Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JXBgPLqwgKhC8IN-jsqq_bw_Rlc.roa
File: JXBgPLqwgKhC8IN-jsqq_bw_Rlc.roa (raw, json)
Hash identifier: CwFC1Z4LopU1eNNFou+Ka3Osn3gMsWv6KGJ3v4qFQLc=
Subject key identifier: 25:70:60:3C:BA:B0:80:A8:42:F0:83:7E:8E:CA:AA:FD:BC:3F:46:57
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01848AFAB302275ABF75426C08AE4840ECF7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JXBgPLqwgKhC8IN-jsqq_bw_Rlc.roa
Signing time: Fri 18 Nov 2022 13:43:16 +0000
ROA not before: Fri 18 Nov 2022 13:43:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209391
IP address blocks: 2a0e:b107:1c90::/48 maxlen: 48
2a10:cc40:1cf::/48 maxlen: 48
2a10:cc40:1ca::/48 maxlen: 48
2a10:cc40:1c5::/48 maxlen: 48
2a10:cc40:1c0::/48 maxlen: 48
2a10:cc40:1c3::/48 maxlen: 48
2a10:cc40:1ce::/48 maxlen: 48
2a10:cc40:1c9::/48 maxlen: 48
2a10:cc40:1c4::/48 maxlen: 48
2a10:cc40:1c7::/48 maxlen: 48
2a10:cc40:1c2::/48 maxlen: 48
2a10:cc40:1cd::/48 maxlen: 48
2a10:cc40:1c8::/48 maxlen: 48
2a10:cc40:1cb::/48 maxlen: 48
2a10:cc40:1c6::/48 maxlen: 48
2a10:cc40:1c1::/48 maxlen: 48
2a10:cc40:1cc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:fa:b3:02:27:5a:bf:75:42:6c:08:ae:48:40:ec:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 18 13:43:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2570603cbab080a842f0837e8ecaaafdbc3f4657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5d:cb:d5:0e:c2:17:d4:51:60:24:a5:93:24:
4b:c3:26:3f:de:99:df:99:8f:5d:79:7d:31:60:25:
cc:95:80:f7:20:40:b5:61:51:c8:29:07:cd:45:a5:
77:97:e4:a1:e0:7f:44:16:e3:07:9c:17:2a:9e:df:
03:1e:d1:b0:39:58:0f:40:7d:f0:bf:50:3c:ef:81:
1a:fa:40:38:3a:f0:09:71:3f:40:ec:a2:a2:55:a4:
e3:18:4a:f9:60:ad:25:01:ed:f9:14:a2:5f:e5:09:
8d:3b:0f:c4:79:fe:b1:c6:77:b1:77:ac:2e:35:85:
95:48:4f:f1:f2:4b:43:2e:ed:6b:49:0a:b3:a8:2d:
7f:b5:76:c0:4d:25:9e:4d:08:73:66:70:ef:fb:91:
20:56:0c:94:b1:6c:82:56:89:40:e5:f8:bc:6c:35:
2f:57:96:c7:ee:a7:b5:91:01:a0:0b:bb:54:0d:ec:
0f:28:6a:22:b4:e0:b9:40:52:95:03:10:c6:17:a9:
5a:49:8e:b0:14:74:86:eb:45:52:50:7f:10:9b:e6:
f5:fa:7e:3c:95:b3:99:ce:f3:5b:d1:73:2f:50:c9:
94:01:4f:e4:bb:63:b7:d3:18:e8:af:c0:9c:c3:88:
ac:a2:6a:6e:d3:d8:4c:fb:96:0e:d4:e4:0b:15:a9:
75:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:70:60:3C:BA:B0:80:A8:42:F0:83:7E:8E:CA:AA:FD:BC:3F:46:57
