Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N-ljFthpoBRevPrWX6HIPRjdKPA.roa
File: N-ljFthpoBRevPrWX6HIPRjdKPA.roa (raw, json)
Hash identifier: TrRiCM0/uY739/At4fbYoyqJ2XP0KJAzn2QJ58InDWI=
Subject key identifier: 37:E9:63:16:D8:69:A0:14:5E:BC:FA:D6:5F:A1:C8:3D:18:DD:28:F0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10961E87
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N-ljFthpoBRevPrWX6HIPRjdKPA.roa
Signing time: Sat 01 Jan 2022 09:05:04 +0000
ROA not before: Sat 01 Jan 2022 09:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205947
IP address blocks: 2a09:4c2:2e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278273671 (0x10961e87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37e96316d869a0145ebcfad65fa1c83d18dd28f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c2:30:26:3c:58:39:56:a3:bd:2c:13:0e:ad:
a6:1a:79:8d:bf:e5:a2:60:ba:0f:7d:3f:1f:ea:92:
c1:6c:0e:af:ab:04:bf:9c:ed:3c:87:e0:0f:11:c6:
b7:5d:e6:9e:fb:84:ca:e3:f0:ae:7e:77:71:ff:de:
83:de:ad:33:e6:50:6c:ea:b6:71:b0:54:98:92:78:
7a:cd:20:83:30:ec:73:fd:89:00:2c:ec:95:55:4c:
4c:b3:e2:05:09:f8:b7:01:41:78:c5:9c:a2:7f:d8:
2e:d0:1b:b6:85:31:19:a2:f5:10:7c:a0:95:97:8d:
cd:15:49:77:51:72:32:8a:3b:07:a7:f9:8f:8b:7b:
d5:00:d2:61:9a:22:32:25:b8:c0:a9:53:9e:7c:ae:
0f:0e:97:c4:bd:ef:38:f0:2f:13:2c:60:f7:ef:3c:
9c:24:5c:41:23:e3:48:62:bb:15:39:84:04:fd:d5:
60:ae:fb:ff:82:97:48:aa:ef:41:b9:4b:fe:2f:4c:
6e:06:14:39:8f:45:a2:e7:79:3c:e9:42:3d:65:27:
af:87:dc:87:0f:c7:c4:11:1b:e3:29:68:68:18:65:
4d:47:9c:57:b7:03:cb:bd:53:c4:11:97:11:b3:d1:
a7:9f:10:bc:27:38:03:11:ec:2d:9c:a6:a1:91:0b:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E9:63:16:D8:69:A0:14:5E:BC:FA:D6:5F:A1:C8:3D:18:DD:28:F0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N-ljFthpoBRevPrWX6HIPRjdKPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4c2:2e::/48
Signature Algorithm: sha256WithRSAEncryption
bf:b9:42:f4:7c:ec:fa:58:e3:c1:74:bf:df:50:ca:03:7a:ef:
0c:28:75:de:6a:62:69:de:fb:a4:71:cd:6e:43:a4:25:86:5d:
34:9d:58:08:36:58:78:09:c0:5b:46:1d:6d:5f:4f:83:07:08:
ac:ca:a3:20:8b:4d:3b:21:2a:c6:c8:85:88:9c:8c:e2:d6:f0:
e5:0a:be:78:b6:ba:b5:50:66:7b:7c:2a:dd:b9:49:6e:62:3c:
70:55:a6:3b:ce:c5:7c:2a:72:75:8a:d1:0f:90:54:51:30:b0:
40:ef:8e:ff:df:b0:c2:ce:6e:d3:d8:23:a6:d6:87:b7:1f:82:
d4:a2:e4:5e:ca:09:1b:dc:18:1b:da:06:f7:a1:3c:36:70:f7:
a2:a7:6c:e6:af:83:88:f9:2a:b1:a9:14:c9:a7:55:cc:47:32:
e0:18:f7:3c:6c:ae:92:63:0a:c9:b2:05:56:4c:8d:83:f2:9f:
6a:ee:be:44:38:f5:50:10:7d:67:1b:79:ce:81:04:af:0b:f4:
71:96:de:26:92:1b:a0:21:46:67:7e:16:e2:5d:99:2c:38:55:
9e:11:41:92:5b:23:38:d2:79:ba:f6:7c:9b:6f:5f:07:45:4d:
72:53:2c:77:d6:3e:77:99:1b:55:d2:72:32:ff:db:59:32:27:
b9:21:1c:f6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJYehzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdlOTYzMTZkODY5
YTAxNDVlYmNmYWQ2NWZhMWM4M2QxOGRkMjhmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvCMCY8WDlWo70sEw6tphp5jb/lomC6D30/H+qSwWwOr6sE
v5ztPIfgDxHGt13mnvuEyuPwrn53cf/eg96tM+ZQbOq2cbBUmJJ4es0ggzDsc/2J
ACzslVVMTLPiBQn4twFBeMWcon/YLtAbtoUxGaL1EHyglZeNzRVJd1FyMoo7B6f5
j4t71QDSYZoiMiW4wKlTnnyuDw6XxL3vOPAvEyxg9+88nCRcQSPjSGK7FTmEBP3V
YK77/4KXSKrvQblL/i9MbgYUOY9Foud5POlCPWUnr4fchw/HxBEb4yloaBhlTUec
V7cDy71TxBGXEbPRp58QvCc4AxHsLZymoZELR70CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ36WMW2GmgFF68+tZfocg9GN0o8DAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L04tbGpGdGhwb0JSZXZQcldYNkhJUFJqZEtQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJBMIALjANBgkqhkiG9w0BAQsF
AAOCAQEAv7lC9Hzs+ljjwXS/31DKA3rvDCh13mpiad77pHHNbkOkJYZdNJ1YCDZY
eAnAW0YdbV9PgwcIrMqjIItNOyEqxsiFiJyM4tbw5Qq+eLa6tVBme3wq3blJbmI8
cFWmO87FfCpydYrRD5BUUTCwQO+O/9+wws5u09gjptaHtx+C1KLkXsoJG9wYG9oG
96E8NnD3oqds5q+DiPkqsakUyadVzEcy4Bj3PGyukmMKybIFVkyNg/Kfau6+RDj1
UBB9Zxt5zoEErwv0cZbeJpIboCFGZ34W4l2ZLDhVnhFBklsjONJ5uvZ8m29fB0VN
clMsd9Y+d5kbVdJyMv/bWTInuSEc9g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org