Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JDsFnhSgBjnT5g3I8yZwn0gpybU.roa
File: JDsFnhSgBjnT5g3I8yZwn0gpybU.roa (raw, json)
Hash identifier: N/E9RdvZTc5TYCECwoRAb1eOsfuxvLeHWCa3gIR+STY=
Subject key identifier: 24:3B:05:9E:14:A0:06:39:D3:E6:0D:C8:F3:26:70:9F:48:29:C9:B5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 1359C97D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JDsFnhSgBjnT5g3I8yZwn0gpybU.roa
Signing time: Fri 01 Apr 2022 07:39:23 +0000
ROA not before: Fri 01 Apr 2022 07:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206569
IP address blocks: 2a0e:b107:19b0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324651389 (0x1359c97d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 1 07:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=243b059e14a00639d3e60dc8f326709f4829c9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:36:47:61:45:73:ff:0b:d3:57:e2:ff:d2:23:
5b:44:27:8d:53:51:e6:68:28:ec:a8:d7:d6:a9:32:
c7:6f:a0:2f:86:32:e0:0a:29:9d:c1:e0:47:90:91:
2d:80:c2:4d:62:be:a7:c5:a0:8a:dd:b3:42:5d:37:
62:0e:13:df:2f:26:31:62:ac:0e:f2:f3:4a:9e:4b:
5c:4d:74:18:56:59:d9:54:10:9e:7c:15:53:51:83:
36:d6:ba:5b:7d:60:9f:99:3f:59:49:7f:32:23:82:
7c:2f:01:cc:c6:2b:4b:92:96:83:76:af:bd:f3:74:
d5:8c:fe:3c:5a:d5:4e:6f:cb:4f:a7:36:04:81:5a:
43:62:ab:d2:88:85:ec:7e:8e:68:7b:c6:5f:6e:ca:
b6:29:1c:4b:44:6d:fa:f4:a1:7c:ab:92:e3:7e:bb:
00:60:ed:e9:0f:a5:e2:f8:e3:3a:8a:15:96:2f:3a:
05:c7:83:ac:04:8b:96:d0:2f:bd:ee:ce:98:62:06:
30:57:35:82:26:05:c7:eb:c3:ff:ad:e0:59:16:8f:
7f:e0:c5:f3:e9:43:6f:96:78:3e:2e:bd:e3:3d:aa:
95:ad:52:a1:bb:37:65:0b:3b:de:64:3f:d2:74:24:
74:da:d8:e6:18:42:5b:05:20:a7:ea:f3:9a:0e:bf:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3B:05:9E:14:A0:06:39:D3:E6:0D:C8:F3:26:70:9F:48:29:C9:B5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JDsFnhSgBjnT5g3I8yZwn0gpybU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19b0::/48
Signature Algorithm: sha256WithRSAEncryption
67:16:99:59:27:e9:c5:b6:b0:52:46:8a:01:f1:6c:44:09:1b:
d8:7e:86:ec:f7:10:03:59:a3:9e:5d:4a:d7:cc:de:3f:56:e5:
ea:55:fc:ed:07:2e:e2:79:cd:77:f2:3e:5a:cc:f0:d0:ec:2b:
c5:55:99:79:0c:01:18:3b:3e:00:e9:76:0d:ae:d2:d9:20:46:
b3:3c:1d:ab:a2:68:f5:d9:31:ab:30:e9:ee:db:13:63:85:c5:
7e:4f:5f:6c:e5:35:28:78:1a:a0:c7:65:30:11:b5:6b:46:85:
5b:e3:ff:cb:ed:f9:c0:4b:0d:73:21:1b:65:08:58:45:af:ca:
88:32:74:a1:da:f3:72:ca:71:47:c1:00:7f:b1:e8:20:aa:a9:
38:60:29:2c:cd:a7:9f:cd:10:78:6f:65:f2:ce:0e:01:5d:3e:
a5:1d:fe:9c:27:95:13:91:1c:96:46:9e:61:e9:2d:45:36:a4:
57:a7:b9:39:20:73:db:d1:d7:52:01:d2:48:09:a8:34:9c:48:
39:40:0a:a0:53:a7:29:9c:96:4c:ea:76:74:dc:3c:27:48:b6:
95:6a:39:4e:0f:48:43:18:f7:d3:21:40:de:b4:63:72:03:72:
fe:02:91:60:08:a4:9e:15:3d:29:35:5c:8a:a8:46:7f:14:19:
df:0e:a8:a8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE1nJfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
MTA3MzkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQzYjA1OWUxNGEw
MDYzOWQzZTYwZGM4ZjMyNjcwOWY0ODI5YzliNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO02R2FFc/8L01fi/9IjW0QnjVNR5mgo7KjX1qkyx2+gL4Yy
4AopncHgR5CRLYDCTWK+p8Wgit2zQl03Yg4T3y8mMWKsDvLzSp5LXE10GFZZ2VQQ
nnwVU1GDNta6W31gn5k/WUl/MiOCfC8BzMYrS5KWg3avvfN01Yz+PFrVTm/LT6c2
BIFaQ2Kr0oiF7H6OaHvGX27KtikcS0Rt+vShfKuS4367AGDt6Q+l4vjjOooVli86
BceDrASLltAvve7OmGIGMFc1giYFx+vD/63gWRaPf+DF8+lDb5Z4Pi694z2qla1S
obs3ZQs73mQ/0nQkdNrY5hhCWwUgp+rzmg6/AfECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQkOwWeFKAGOdPmDcjzJnCfSCnJtTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0pEc0ZuaFNnQmpuVDVnM0k4eVp3bjBncHliVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcZsDANBgkqhkiG9w0BAQsF
AAOCAQEAZxaZWSfpxbawUkaKAfFsRAkb2H6G7PcQA1mjnl1K18zeP1bl6lX87Qcu
4nnNd/I+Wszw0OwrxVWZeQwBGDs+AOl2Da7S2SBGszwdq6Jo9dkxqzDp7tsTY4XF
fk9fbOU1KHgaoMdlMBG1a0aFW+P/y+35wEsNcyEbZQhYRa/KiDJ0odrzcspxR8EA
f7HoIKqpOGApLM2nn80QeG9l8s4OAV0+pR3+nCeVE5EclkaeYektRTakV6e5OSBz
29HXUgHSSAmoNJxIOUAKoFOnKZyWTOp2dNw8J0i2lWo5Tg9IQxj30yFA3rRjcgNy
/gKRYAiknhU9KTVciqhGfxQZ3w6oqA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org