Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JQyqOVdksbXkOZoRW4Xupmj2ZpE.roa
File: JQyqOVdksbXkOZoRW4Xupmj2ZpE.roa (raw, json)
Hash identifier: enXBy4SshPqVHkTZa4FY9emD1qNTzo15YqmA1XB4rLU=
Subject key identifier: 25:0C:AA:39:57:64:B1:B5:E4:39:9A:11:5B:85:EE:A6:68:F6:66:91
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10C1FAC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JQyqOVdksbXkOZoRW4Xupmj2ZpE.roa
Signing time: Sat 01 Jan 2022 09:05:26 +0000
ROA not before: Sat 01 Jan 2022 09:05:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211231
IP address blocks: 2a0e:b107:1390::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281148099 (0x10c1fac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=250caa395764b1b5e4399a115b85eea668f66691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:df:22:c4:a0:fb:b9:c0:1a:66:f4:b4:39:
07:e4:0b:4c:56:f6:84:38:0d:04:27:64:dc:72:94:
56:db:ed:bc:c6:52:55:13:ce:a0:c5:7f:b6:a1:00:
b3:3e:84:4c:db:32:b5:14:71:11:2b:2f:06:32:3a:
bc:dd:33:f3:99:e3:74:35:15:f2:33:c9:49:7e:d8:
dc:d6:eb:28:12:1a:9e:f1:24:15:35:af:9f:e9:ef:
cc:3b:23:6b:be:45:99:50:5e:46:61:b3:fc:8e:d6:
0e:3f:94:0b:46:8a:e4:39:1c:e1:9a:51:ee:27:84:
3e:06:a1:1f:e9:88:64:c7:48:57:9b:29:a0:61:e5:
50:26:ab:3c:cf:6b:28:3a:cf:89:fa:6c:0b:82:f5:
20:83:1c:90:d0:f2:e3:53:94:fe:5c:ff:89:c5:69:
45:bb:5b:d2:b7:ab:74:64:1c:c8:60:70:7c:e2:a7:
13:cb:0d:2e:73:d9:75:19:db:e0:c2:73:39:11:e8:
42:79:ef:f5:24:2a:5e:a7:be:15:68:ce:0d:c9:d0:
f0:5f:d2:2c:f7:60:32:d8:9e:59:f6:ec:84:bd:e8:
8e:cc:bb:77:e8:b5:3f:1d:e7:e0:3e:c7:07:23:16:
56:64:12:13:f1:33:c1:12:60:56:15:21:94:ac:f8:
4a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0C:AA:39:57:64:B1:B5:E4:39:9A:11:5B:85:EE:A6:68:F6:66:91
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JQyqOVdksbXkOZoRW4Xupmj2ZpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1390::/44
Signature Algorithm: sha256WithRSAEncryption
77:76:5e:75:be:89:6d:a1:12:51:23:f1:23:00:41:1e:4f:8b:
03:ca:9c:08:47:79:0c:fb:ea:5d:59:82:59:79:15:fa:ca:06:
f5:e0:2a:4a:c1:53:5e:cd:fb:46:5e:83:96:29:53:f7:d7:37:
18:d9:b5:be:2d:62:a4:e4:2e:d6:c7:4a:c0:06:f3:94:5e:28:
c7:5c:71:64:3a:f3:1a:90:95:fb:05:80:36:cc:e7:13:8a:8a:
a0:94:8e:a9:6e:76:74:26:78:8f:28:66:a1:24:a2:d8:9d:5d:
7e:cc:ef:2b:ba:8b:ca:12:9e:49:2e:5f:4c:ed:94:59:d4:9a:
53:96:e0:30:5d:4f:c5:fa:fb:d8:69:53:cf:0f:c8:c5:3a:23:
53:79:37:20:55:58:1d:39:10:8b:de:89:30:88:48:5d:41:9b:
4c:30:ac:a6:c8:18:38:1f:34:57:a1:a8:ca:75:60:fa:0e:c8:
93:01:0c:c8:46:f3:f6:bf:46:d3:13:62:41:ed:87:9a:5a:65:
e9:e8:af:6d:98:9d:d9:c7:06:e1:89:cf:15:a4:ce:52:ab:b0:
2e:1a:73:62:c3:15:9b:eb:8b:a7:ca:6c:f6:6b:24:5e:08:ba:
ce:c7:99:98:28:56:b7:ed:72:a6:94:30:a9:98:e8:fa:1c:56:
aa:b2:e3:2a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEMH6wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUwY2FhMzk1NzY0
YjFiNWU0Mzk5YTExNWI4NWVlYTY2OGY2NjY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrJ3yLEoPu5wBpm9LQ5B+QLTFb2hDgNBCdk3HKUVtvtvMZS
VRPOoMV/tqEAsz6ETNsytRRxESsvBjI6vN0z85njdDUV8jPJSX7Y3NbrKBIanvEk
FTWvn+nvzDsja75FmVBeRmGz/I7WDj+UC0aK5Dkc4ZpR7ieEPgahH+mIZMdIV5sp
oGHlUCarPM9rKDrPifpsC4L1IIMckNDy41OU/lz/icVpRbtb0rerdGQcyGBwfOKn
E8sNLnPZdRnb4MJzORHoQnnv9SQqXqe+FWjODcnQ8F/SLPdgMtieWfbshL3ojsy7
d+i1Px3n4D7HByMWVmQSE/EzwRJgVhUhlKz4SvECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQlDKo5V2SxteQ5mhFbhe6maPZmkTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0pReXFPVmRrc2JYa09ab1JXNFh1cG1qMlpwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcTkDANBgkqhkiG9w0BAQsF
AAOCAQEAd3Zedb6JbaESUSPxIwBBHk+LA8qcCEd5DPvqXVmCWXkV+soG9eAqSsFT
Xs37Rl6DlilT99c3GNm1vi1ipOQu1sdKwAbzlF4ox1xxZDrzGpCV+wWANsznE4qK
oJSOqW52dCZ4jyhmoSSi2J1dfszvK7qLyhKeSS5fTO2UWdSaU5bgMF1Pxfr72GlT
zw/IxTojU3k3IFVYHTkQi96JMIhIXUGbTDCspsgYOB80V6GoynVg+g7IkwEMyEbz
9r9G0xNiQe2Hmlpl6eivbZid2ccG4YnPFaTOUquwLhpzYsMVm+uLp8ps9mskXgi6
zseZmChWt+1yppQwqZjo+hxWqrLjKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org