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JXBgPLqwgKhC8IN-jsqq_bw_Rlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c90::/48
2a10:cc40:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
66:73:e7:e9:d0:ff:c3:4b:e0:55:0a:ce:51:8d:47:1b:f0:ca:
12:a3:5c:92:43:52:e3:e2:ce:22:f9:45:91:b7:5f:92:6c:4c:
69:04:4a:af:51:91:19:aa:19:fe:31:f6:36:08:cb:8d:6e:4f:
f4:c6:fb:c0:fc:3f:34:3f:9c:bb:38:53:d9:34:7f:1f:25:38:
6a:6d:b1:6c:90:e2:f2:1b:70:10:40:13:02:01:89:82:88:3f:
5f:2e:38:fb:cb:e7:cf:0e:4e:3a:35:27:c9:27:b8:b2:e5:22:
39:9f:e1:9e:c1:81:ae:3c:32:7b:7e:99:c8:ea:57:46:ce:aa:
5b:f9:d5:df:70:7e:08:a9:0a:c2:c1:3a:52:97:a8:7c:34:ac:
8c:17:31:b9:3c:42:77:cf:83:50:cf:fc:22:69:95:cf:39:56:
6a:00:22:d7:ec:ab:e8:01:a9:47:ea:f8:04:19:e4:23:24:c1:
15:cf:8d:ca:18:45:f5:25:cb:91:fe:f6:fd:dc:ae:d4:41:71:
eb:36:97:47:66:ed:cf:e5:ca:3a:61:9b:04:3e:5e:04:87:b7:
d4:46:05:39:49:0f:9b:6d:13:0b:32:c7:30:f6:7c:12:8d:ac:
e7:53:79:7a:61:52:77:8a:86:c5:6a:5a:1f:1f:ee:a0:5f:83:
89:fc:14:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSK+rMCJ1q/dUJsCK5IQOz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE4MTM0MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTcwNjAzY2JhYjA4MGE4NDJmMDgzN2U4ZWNhYWFmZGJjM2Y0NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql3L1Q7CF9RRYCSlkyRLwyY/3pnf
mY9deX0xYCXMlYD3IEC1YVHIKQfNRaV3l+Sh4H9EFuMHnBcqnt8DHtGwOVgPQH3w
v1A874Ea+kA4OvAJcT9A7KKiVaTjGEr5YK0lAe35FKJf5QmNOw/Eef6xxnexd6wu
NYWVSE/x8ktDLu1rSQqzqC1/tXbATSWeTQhzZnDv+5EgVgyUsWyCVolA5fi8bDUv
V5bH7qe1kQGgC7tUDewPKGoitOC5QFKVAxDGF6laSY6wFHSG60VSUH8Qm+b1+n48
lbOZzvNb0XMvUMmUAU/ku2O30xjor8Ccw4isompu09hM+5YO1OQLFal1ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCVwYDy6sICoQvCDfo7Kqv28P0ZXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSlhCZ1BMcXdnS2hDOElOLWpzcXFfYndfUmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxyQ
AwcEKhDMQAHAMA0GCSqGSIb3DQEBCwUAA4IBAQBmc+fp0P/DS+BVCs5RjUcb8MoS
o1ySQ1Lj4s4i+UWRt1+SbExpBEqvUZEZqhn+MfY2CMuNbk/0xvvA/D80P5y7OFPZ
NH8fJThqbbFskOLyG3AQQBMCAYmCiD9fLjj7y+fPDk46NSfJJ7iy5SI5n+GewYGu
PDJ7fpnI6ldGzqpb+dXfcH4IqQrCwTpSl6h8NKyMFzG5PEJ3z4NQz/wiaZXPOVZq
ACLX7KvoAalH6vgEGeQjJMEVz43KGEX1JcuR/vb93K7UQXHrNpdHZu3P5co6YZsE
Pl4Eh7fURgU5SQ+bbRMLMscw9nwSjaznU3l6YVJ3iobFalofH+6gX4OJ/BSZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:59 2024 by rpki-client on console-ams.rpki-client.org