Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HVqhmaCtiqAO8O4CaBzLc6iWAm4.roa
File: HVqhmaCtiqAO8O4CaBzLc6iWAm4.roa (raw, json)
Hash identifier: 8kSmT9T+N80JHlx17uujic4x/Hp5p9IKZyaH37m3Y6Q=
Subject key identifier: 1D:5A:A1:99:A0:AD:8A:A0:0E:F0:EE:02:68:1C:CB:73:A8:96:02:6E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181D7A738378F8B8ECAA9E5BEA4753D0600
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HVqhmaCtiqAO8O4CaBzLc6iWAm4.roa
Signing time: Thu 07 Jul 2022 07:54:29 +0000
ROA not before: Thu 07 Jul 2022 07:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211024
IP address blocks: 2a0e:97c0:4d0::/48 maxlen: 48
2a0e:97c0:4df::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:a7:38:37:8f:8b:8e:ca:a9:e5:be:a4:75:3d:06:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 7 07:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d5aa199a0ad8aa00ef0ee02681ccb73a896026e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:67:a8:7f:58:76:96:22:6e:8c:20:8e:65:
eb:04:eb:99:4a:8f:ea:64:79:cb:25:c3:b0:ee:93:
ab:4b:99:2b:4e:44:4e:41:2d:fc:c0:60:ef:7e:43:
21:85:f9:f1:0f:de:08:a5:06:71:c5:5b:fc:6d:52:
5b:f0:b1:8e:13:99:b8:ae:6d:df:19:a1:ce:e0:ac:
88:7e:a6:a9:29:3c:f3:52:46:10:98:fb:50:d4:d4:
fb:1c:7a:02:a1:94:3d:9d:cd:81:19:5f:3c:09:c1:
f8:a4:0d:78:db:91:9a:50:c9:c3:57:aa:d8:07:32:
c2:8d:ec:1c:22:a7:a7:f3:63:18:af:df:b8:4f:af:
c1:ec:5c:41:96:98:12:74:9b:07:bd:13:46:26:2d:
31:5d:0c:9d:f6:11:10:2a:25:5f:a6:0b:e3:46:46:
81:d2:66:9f:91:94:f3:be:4b:f0:a3:3e:63:01:89:
68:af:e7:1e:9a:79:b4:8b:81:f2:30:3a:e1:6f:72:
04:20:64:f2:74:fe:95:e1:19:2e:7b:ae:4f:79:fb:
12:6b:0a:8f:62:ef:31:97:e3:27:f0:b6:26:46:b9:
2f:35:89:b3:69:11:f4:c6:37:dd:33:ce:46:08:cb:
1f:ad:b7:db:59:6f:5f:02:20:88:43:82:eb:98:e1:
fe:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5A:A1:99:A0:AD:8A:A0:0E:F0:EE:02:68:1C:CB:73:A8:96:02:6E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HVqhmaCtiqAO8O4CaBzLc6iWAm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:4d0::/48
2a0e:97c0:4df::/48
Signature Algorithm: sha256WithRSAEncryption
17:7e:65:77:ce:28:77:fd:64:cc:97:f3:89:8f:3a:d0:08:43:
12:c2:f3:8f:c1:69:bf:ba:62:47:35:47:73:64:4a:7f:5c:1b:
59:a9:98:10:42:d8:77:dd:e0:9a:ea:14:ab:14:7c:99:7a:33:
03:4d:0d:6e:0e:89:b8:f5:a3:5d:77:dd:ff:87:2a:64:3f:1a:
41:39:8d:c4:3b:4b:d7:b7:95:4a:6c:fe:b6:bd:f0:e6:f9:fa:
fb:ce:7c:2d:cb:8b:16:f6:72:4d:36:5e:e8:ac:61:54:a5:f9:
f7:ff:2d:4f:c1:82:a0:1c:13:95:37:23:23:52:a1:2c:5f:35:
87:59:40:c2:d5:7b:fa:af:10:59:0c:af:e2:bf:a5:96:7e:9b:
2a:8a:6e:58:df:2d:2f:03:bb:23:02:90:ee:64:90:2d:99:be:
83:4c:e8:cd:98:d6:96:19:ea:70:04:66:23:09:dd:ad:d2:22:
4e:06:73:4b:66:19:07:b4:e2:a5:0a:9e:20:3e:40:71:47:96:
b9:95:f0:2e:22:69:69:6a:c9:25:b2:45:b0:d4:4a:70:7b:51:
97:7f:e1:69:08:dc:34:df:42:42:38:82:b0:8e:42:52:11:82:
dc:bb:5d:3b:78:62:5f:f9:48:0a:03:32:15:22:cf:e5:00:60:
92:fe:fd:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHXpzg3j4uOyqnlvqR1PQYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzA3MDc1NDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVhYTE5OWEwYWQ4YWEwMGVmMGVlMDI2ODFjY2I3M2E4OTYwMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0NnqH9YdpYibowgjmXrBOuZSo/q
ZHnLJcOw7pOrS5krTkROQS38wGDvfkMhhfnxD94IpQZxxVv8bVJb8LGOE5m4rm3f
GaHO4KyIfqapKTzzUkYQmPtQ1NT7HHoCoZQ9nc2BGV88CcH4pA1425GaUMnDV6rY
BzLCjewcIqen82MYr9+4T6/B7FxBlpgSdJsHvRNGJi0xXQyd9hEQKiVfpgvjRkaB
0mafkZTzvkvwoz5jAYlor+cemnm0i4HyMDrhb3IEIGTydP6V4Rkue65PefsSawqP
Yu8xl+Mn8LYmRrkvNYmzaRH0xjfdM85GCMsfrbfbWW9fAiCIQ4LrmOH+tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB1aoZmgrYqgDvDuAmgcy3OolgJuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSFZxaG1hQ3RpcUFPOE80Q2FCekxjNmlXQW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwATQ
AwcAKg6XwATfMA0GCSqGSIb3DQEBCwUAA4IBAQAXfmV3zih3/WTMl/OJjzrQCEMS
wvOPwWm/umJHNUdzZEp/XBtZqZgQQth33eCa6hSrFHyZejMDTQ1uDom49aNdd93/
hypkPxpBOY3EO0vXt5VKbP62vfDm+fr7znwty4sW9nJNNl7orGFUpfn3/y1PwYKg
HBOVNyMjUqEsXzWHWUDC1Xv6rxBZDK/iv6WWfpsqim5Y3y0vA7sjApDuZJAtmb6D
TOjNmNaWGepwBGYjCd2t0iJOBnNLZhkHtOKlCp4gPkBxR5a5lfAuImlpasklskWw
1Epwe1GXf+FpCNw030JCOIKwjkJSEYLcu107eGJf+UgKAzIVIs/lAGCS/v0d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org