Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IfnrmuHbsWGhsG1LhXQBK1HMbA4.roa
File: IfnrmuHbsWGhsG1LhXQBK1HMbA4.roa (raw, json)
Hash identifier: R9y4o433d1275iMAYNhaGCLo/cgWf2FsSvO1fSYiLtE=
Subject key identifier: 21:F9:EB:9A:E1:DB:B1:61:A1:B0:6D:4B:85:74:01:2B:51:CC:6C:0E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11C3087B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IfnrmuHbsWGhsG1LhXQBK1HMbA4.roa
Signing time: Fri 04 Feb 2022 10:10:28 +0000
ROA not before: Fri 04 Feb 2022 10:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211337
IP address blocks: 2a0e:97c0:1d0::/48 maxlen: 48
2a0e:97c0:1d1::/48 maxlen: 48
2a0e:97c1:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297994363 (0x11c3087b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 4 10:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21f9eb9ae1dbb161a1b06d4b8574012b51cc6c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f6:0d:b0:61:fb:12:1a:a1:47:dc:ff:c1:b5:
9d:c8:eb:fb:7b:57:96:a3:e4:4b:76:c0:72:2d:bb:
7b:37:72:e7:b6:5d:c3:6d:2f:1b:10:9a:c0:7c:6c:
f9:c0:32:5b:0d:77:22:26:95:ef:32:4d:ac:64:08:
f0:e2:7e:3f:dd:78:ca:45:56:f3:2b:22:bc:d8:8b:
ab:2e:34:34:e0:ec:65:50:bc:83:46:fe:85:0c:85:
cc:ab:8b:01:4b:62:9d:1e:f8:52:07:23:6f:54:fd:
1d:2f:ca:b7:4a:c5:af:e5:d5:1e:a8:70:8d:9c:ae:
f4:b4:01:9f:48:42:ff:5a:b3:7e:7c:c5:46:ce:15:
0c:5d:ce:b8:b4:21:f3:df:cf:7c:a5:fc:0a:ff:58:
2f:23:61:ec:1d:ee:75:14:a8:3e:e6:20:34:a5:af:
af:d0:f0:b6:f0:8c:ec:53:2e:9b:53:d1:3a:dc:f6:
0e:2e:73:f4:54:f7:4f:7c:aa:b6:11:e1:53:cd:4c:
19:fb:76:73:57:a3:b6:a1:23:4d:6b:93:b7:c5:30:
b3:9c:6e:e8:bc:c0:c1:84:b0:0d:10:c8:9c:16:fa:
a6:63:4d:59:02:f0:63:f1:0d:97:1f:c5:3b:0d:bf:
79:73:92:f2:2f:95:5c:aa:5b:fe:56:87:0a:f1:3a:
59:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F9:EB:9A:E1:DB:B1:61:A1:B0:6D:4B:85:74:01:2B:51:CC:6C:0E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IfnrmuHbsWGhsG1LhXQBK1HMbA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1d0::/47
2a0e:97c1:100::/48
Signature Algorithm: sha256WithRSAEncryption
3e:be:86:ba:f1:18:23:c4:98:dc:43:e0:17:5b:6b:bc:53:7c:
26:7b:40:81:19:8f:a2:2f:1f:ad:84:77:18:ed:fb:c0:8e:e5:
09:a9:38:9b:d1:31:ca:db:25:37:7e:44:0d:a3:de:81:74:93:
df:82:63:56:24:96:7c:d6:c2:fc:c8:10:9a:6c:ca:e1:c4:bc:
53:c0:ef:45:fa:af:59:09:69:87:06:55:aa:8d:93:64:38:67:
3f:08:1a:55:4d:f2:15:1f:ec:26:28:e3:8e:76:e0:68:17:57:
2c:65:6a:8c:ad:ab:eb:87:3f:e0:6d:57:d1:ac:2d:1e:56:f8:
4d:62:a8:51:4e:e3:d1:a1:11:38:f5:25:41:cb:65:78:b1:c4:
26:78:72:23:4f:f6:9f:89:12:af:14:77:d2:7d:64:88:f8:26:
61:4c:88:7c:11:14:ec:6e:b0:4b:14:4e:73:ec:0b:dc:2d:5a:
07:8f:7a:0c:fe:26:47:44:69:f7:9d:53:62:0b:65:7b:bf:e0:
be:94:fb:86:e1:25:9a:90:d1:8a:29:b5:d7:39:4e:c9:98:19:
f0:43:d9:17:11:28:eb:a7:07:b9:2a:45:d8:55:00:1f:41:c7:
b0:94:33:2f:61:26:6f:d0:42:86:04:f0:d3:74:fe:f0:96:3d:
2e:6e:07:80
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEcMIezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIw
NDEwMTAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFmOWViOWFlMWRi
YjE2MWExYjA2ZDRiODU3NDAxMmI1MWNjNmMwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKD2DbBh+xIaoUfc/8G1ncjr+3tXlqPkS3bAci27ezdy57Zd
w20vGxCawHxs+cAyWw13IiaV7zJNrGQI8OJ+P914ykVW8ysivNiLqy40NODsZVC8
g0b+hQyFzKuLAUtinR74Ugcjb1T9HS/Kt0rFr+XVHqhwjZyu9LQBn0hC/1qzfnzF
Rs4VDF3OuLQh89/PfKX8Cv9YLyNh7B3udRSoPuYgNKWvr9DwtvCM7FMum1PROtz2
Di5z9FT3T3yqthHhU81MGft2c1ejtqEjTWuTt8Uws5xu6LzAwYSwDRDInBb6pmNN
WQLwY/ENlx/FOw2/eXOS8i+VXKpb/laHCvE6WWUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQh+eua4duxYaGwbUuFdAErUcxsDjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0lmbnJtdUhic1dHaHNHMUxoWFFCSzFITWJBNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHASoOl8AB0AMHACoOl8EBADANBgkq
hkiG9w0BAQsFAAOCAQEAPr6GuvEYI8SY3EPgF1trvFN8JntAgRmPoi8frYR3GO37
wI7lCak4m9ExytslN35EDaPegXST34JjViSWfNbC/MgQmmzK4cS8U8DvRfqvWQlp
hwZVqo2TZDhnPwgaVU3yFR/sJijjjnbgaBdXLGVqjK2r64c/4G1X0awtHlb4TWKo
UU7j0aEROPUlQctleLHEJnhyI0/2n4kSrxR30n1kiPgmYUyIfBEU7G6wSxROc+wL
3C1aB496DP4mR0Rp951TYgtle7/gvpT7huElmpDRiim11zlOyZgZ8EPZFxEo66cH
uSpF2FUAH0HHsJQzL2Emb9BChgTw03T+8JY9Lm4HgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org