Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EhHcwVzBk8rk888WjffDLfYbHKc.roa
File: EhHcwVzBk8rk888WjffDLfYbHKc.roa (raw, json)
Hash identifier: 9yuH7JWEQO1MJmEEaroFa7/36M1KvyFsOor6sigANgk=
Subject key identifier: 12:11:DC:C1:5C:C1:93:CA:E4:F3:CF:16:8D:F7:C3:2D:F6:1B:1C:A7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 138DA75E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EhHcwVzBk8rk888WjffDLfYbHKc.roa
Signing time: Fri 08 Apr 2022 01:31:48 +0000
ROA not before: Fri 08 Apr 2022 01:31:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208679
IP address blocks: 2a0e:b107:178c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328050526 (0x138da75e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 8 01:31:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1211dcc15cc193cae4f3cf168df7c32df61b1ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:05:ff:a7:2f:bf:7b:34:46:2e:04:dd:99:af:
59:63:52:7b:69:e6:50:8c:62:24:2f:6b:49:b9:01:
70:d1:dc:74:db:92:6d:44:a4:8d:a5:be:31:82:23:
9a:78:3f:e0:23:01:96:da:65:b8:ce:78:d9:96:48:
0b:2a:7c:33:a5:52:95:2e:12:30:2c:8f:f3:32:43:
d1:61:ec:1f:1e:0f:96:85:22:1a:df:d6:17:3b:5e:
fd:2e:89:86:ab:1c:fc:dc:d3:d4:93:71:77:fb:f1:
d6:59:fa:2e:4b:ee:be:d4:69:bd:33:b9:4b:11:18:
89:94:e2:46:42:1a:d3:d2:9d:94:3d:9d:7d:35:9d:
03:75:c5:7a:64:a4:4d:6d:f0:99:a0:32:c7:a8:27:
22:77:3e:67:44:d0:f2:5f:85:fb:f9:5e:13:43:dc:
08:4d:e1:fc:62:69:5e:53:9d:49:16:c1:5b:46:95:
6a:d0:7d:9b:e4:0a:26:07:43:7c:16:38:16:a7:47:
d5:9a:40:cc:a0:c8:c2:35:99:1f:5a:04:18:69:25:
9f:df:5f:f4:09:64:be:56:6f:18:cd:14:0b:fb:91:
3c:7b:1a:17:13:a8:35:ce:79:98:68:39:14:01:f2:
a1:64:74:7d:46:c5:b4:66:6f:bb:57:00:1e:de:66:
f2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:11:DC:C1:5C:C1:93:CA:E4:F3:CF:16:8D:F7:C3:2D:F6:1B:1C:A7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EhHcwVzBk8rk888WjffDLfYbHKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:178c::/48
Signature Algorithm: sha256WithRSAEncryption
bd:66:19:85:3b:6f:89:4c:87:8f:96:ba:30:1c:26:6f:fa:82:
a1:88:42:02:21:90:eb:62:32:f0:e2:32:a1:26:db:da:a7:d6:
ba:81:3c:a5:9a:f8:ea:0b:61:9d:27:15:42:7d:ba:30:b4:44:
23:5f:c9:7c:60:48:b0:8e:4c:38:3c:2c:6d:2c:9c:45:7d:20:
43:a6:8e:74:15:df:2a:44:c6:32:be:ba:cf:fa:60:df:fb:1c:
ae:f7:0c:56:a8:3a:3b:e8:de:a1:f1:3f:fd:d3:dc:81:a2:56:
94:0e:ba:65:10:68:78:7c:9f:e0:d6:88:8c:df:49:26:9a:0f:
85:ac:81:a1:8c:91:90:bc:4e:a2:01:39:55:6b:3d:bf:f9:f1:
cd:d9:3b:c3:9a:1a:22:27:bb:fe:a9:2b:ed:15:cf:20:9a:2e:
28:1c:f6:60:72:4d:22:91:a2:1a:46:3a:20:8f:2a:ff:af:75:
61:10:91:ce:3d:7c:66:5b:67:b9:c8:97:d4:c8:ea:15:68:6d:
ba:8d:37:75:34:42:75:77:56:43:cb:b3:e6:18:aa:a2:1b:e1:
6b:d1:de:36:c5:91:20:cb:1f:3f:ca:20:24:80:e0:8f:e7:33:
a8:46:8d:19:b6:ac:b1:49:ba:12:e9:3e:d5:2a:f7:cf:81:a2:
97:2d:b1:2b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE42nXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
ODAxMzE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIxMWRjYzE1Y2Mx
OTNjYWU0ZjNjZjE2OGRmN2MzMmRmNjFiMWNhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEF/6cvv3s0Ri4E3ZmvWWNSe2nmUIxiJC9rSbkBcNHcdNuS
bUSkjaW+MYIjmng/4CMBltpluM542ZZICyp8M6VSlS4SMCyP8zJD0WHsHx4PloUi
Gt/WFzte/S6Jhqsc/NzT1JNxd/vx1ln6LkvuvtRpvTO5SxEYiZTiRkIa09KdlD2d
fTWdA3XFemSkTW3wmaAyx6gnInc+Z0TQ8l+F+/leE0PcCE3h/GJpXlOdSRbBW0aV
atB9m+QKJgdDfBY4FqdH1ZpAzKDIwjWZH1oEGGkln99f9AlkvlZvGM0UC/uRPHsa
FxOoNc55mGg5FAHyoWR0fUbFtGZvu1cAHt5m8nkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQSEdzBXMGTyuTzzxaN98Mt9hscpzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0VoSGN3VnpCazhyazg4OFdqZmZETGZZYkhLYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcXjDANBgkqhkiG9w0BAQsF
AAOCAQEAvWYZhTtviUyHj5a6MBwmb/qCoYhCAiGQ62Iy8OIyoSbb2qfWuoE8pZr4
6gthnScVQn26MLREI1/JfGBIsI5MODwsbSycRX0gQ6aOdBXfKkTGMr66z/pg3/sc
rvcMVqg6O+jeofE//dPcgaJWlA66ZRBoeHyf4NaIjN9JJpoPhayBoYyRkLxOogE5
VWs9v/nxzdk7w5oaIie7/qkr7RXPIJouKBz2YHJNIpGiGkY6II8q/691YRCRzj18
ZltnuciX1MjqFWhtuo03dTRCdXdWQ8uz5hiqohvha9HeNsWRIMsfP8ogJIDgj+cz
qEaNGbassUm6Euk+1Sr3z4Gily2xKw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org