9c:26:
33:14:08:64:1e:91:c4:3f:74:f1:fd:17:aa:24:66:
58:48:c8:f5:dc:1f:57:d8:c4:a9:15:d0:0e:0c:08:
b7:04:3a:a8:18:73:e3:a4:17:d0:cb:15:dd:8a:a9:
bc:55:fd:23:14:de:2b:b0:26:9a:87:94:6c:e3:fa:
6e:6b:1a:91:25:28:3d:bc:6d:3f:d7:ab:a1:20:29:
6a:2c:22:c2:7c:3c:87:cf:93:06:3f:ec:aa:3f:38:
ce:af:1b:ef:1d:c8:75:be:23:d5:19:1f:6d:20:56:
d6:d7:8f:6d:20:6d:ae:20:e9:f4:53:d4:81:05:57:
97:fa:7c:e7:07:ce:fd:23:0b:89:c1:a1:ce:de:43:
f1:8b:d6:d3:b3:3b:12:02:f8:9b:72:92:a9:cf:67:
5e:7f:6e:c4:e8:60:8c:26:ed:28:55:47:49:c4:5f:
27:5d:29:af:1e:55:91:be:c3:2f:86:0e:6e:5b:d1:
25:8a:2f:62:b9:5a:c4:aa:80:3c:76:02:6b:e9:50:
b9:d1:ce:3a:49:9a:35:9f:f7:b6:9b:1a:1c:0c:58:
f0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:97:15:05:C1:7D:E9:99:CD:80:44:20:01:F2:8B:C5:07:65:E2:37
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E5cVBcF96ZnNgEQgAfKLxQdl4jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6d0::/44
2a0e:b107:5d0::-2a0e:b107:5ef:ffff:ffff:ffff:ffff:ffff
2a0e:b107:900::/44
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a10:cc42:1000::/36
Signature Algorithm: sha256WithRSAEncryption
71:88:77:3f:f0:cf:c0:4b:58:92:3a:88:19:45:10:d0:23:c6:
2b:ef:22:0d:69:cb:16:47:66:43:80:f8:92:2e:bb:ce:02:05:
b7:1c:97:5f:0e:27:53:0d:8a:be:9c:78:74:28:40:c3:ef:58:
e2:2e:30:83:44:de:6a:78:f6:6c:13:e0:7d:32:f3:ee:06:54:
ec:d9:c3:c2:25:d6:cd:79:9c:a3:eb:3b:53:ce:42:00:d3:9a:
a5:62:04:74:98:b5:67:bd:ce:77:71:f5:9b:8e:12:62:b2:7b:
28:4c:9d:8f:17:25:c5:75:43:bf:4f:2d:88:e9:41:27:2c:83:
70:5b:31:3c:a7:37:a8:8b:d6:90:70:61:89:03:f5:55:e6:de:
73:38:fd:17:08:60:93:2d:81:d0:5f:40:bf:c4:56:11:83:44:
c9:c6:a2:f2:d4:34:a4:01:7d:08:3c:ad:1f:75:74:7b:7a:82:
d1:e3:43:0f:33:fe:66:f3:1b:65:99:a6:e4:fa:6a:73:db:ae:
1c:1f:64:de:19:20:d7:11:55:b6:a5:3e:c2:e0:fd:5a:f0:22:
e0:81:50:00:b2:8b:9a:40:4a:3c:68:4e:0e:1f:0a:12:5a:99:
10:e5:9b:d8:07:64:1e:91:b0:2c:a6:4a:e3:03:8a:bd:81:87:
8d:1b:79:c2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIEEeS/7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MDE0MjQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM5NzE1MDVjMTdk
ZTk5OWNkODA0NDIwMDFmMjhiYzUwNzY1ZTIzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLFzleJvVRZblI9BzXIAKAOQIBXhCyPU+UcDhaupgu8pNZE
JxnvMRIfxJwmMxQIZB6RxD908f0XqiRmWEjI9dwfV9jEqRXQDgwItwQ6qBhz46QX
0MsV3YqpvFX9IxTeK7AmmoeUbOP6bmsakSUoPbxtP9eroSApaiwiwnw8h8+TBj/s
qj84zq8b7x3Idb4j1RkfbSBW1tePbSBtriDp9FPUgQVXl/p85wfO/SMLicGhzt5D
8YvW07M7EgL4m3KSqc9nXn9uxOhgjCbtKFVHScRfJ10prx5Vkb7DL4YOblvRJYov
YrlaxKqAPHYCa+lQudHOOkmaNZ/3tpsaHAxY8AUCAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBQTlxUFwX3pmc2ARCAB8ovFB2XiNzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0U1Y1ZCY0Y5NlpuTmdFUWdBZktMeFFkbDRqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwTwQCAAIwSQMHBCoOl8AG0DASAwcEKg6xBwXQAwcE
Kg6xBwXgAwcEKg6xBwkAAwcAKg6xBwn2AwcAKg6xBw3yAwcAKg6xBxhwAwYEKhDM
QhAwDQYJKoZIhvcNAQELBQADggEBAHGIdz/wz8BLWJI6iBlFENAjxivvIg1pyxZH
ZkOA+JIuu84CBbccl18OJ1MNir6ceHQoQMPvWOIuMINE3mp49mwT4H0y8+4GVOzZ
w8Il1s15nKPrO1POQgDTmqViBHSYtWe9zndx9ZuOEmKyeyhMnY8XJcV1Q79PLYjp
QScsg3BbMTynN6iL1pBwYYkD9VXm3nM4/RcIYJMtgdBfQL/EVhGDRMnGovLUNKQB
fQg8rR91dHt6gtHjQw8z/mbzG2WZpuT6anPbrhwfZN4ZINcRVbalPsLg/VrwIuCB
UACyi5pASjxoTg4fChJamRDlm9gHZB6RsCymSuMDir2Bh40becI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org