Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GzK33qFRyo45FF0AZO-GweQ--E0.roa
File: GzK33qFRyo45FF0AZO-GweQ--E0.roa (raw, json)
Hash identifier: KpdZniwZeubaQiaA9c0msKS3QsOvoZPttCuCInxq6Ac=
Subject key identifier: 1B:32:B7:DE:A1:51:CA:8E:39:14:5D:00:64:EF:86:C1:E4:3E:F8:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183FAFDA47DB86D260BB110D174ADA9106D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GzK33qFRyo45FF0AZO-GweQ--E0.roa
Signing time: Fri 21 Oct 2022 14:41:10 +0000
ROA not before: Fri 21 Oct 2022 14:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202000
IP address blocks: 2a0e:97c0:c50::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:fd:a4:7d:b8:6d:26:0b:b1:10:d1:74:ad:a9:10:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 21 14:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b32b7dea151ca8e39145d0064ef86c1e43ef84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:56:63:35:21:eb:4d:a0:b1:8d:60:3a:7e:5d:
22:98:11:a7:3a:2d:ea:56:ae:f3:62:3d:8e:78:3f:
94:14:a4:a0:b7:c0:ab:86:25:55:4e:af:09:79:33:
f2:d9:f9:10:30:5d:2e:44:9c:92:3c:ee:ca:00:4b:
3b:e6:41:47:b2:9b:aa:53:24:7e:68:2f:46:40:54:
81:6d:b7:b6:bd:e1:99:5c:9b:ff:f3:fc:d4:14:4d:
a9:f0:3b:75:bb:c7:5e:ba:f3:06:f0:74:ff:42:e8:
8f:59:e2:45:b7:d6:f0:7e:59:c8:02:a3:38:ab:6f:
d6:81:e7:f6:e1:f9:8b:af:b1:41:9f:52:a9:b7:7e:
85:3e:d6:5a:8c:db:01:c6:63:a2:f0:ad:50:42:a8:
ac:7e:0f:22:c1:a6:fc:fc:f4:cc:00:32:f3:31:1a:
36:94:b5:34:6e:27:aa:22:7e:5f:5b:fb:7f:94:3c:
42:ab:57:03:36:04:07:0c:46:14:30:08:08:5a:66:
f3:0d:1d:56:48:11:c8:fb:30:0b:7c:e3:33:41:2b:
e3:a5:ea:c8:cc:69:20:2f:c2:72:70:f7:2b:1c:12:
41:11:fe:b5:78:43:d7:d3:ac:b6:47:e8:7b:e4:95:
6a:22:7f:47:be:04:2f:96:25:3d:7e:e7:ec:64:6a:
f7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:32:B7:DE:A1:51:CA:8E:39:14:5D:00:64:EF:86:C1:E4:3E:F8:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GzK33qFRyo45FF0AZO-GweQ--E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c50::/44
Signature Algorithm: sha256WithRSAEncryption
4c:72:63:5d:fe:63:47:0b:be:58:d8:1f:af:74:ea:51:5d:48:
cf:a9:4c:3a:4b:ca:4d:62:04:56:dc:c9:b3:d3:c0:e7:ca:45:
6f:a1:a5:73:34:9b:a7:3b:9e:d3:d0:09:e0:88:a8:8f:ff:77:
ac:6d:a7:37:b9:04:d7:58:cd:2e:c7:34:e3:68:49:19:7d:65:
e6:cd:bb:e3:df:6b:16:c1:4b:5d:4a:30:f6:bf:71:2c:c5:02:
0e:15:3b:e0:b5:f5:38:61:1f:c1:99:6c:19:c6:7a:c9:d8:f5:
b5:3e:be:6a:e3:34:e4:11:e4:5b:d5:9b:e1:04:51:40:8b:b1:
26:df:ac:f4:07:ce:ee:ef:fd:67:ae:cb:d9:fd:2e:b1:d1:3e:
f1:44:aa:c7:33:9a:96:10:e8:35:4f:32:ac:cd:3e:d7:dc:5a:
0a:f9:e3:86:41:ff:2a:de:1c:3f:12:ac:e3:cf:47:da:9c:d9:
43:4d:86:fe:25:1f:8c:9f:8f:f1:0b:06:f1:de:6d:56:6d:18:
de:9b:29:c1:fc:2a:03:81:3e:a9:96:c3:64:5c:fe:6c:64:b5:
eb:ac:84:7a:7a:85:f8:59:6a:b1:95:27:b8:6f:00:d9:17:70:
7f:31:8f:88:c5:b0:d4:5e:19:19:d2:79:c8:48:8f:a3:42:50:
42:af:9f:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYP6/aR9uG0mC7EQ0XStqRBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIxMTQ0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjMyYjdkZWExNTFjYThlMzkxNDVkMDA2NGVmODZjMWU0M2VmODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1ZjNSHrTaCxjWA6fl0imBGnOi3q
Vq7zYj2OeD+UFKSgt8CrhiVVTq8JeTPy2fkQMF0uRJySPO7KAEs75kFHspuqUyR+
aC9GQFSBbbe2veGZXJv/8/zUFE2p8Dt1u8deuvMG8HT/QuiPWeJFt9bwflnIAqM4
q2/Wgef24fmLr7FBn1Kpt36FPtZajNsBxmOi8K1QQqisfg8iwab8/PTMADLzMRo2
lLU0bieqIn5fW/t/lDxCq1cDNgQHDEYUMAgIWmbzDR1WSBHI+zALfOMzQSvjperI
zGkgL8JycPcrHBJBEf61eEPX06y2R+h75JVqIn9HvgQvliU9fufsZGr38wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBsyt96hUcqOORRdAGTvhsHkPvhNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3pLMzNxRlJ5bzQ1RkYwQVpPLUd3ZVEtLUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBMcmNd/mNHC75Y2B+vdOpRXUjPqUw6S8pNYgRW
3Mmz08DnykVvoaVzNJunO57T0AngiKiP/3esbac3uQTXWM0uxzTjaEkZfWXmzbvj
32sWwUtdSjD2v3EsxQIOFTvgtfU4YR/BmWwZxnrJ2PW1Pr5q4zTkEeRb1ZvhBFFA
i7Em36z0B87u7/1nrsvZ/S6x0T7xRKrHM5qWEOg1TzKszT7X3FoK+eOGQf8q3hw/
Eqzjz0fanNlDTYb+JR+Mn4/xCwbx3m1WbRjemynB/CoDgT6plsNkXP5sZLXrrIR6
eoX4WWqxlSe4bwDZF3B/MY+IxbDUXhkZ0nnISI+jQlBCr59G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:59 2024 by rpki-client on console-ams.rpki-client.org