Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GajHWqZaE9WV4MdF_U7SAkqNB7A.roa
File: GajHWqZaE9WV4MdF_U7SAkqNB7A.roa (raw, json)
Hash identifier: i9eCWjXT2GnWhPCFXNOc8wuX4AVTtwie0W41hiKxNTI=
Subject key identifier: 19:A8:C7:5A:A6:5A:13:D5:95:E0:C7:45:FD:4E:D2:02:4A:8D:07:B0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184EAB722478020767EE1AAFFDCF7FD89C2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GajHWqZaE9WV4MdF_U7SAkqNB7A.roa
Signing time: Wed 07 Dec 2022 03:53:01 +0000
ROA not before: Wed 07 Dec 2022 03:53:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ea:b7:22:47:80:20:76:7e:e1:aa:ff:dc:f7:fd:89:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 7 03:53:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19a8c75aa65a13d595e0c745fd4ed2024a8d07b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:5c:32:8e:b5:58:6d:11:f9:ec:20:55:66:
48:59:42:5b:01:86:8b:2e:30:79:5e:86:94:ea:82:
f1:9e:31:d3:06:3a:92:cd:85:8e:09:2c:c7:ad:13:
df:35:a4:ec:a4:93:0f:25:07:e2:bf:58:3b:4d:40:
22:14:36:9d:e7:08:1b:9b:89:93:ee:b5:0b:1b:27:
5c:6a:eb:41:65:fa:f2:9d:89:4b:9e:a3:84:d3:bb:
63:90:d8:07:2e:77:6a:e1:7b:cd:2d:78:72:d8:3e:
f7:7c:a0:b9:2c:16:a7:38:28:53:1a:cc:2e:9b:cd:
c0:d7:ac:1c:ce:94:9b:61:d8:6f:65:c6:c0:b8:a9:
b7:2f:76:fc:95:e1:8a:61:49:c0:38:43:83:fa:f3:
51:ab:9b:ec:b0:f5:81:c9:aa:d3:d1:29:7f:06:93:
d3:81:e2:18:9c:c4:43:a1:fa:ef:d3:d3:fe:9d:56:
46:f7:5f:82:b4:ea:be:58:2d:10:65:0a:0f:4f:2f:
49:c2:92:50:c1:3b:10:0f:1d:2c:47:9c:1d:52:ae:
74:85:9b:89:7f:85:dc:78:6b:cb:d4:7e:c7:1e:19:
6d:2f:74:07:de:ae:8d:fd:cb:69:6b:51:80:b6:a4:
98:20:a7:a9:ba:f3:ea:bd:da:cd:a4:57:99:94:77:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A8:C7:5A:A6:5A:13:D5:95:E0:C7:45:FD:4E:D2:02:4A:8D:07:B0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GajHWqZaE9WV4MdF_U7SAkqNB7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d21::/48
Signature Algorithm: sha256WithRSAEncryption
69:cc:14:42:ee:d7:fd:d6:d4:dc:20:a1:0b:4a:5a:13:a0:a8:
7e:ca:17:be:fe:4e:56:8f:c3:81:69:97:71:60:9e:2f:c0:64:
7a:08:e8:3c:e5:a7:80:ed:51:68:93:c2:6a:22:fb:73:e5:92:
41:c8:9f:e2:02:a4:44:5f:78:69:12:d7:b9:70:c6:4d:47:04:
4c:40:dc:39:e4:0f:c4:cb:93:16:61:d2:a8:28:50:7f:dc:e1:
48:c8:eb:e5:07:2b:cf:9b:e9:8f:26:2f:13:6c:ab:87:79:ee:
ae:34:25:23:41:ac:6a:3d:a2:81:38:1e:ce:52:04:48:59:09:
e4:0c:94:29:97:d5:23:5d:34:97:d5:66:c0:7b:8f:31:13:27:
14:34:d8:2a:01:6a:4b:3e:77:47:c2:c9:80:64:74:e6:64:67:
23:75:eb:75:c8:fc:24:94:08:3a:51:52:86:9a:f5:52:54:1b:
80:76:bd:c4:74:df:fd:33:91:2c:8f:21:0c:6b:a4:cf:f3:07:
55:ea:c1:06:06:02:df:ac:5d:dc:46:4e:c6:e8:1a:8e:5f:b2:
d5:5b:b2:30:78:9e:20:59:f0:bd:0a:1e:99:8a:ee:14:74:c5:
a6:e2:8a:3b:cd:a3:4c:d0:7c:e6:35:4c:4c:8f:5f:b2:b6:ed:
a3:f7:93:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTqtyJHgCB2fuGq/9z3/YnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA3MDM1MzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE4Yzc1YWE2NWExM2Q1OTVlMGM3NDVmZDRlZDIwMjRhOGQwN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZFcMo61WG0R+ewgVWZIWUJbAYaL
LjB5XoaU6oLxnjHTBjqSzYWOCSzHrRPfNaTspJMPJQfiv1g7TUAiFDad5wgbm4mT
7rULGydcautBZfrynYlLnqOE07tjkNgHLndq4XvNLXhy2D73fKC5LBanOChTGswu
m83A16wczpSbYdhvZcbAuKm3L3b8leGKYUnAOEOD+vNRq5vssPWByarT0Sl/BpPT
geIYnMRDofrv09P+nVZG91+CtOq+WC0QZQoPTy9JwpJQwTsQDx0sR5wdUq50hZuJ
f4XceGvL1H7HHhltL3QH3q6N/ctpa1GAtqSYIKepuvPqvdrNpFeZlHdXXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBmox1qmWhPVleDHRf1O0gJKjQewMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR2FqSFdxWmFFOVdWNE1kRl9VN1NBa3FOQjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0h
MA0GCSqGSIb3DQEBCwUAA4IBAQBpzBRC7tf91tTcIKELSloToKh+yhe+/k5Wj8OB
aZdxYJ4vwGR6COg85aeA7VFok8JqIvtz5ZJByJ/iAqREX3hpEte5cMZNRwRMQNw5
5A/Ey5MWYdKoKFB/3OFIyOvlByvPm+mPJi8TbKuHee6uNCUjQaxqPaKBOB7OUgRI
WQnkDJQpl9UjXTSX1WbAe48xEycUNNgqAWpLPndHwsmAZHTmZGcjdet1yPwklAg6
UVKGmvVSVBuAdr3EdN/9M5EsjyEMa6TP8wdV6sEGBgLfrF3cRk7G6BqOX7LVW7Iw
eJ4gWfC9Ch6Ziu4UdMWm4oo7zaNM0HzmNUxMj1+ytu2j95Mj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org