Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IO28PrBbwwq9tqJO4fWP7ikdnYA.roa
File: IO28PrBbwwq9tqJO4fWP7ikdnYA.roa (raw, json)
Hash identifier: aVKvHZB/D1ybWhelOmt1SEmrY+6LF0WS8dokBFqWW0A=
Subject key identifier: 20:ED:BC:3E:B0:5B:C3:0A:BD:B6:A2:4E:E1:F5:8F:EE:29:1D:9D:80
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01833732F7EFE4EEF50D8BDBB1502D9E1456
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IO28PrBbwwq9tqJO4fWP7ikdnYA.roa
Signing time: Tue 13 Sep 2022 14:13:50 +0000
ROA not before: Tue 13 Sep 2022 14:13:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213188
IP address blocks: 2a0e:b107:6e2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:32:f7:ef:e4:ee:f5:0d:8b:db:b1:50:2d:9e:14:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 13 14:13:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20edbc3eb05bc30abdb6a24ee1f58fee291d9d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:10:0e:c9:4c:26:ed:57:e0:23:4e:52:f3:49:
68:b8:3c:d3:5e:00:96:98:63:b7:d7:e2:9a:17:99:
00:9e:ee:70:2b:13:90:78:21:da:d1:02:fc:35:14:
8e:41:f7:c7:4d:95:70:5e:00:96:0f:a9:b4:ba:a2:
4a:0a:55:6a:f3:5d:2e:23:d3:a9:d5:8f:e3:40:2c:
d3:09:9d:26:99:39:66:c3:45:29:9e:fb:60:18:d8:
95:aa:10:b7:ab:53:2a:b2:8e:f6:74:a0:e2:b3:1a:
74:17:5f:3f:4f:55:d6:f9:05:c2:7a:90:72:e8:74:
f8:d4:84:01:b6:79:45:d5:72:c6:fe:e1:2d:c6:8f:
cb:19:a4:96:4f:9e:fa:d9:1a:4f:cf:26:67:2d:d3:
44:f5:9d:fd:f3:9a:23:fe:f7:0c:0d:34:80:7e:63:
62:87:7c:07:f8:4e:88:9f:f2:cf:38:16:d7:39:86:
d9:82:ec:88:29:58:f4:04:f6:db:13:c5:5a:82:c4:
c0:38:c8:f0:14:69:ce:3c:a0:1b:89:ab:78:19:69:
12:68:42:09:2b:5e:a4:20:68:4b:e7:09:4d:ca:53:
7e:1e:0a:b4:14:b9:09:ff:83:92:34:11:e3:86:82:
48:24:79:d9:a7:ca:9c:1e:08:2c:75:a3:7b:58:7f:
7d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:ED:BC:3E:B0:5B:C3:0A:BD:B6:A2:4E:E1:F5:8F:EE:29:1D:9D:80
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IO28PrBbwwq9tqJO4fWP7ikdnYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:6e2::/48
Signature Algorithm: sha256WithRSAEncryption
35:48:22:36:45:2d:f6:2e:b5:8e:ac:6b:35:05:12:7f:c0:9a:
03:b6:eb:08:ad:dc:fe:47:8a:11:40:69:b2:f0:ce:fb:67:58:
1d:fa:6c:0f:4d:77:15:ab:77:31:28:73:66:d4:e8:b8:70:bb:
30:55:49:94:a1:ac:96:b5:34:33:47:fc:28:97:d7:d8:85:95:
97:a9:3b:2d:f2:64:0f:41:1e:af:33:ad:dc:18:26:fe:00:82:
f5:4a:42:81:9f:f4:9e:3f:61:b8:c5:e4:c5:c6:f4:f7:1e:66:
41:41:b4:ae:ef:80:47:75:b6:9d:6a:d7:69:52:01:ac:7c:f8:
cd:2a:c8:36:66:06:57:61:16:ed:89:33:39:05:a5:a1:04:3a:
d6:9f:f6:d8:07:b0:c2:8c:d6:e3:d4:fa:87:95:db:0f:52:07:
ae:38:bc:22:62:3a:e2:6b:13:ef:46:81:b6:6f:eb:7c:5c:ba:
36:21:8a:b7:6c:11:93:88:1a:9d:5b:82:d6:16:8b:b2:cc:12:
9c:2d:e1:87:00:ec:c3:72:14:ae:f7:68:35:f7:69:66:9c:33:
3a:aa:c9:be:d0:e6:bf:b0:09:5a:1a:0d:aa:5b:c8:d1:d3:71:
00:5a:1c:b4:66:72:5a:f0:da:43:79:69:fd:b3:98:19:15:7b:
ec:4f:ba:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYM3Mvfv5O71DYvbsVAtnhRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTEzMTQxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVkYmMzZWIwNWJjMzBhYmRiNmEyNGVlMWY1OGZlZTI5MWQ5ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihAOyUwm7VfgI05S80louDzTXgCW
mGO31+KaF5kAnu5wKxOQeCHa0QL8NRSOQffHTZVwXgCWD6m0uqJKClVq810uI9Op
1Y/jQCzTCZ0mmTlmw0UpnvtgGNiVqhC3q1Mqso72dKDisxp0F18/T1XW+QXCepBy
6HT41IQBtnlF1XLG/uEtxo/LGaSWT5762RpPzyZnLdNE9Z3985oj/vcMDTSAfmNi
h3wH+E6In/LPOBbXOYbZguyIKVj0BPbbE8VagsTAOMjwFGnOPKAbiat4GWkSaEIJ
K16kIGhL5wlNylN+Hgq0FLkJ/4OSNBHjhoJIJHnZp8qcHggsdaN7WH990wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCDtvD6wW8MKvbaiTuH1j+4pHZ2AMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSU8yOFByQmJ3d3E5dHFKTzRmV1A3aWtkbllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwbi
MA0GCSqGSIb3DQEBCwUAA4IBAQA1SCI2RS32LrWOrGs1BRJ/wJoDtusIrdz+R4oR
QGmy8M77Z1gd+mwPTXcVq3cxKHNm1Oi4cLswVUmUoayWtTQzR/wol9fYhZWXqTst
8mQPQR6vM63cGCb+AIL1SkKBn/SeP2G4xeTFxvT3HmZBQbSu74BHdbadatdpUgGs
fPjNKsg2ZgZXYRbtiTM5BaWhBDrWn/bYB7DCjNbj1PqHldsPUgeuOLwiYjriaxPv
RoG2b+t8XLo2IYq3bBGTiBqdW4LWFouyzBKcLeGHAOzDchSu92g192lmnDM6qsm+
0Oa/sAlaGg2qW8jR03EAWhy0ZnJa8NpDeWn9s5gZFXvsT7on
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org