Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J8z3virOBO0tr6cGZe4jzguBKpk.roa
File: J8z3virOBO0tr6cGZe4jzguBKpk.roa (raw, json)
Hash identifier: xdCQ/AcA/LTPYQcFvV5LEB9mbOykCFIZaecnPYQ8Luk=
Subject key identifier: 27:CC:F7:BE:2A:CE:04:ED:2D:AF:A7:06:65:EE:23:CE:0B:81:2A:99
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14F50612
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J8z3virOBO0tr6cGZe4jzguBKpk.roa
Signing time: Thu 02 Jun 2022 21:51:20 +0000
ROA not before: Thu 02 Jun 2022 21:51:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b15::/48 maxlen: 48
2a0e:97c0:b10::/48 maxlen: 48
2a0e:97c0:b13::/48 maxlen: 48
2a0e:97c0:b11::/48 maxlen: 48
2a0e:97c0:b14::/48 maxlen: 48
2a0e:97c0:b12::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351602194 (0x14f50612)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 2 21:51:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27ccf7be2ace04ed2dafa70665ee23ce0b812a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:29:02:cf:bb:6f:e5:ef:74:3e:62:3f:5b:72:
22:a9:1d:66:e1:19:1a:a1:d5:f3:2f:9e:3e:b3:4e:
33:b3:e3:b4:51:3c:c7:b1:db:1e:b1:d8:b7:aa:64:
cb:91:96:60:da:77:23:c5:7e:0a:b8:99:57:b3:31:
99:9a:91:06:12:b4:c6:83:f6:57:e3:58:f5:ed:4d:
e7:2f:25:d4:2b:1d:96:c9:bb:50:bd:57:51:94:d2:
e0:2d:98:07:b9:f0:c9:68:d7:94:bc:51:3c:e6:1f:
46:e2:ef:e8:94:a5:68:a2:4a:e4:66:f8:cf:58:5c:
87:cb:db:0a:f4:86:1c:34:64:1d:6f:d5:06:6e:a6:
10:57:6a:92:4a:e7:e1:d3:b0:05:20:44:e9:aa:2f:
1f:7b:49:e3:ad:e6:ca:5d:97:a0:33:53:64:cf:e6:
e3:0b:8e:2f:89:16:d3:42:d2:4e:34:0f:52:bf:5f:
de:0c:89:91:4a:e5:9d:8f:6b:a6:69:dd:41:3a:14:
8a:ca:bb:61:4e:dd:d3:db:bd:b2:e2:b3:c8:15:db:
98:dd:31:d5:3d:a7:c0:29:53:ce:01:a4:cc:25:37:
ff:11:e9:37:f8:43:4a:71:38:a6:82:38:07:68:bf:
79:64:af:4f:91:7a:f0:01:f5:80:3b:c7:83:ae:ef:
64:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CC:F7:BE:2A:CE:04:ED:2D:AF:A7:06:65:EE:23:CE:0B:81:2A:99
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/J8z3virOBO0tr6cGZe4jzguBKpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::-2a0e:97c0:b15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:12:cc:46:9f:26:a9:e7:70:86:9b:f2:df:21:4a:c5:98:80:
08:51:66:e0:b1:c5:d6:fe:73:90:55:a8:b0:49:78:c8:4a:43:
0d:74:88:af:9c:e4:ea:b3:28:db:b3:eb:85:e8:e0:4a:b4:a8:
5f:8b:26:29:93:c8:72:d0:46:e2:7c:bb:2f:ba:93:a0:04:1b:
30:ce:64:78:76:b0:21:94:7d:7e:10:0e:5f:fb:9e:08:39:c8:
12:52:9e:75:e0:cc:81:35:ae:c1:c3:18:40:02:39:a9:01:8f:
24:ea:7c:26:7a:ca:61:7a:30:c3:3e:a9:bc:57:af:22:48:34:
78:cf:a6:5e:70:ca:ed:09:0a:18:c6:4f:7a:42:a8:6c:e6:ca:
af:f6:fb:f1:17:9c:8a:eb:74:ef:db:a7:e5:5d:bc:79:82:48:
73:58:d9:70:e8:f8:4b:70:c9:c1:fb:b4:7d:28:c4:7b:e0:88:
78:ef:4f:8d:15:7a:05:5d:6b:47:f2:b8:5c:96:cc:5d:57:c0:
ca:8a:e8:90:6b:b1:4b:52:ff:2c:15:be:8f:08:58:f2:e0:8a:
2b:39:9f:8e:d9:fa:e0:f9:29:76:a0:09:ac:dd:11:7b:c2:99:
68:94:5e:a9:92:2a:c4:75:0f:ac:2f:3e:e6:ee:6c:90:a0:2b:
27:db:8a:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEFPUGEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYw
MjIxNTEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdjY2Y3YmUyYWNl
MDRlZDJkYWZhNzA2NjVlZTIzY2UwYjgxMmE5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMpAs+7b+XvdD5iP1tyIqkdZuEZGqHV8y+ePrNOM7PjtFE8
x7HbHrHYt6pky5GWYNp3I8V+CriZV7MxmZqRBhK0xoP2V+NY9e1N5y8l1Csdlsm7
UL1XUZTS4C2YB7nwyWjXlLxRPOYfRuLv6JSlaKJK5Gb4z1hch8vbCvSGHDRkHW/V
Bm6mEFdqkkrn4dOwBSBE6aovH3tJ463myl2XoDNTZM/m4wuOL4kW00LSTjQPUr9f
3gyJkUrlnY9rpmndQToUisq7YU7d09u9suKzyBXbmN0x1T2nwClTzgGkzCU3/xHp
N/hDSnE4poI4B2i/eWSvT5F68AH1gDvHg67vZNECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQnzPe+Ks4E7S2vpwZl7iPOC4EqmTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0o4ejN2aXJPQk8wdHI2Y0daZTRqemd1Qktway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcEKg6XwAsQAwcBKg6XwAsUMA0G
CSqGSIb3DQEBCwUAA4IBAQBgEsxGnyap53CGm/LfIUrFmIAIUWbgscXW/nOQVaiw
SXjISkMNdIivnOTqsyjbs+uF6OBKtKhfiyYpk8hy0EbifLsvupOgBBswzmR4drAh
lH1+EA5f+54IOcgSUp514MyBNa7BwxhAAjmpAY8k6nwmesphejDDPqm8V68iSDR4
z6ZecMrtCQoYxk96Qqhs5sqv9vvxF5yK63Tv26flXbx5gkhzWNlw6PhLcMnB+7R9
KMR74Ih470+NFXoFXWtH8rhclsxdV8DKiuiQa7FLUv8sFb6PCFjy4IorOZ+O2frg
+Sl2oAms3RF7wplolF6pkirEdQ+sLz7m7myQoCsn24pJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org