Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L0xLvXQasSl5S9wfdD-oNd27xSc.roa
File: L0xLvXQasSl5S9wfdD-oNd27xSc.roa (raw, json)
Hash identifier: 1CClKRhbQC4SwLJFVEuq22qFcFbi5dTh3nL2WTq5QiA=
Subject key identifier: 2F:4C:4B:BD:74:1A:B1:29:79:4B:DC:1F:74:3F:A8:35:DD:BB:C5:27
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01820A22855B9019D1B1B10E0B8DA0728FF5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L0xLvXQasSl5S9wfdD-oNd27xSc.roa
Signing time: Sun 17 Jul 2022 03:10:10 +0000
ROA not before: Sun 17 Jul 2022 03:10:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204610
IP address blocks: 2a0e:97c0:b60::/44 maxlen: 48
2a0e:97c0:b60::/48 maxlen: 48
2a0e:97c0:b6a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0a:22:85:5b:90:19:d1:b1:b1:0e:0b:8d:a0:72:8f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 17 03:10:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f4c4bbd741ab129794bdc1f743fa835ddbbc527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:52:00:a8:ba:b0:62:ff:e2:be:a2:92:24:7e:
1b:03:67:bd:f6:a1:7d:18:11:11:a5:28:cc:e5:d4:
3e:cf:6e:e0:58:ed:53:28:be:08:4e:6d:30:b4:93:
92:72:c4:24:c8:a2:1f:d1:70:81:50:07:91:9b:e7:
54:b6:3a:99:eb:6a:73:de:c6:58:d2:1c:60:39:0c:
69:29:00:6e:59:66:d4:c4:f2:4d:00:47:81:f1:17:
58:16:d3:e1:d1:2a:b7:2c:3c:80:c5:5f:30:e8:e6:
de:9a:2b:26:cf:96:95:0e:d3:ce:7f:65:bc:ea:03:
fc:a2:e3:d2:6a:be:f1:e0:8e:68:8d:eb:4c:5a:6a:
fb:a3:94:4b:fa:87:64:b5:7e:6a:51:93:07:93:95:
dd:6b:10:97:9d:4a:9d:a3:b4:f7:79:1f:11:f2:16:
62:be:55:58:03:fb:54:50:88:47:fc:2f:8f:0f:28:
fd:fa:d7:9a:55:d1:2b:34:ce:f6:6b:08:4f:55:b7:
35:7d:cc:5a:c6:b3:94:a3:76:91:69:e0:77:3b:f8:
6f:ee:ba:51:d1:82:2f:61:7b:21:35:4b:7c:77:f1:
c9:dd:8b:37:3d:a6:ca:79:9a:94:33:ff:38:98:66:
c1:92:7d:39:36:dc:28:64:be:df:0c:ae:4d:15:f0:
53:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4C:4B:BD:74:1A:B1:29:79:4B:DC:1F:74:3F:A8:35:DD:BB:C5:27
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L0xLvXQasSl5S9wfdD-oNd27xSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b60::/44
Signature Algorithm: sha256WithRSAEncryption
08:d6:03:e7:57:30:d8:53:c9:ae:2c:ef:bb:0a:0d:93:b4:62:
10:05:d5:c4:f0:08:04:fa:bf:f4:d3:53:d1:ea:1a:bf:71:be:
d4:53:ac:f3:cf:c3:70:c1:c5:49:02:55:98:c6:c5:b6:2d:6b:
db:7a:c1:f3:c1:99:a0:c0:3e:5c:a2:c4:8a:3c:d2:ea:4c:90:
a8:de:99:08:81:a4:4a:ad:19:b0:bc:49:f1:a0:27:53:dc:0c:
2e:d9:b4:0f:53:bf:61:e8:d6:8b:40:37:fa:90:b9:04:0c:45:
be:20:b6:79:d1:8b:1b:e3:79:ce:a5:e9:1e:ec:3a:a3:7d:69:
fa:0f:18:52:b7:83:63:1d:a1:c1:e0:52:02:de:c6:2d:ba:90:
57:b9:62:7f:45:e5:b6:5d:13:21:09:42:f2:92:db:52:c4:d1:
e7:5f:75:50:e4:77:c1:f3:f2:17:46:3b:4a:2d:87:d4:7c:20:
0e:46:df:3e:b8:df:9f:93:fe:d3:c7:ca:79:1c:1f:a0:42:86:
77:24:6d:68:ef:b0:ac:16:04:b0:3f:0b:73:a2:3a:e3:7f:2c:
de:75:ab:6c:18:53:9f:22:83:5d:1e:72:5f:ee:a5:e9:e5:2f:
57:63:cf:58:3e:b0:91:55:ae:7d:d3:e5:39:fb:3d:b9:3a:74:
6f:37:3f:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIKIoVbkBnRsbEOC42gco/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzE3MDMxMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRjNGJiZDc0MWFiMTI5Nzk0YmRjMWY3NDNmYTgzNWRkYmJjNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lIAqLqwYv/ivqKSJH4bA2e99qF9
GBERpSjM5dQ+z27gWO1TKL4ITm0wtJOScsQkyKIf0XCBUAeRm+dUtjqZ62pz3sZY
0hxgOQxpKQBuWWbUxPJNAEeB8RdYFtPh0Sq3LDyAxV8w6Obemismz5aVDtPOf2W8
6gP8ouPSar7x4I5ojetMWmr7o5RL+odktX5qUZMHk5XdaxCXnUqdo7T3eR8R8hZi
vlVYA/tUUIhH/C+PDyj9+teaVdErNM72awhPVbc1fcxaxrOUo3aRaeB3O/hv7rpR
0YIvYXshNUt8d/HJ3Ys3PabKeZqUM/84mGbBkn05NtwoZL7fDK5NFfBToQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC9MS710GrEpeUvcH3Q/qDXdu8UnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTDB4THZYUWFzU2w1Uzl3ZmRELW9OZDI3eFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtg
MA0GCSqGSIb3DQEBCwUAA4IBAQAI1gPnVzDYU8muLO+7Cg2TtGIQBdXE8AgE+r/0
01PR6hq/cb7UU6zzz8NwwcVJAlWYxsW2LWvbesHzwZmgwD5cosSKPNLqTJCo3pkI
gaRKrRmwvEnxoCdT3Awu2bQPU79h6NaLQDf6kLkEDEW+ILZ50Ysb43nOpeke7Dqj
fWn6DxhSt4NjHaHB4FIC3sYtupBXuWJ/ReW2XRMhCULykttSxNHnX3VQ5HfB8/IX
RjtKLYfUfCAORt8+uN+fk/7Tx8p5HB+gQoZ3JG1o77CsFgSwPwtzojrjfyzedats
GFOfIoNdHnJf7qXp5S9XY89YPrCRVa590+U5+z25OnRvNz/R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:00 2024 by rpki-client on console-ams.rpki-client.org