Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L53d2XL6dfEkktZpVLd_LOx8Bdg.roa
File: L53d2XL6dfEkktZpVLd_LOx8Bdg.roa (raw, json)
Hash identifier: oATd5aJpNY/V3+TtMK8SAADvy7kEkFcx7fT6b54HoN0=
Subject key identifier: 2F:9D:DD:D9:72:FA:75:F1:24:92:D6:69:54:B7:7F:2C:EC:7C:05:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14B0F9F4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L53d2XL6dfEkktZpVLd_LOx8Bdg.roa
Signing time: Mon 16 May 2022 18:50:29 +0000
ROA not before: Mon 16 May 2022 18:50:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b10::/48 maxlen: 48
2a0e:97c0:b11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347142644 (0x14b0f9f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 16 18:50:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f9dddd972fa75f12492d66954b77f2cec7c05d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b9:d7:bc:65:0e:66:51:fa:83:75:33:05:8f:
a5:0d:98:cd:70:ad:65:cf:33:ff:ee:81:d7:d0:af:
5c:cb:f9:d6:4b:b2:1b:42:03:91:21:7b:d5:c7:7f:
0e:3c:6b:6c:b4:21:8d:f4:bb:45:23:1f:b8:f6:a8:
62:01:fc:89:3c:38:16:fd:df:61:90:28:bf:e9:5e:
89:1a:d8:1a:27:3c:ea:da:09:b2:50:8a:c6:f3:5c:
fa:73:be:3d:af:b0:e3:65:4e:f6:ef:3b:d4:dc:d1:
a1:8e:47:5b:09:f0:70:b0:99:53:c1:ca:ff:8f:a8:
43:61:18:be:a6:5a:fc:76:da:9a:86:1e:54:fd:81:
68:ee:25:c3:d7:0f:8e:ab:3b:ff:49:10:d0:0b:e1:
ec:8a:74:fc:95:c7:e8:c1:41:b5:44:d0:35:27:4a:
61:5b:55:b1:a4:dd:da:7e:f3:ca:a7:19:83:da:db:
74:40:2e:a5:43:df:fe:fa:76:c6:cc:c8:fb:13:ef:
46:b8:76:96:2a:2f:ae:82:79:48:b2:b6:e7:77:4d:
46:28:bc:57:1b:65:a7:84:0b:a3:58:c3:a6:54:91:
e4:54:86:76:5b:ba:76:5d:9f:68:71:a6:1a:7f:26:
85:09:9e:88:5a:0c:66:80:30:3d:e3:33:81:50:f8:
56:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:9D:DD:D9:72:FA:75:F1:24:92:D6:69:54:B7:7F:2C:EC:7C:05:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/L53d2XL6dfEkktZpVLd_LOx8Bdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::/47
Signature Algorithm: sha256WithRSAEncryption
b8:2c:55:f0:cf:93:4e:ae:cd:d5:82:0b:1c:2f:f5:fe:da:d4:
03:28:19:e7:72:2f:a7:fa:d4:fa:b9:4e:22:83:26:e3:02:44:
d1:54:a6:73:e9:17:89:a5:b9:4c:38:ad:94:ef:15:a2:61:2c:
09:75:23:3a:24:b0:5e:23:05:e5:3c:91:23:90:84:08:56:b3:
6f:a9:13:e2:09:ca:40:1b:e0:48:37:37:d6:3e:8d:48:65:36:
20:f8:e5:92:57:b1:ef:63:d7:f7:56:19:e5:c1:e8:c8:e6:3c:
47:bc:09:70:3b:a9:31:1a:ea:90:f7:6c:c2:07:d0:87:ae:c6:
a1:47:40:b1:20:2b:2d:de:3e:02:a1:1f:83:2e:62:b0:e9:ce:
57:01:04:c2:86:b1:6e:1a:ab:8c:7c:43:45:f1:a4:5f:46:1d:
49:ad:6e:6c:9c:6a:39:0f:1b:2c:a8:cc:bd:25:8f:95:ff:14:
4e:d8:d4:a2:91:12:ee:cd:8d:0c:4f:68:f0:46:56:84:15:d0:
12:2c:9c:c4:66:68:5a:db:9a:81:13:3c:8a:2c:15:b1:77:dc:
17:67:cb:9d:7b:ed:52:68:e5:0d:0f:53:6e:76:c4:b6:1b:03:
8b:f1:57:7b:cc:98:b0:dc:5a:df:56:95:2f:da:fc:9a:cd:0f:
8a:48:f5:d5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFLD59DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUx
NjE4NTAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmY5ZGRkZDk3MmZh
NzVmMTI0OTJkNjY5NTRiNzdmMmNlYzdjMDVkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq517xlDmZR+oN1MwWPpQ2YzXCtZc8z/+6B19CvXMv51kuy
G0IDkSF71cd/DjxrbLQhjfS7RSMfuPaoYgH8iTw4Fv3fYZAov+leiRrYGic86toJ
slCKxvNc+nO+Pa+w42VO9u871NzRoY5HWwnwcLCZU8HK/4+oQ2EYvqZa/HbamoYe
VP2BaO4lw9cPjqs7/0kQ0Avh7Ip0/JXH6MFBtUTQNSdKYVtVsaTd2n7zyqcZg9rb
dEAupUPf/vp2xszI+xPvRrh2liovroJ5SLK253dNRii8Vxtlp4QLo1jDplSR5FSG
dlu6dl2faHGmGn8mhQmeiFoMZoAwPeMzgVD4VnMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQvnd3Zcvp18SSS1mlUt38s7HwF2DAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0w1M2QyWEw2ZGZFa2t0WnBWTGRfTE94OEJkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoOl8ALEDANBgkqhkiG9w0BAQsF
AAOCAQEAuCxV8M+TTq7N1YILHC/1/trUAygZ53Ivp/rU+rlOIoMm4wJE0VSmc+kX
iaW5TDitlO8VomEsCXUjOiSwXiMF5TyRI5CECFazb6kT4gnKQBvgSDc31j6NSGU2
IPjlklex72PX91YZ5cHoyOY8R7wJcDupMRrqkPdswgfQh67GoUdAsSArLd4+AqEf
gy5isOnOVwEEwoaxbhqrjHxDRfGkX0YdSa1ubJxqOQ8bLKjMvSWPlf8UTtjUopES
7s2NDE9o8EZWhBXQEiycxGZoWtuagRM8iiwVsXfcF2fLnXvtUmjlDQ9TbnbEthsD
i/FXe8yYsNxa31aVL9r8ms0Pikj11Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org