Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NY5gtaW9DrEfqeOHhgzW7oaf7w4.roa
File: NY5gtaW9DrEfqeOHhgzW7oaf7w4.roa (raw, json)
Hash identifier: G5MET80MhW1xRjpO7gf4WZr3/kQvveCVgUKQEoYm7O8=
Subject key identifier: 35:8E:60:B5:A5:BD:0E:B1:1F:A9:E3:87:86:0C:D6:EE:86:9F:EF:0E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01829DF0D600B3B0FE81C1CAD1441E327B58
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NY5gtaW9DrEfqeOHhgzW7oaf7w4.roa
Signing time: Sun 14 Aug 2022 19:59:42 +0000
ROA not before: Sun 14 Aug 2022 19:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212154
IP address blocks: 2a0e:b107:1c00::/48 maxlen: 48
2a0e:b107:1c0f::/48 maxlen: 48
2a0e:b107:1c0e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9d:f0:d6:00:b3:b0:fe:81:c1:ca:d1:44:1e:32:7b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 14 19:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=358e60b5a5bd0eb11fa9e387860cd6ee869fef0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:0f:f1:d9:77:a6:cf:8a:0b:31:7a:95:ed:
b9:94:14:57:7d:eb:c5:c4:a6:6d:ba:da:53:12:d2:
bc:08:1b:41:ab:5d:b9:bc:ef:79:56:e9:c7:b5:2e:
a0:99:46:ca:01:c9:41:6c:6b:16:65:9a:06:91:53:
59:a1:dc:b8:eb:88:1d:a7:33:4a:d2:8e:51:c0:e4:
16:5c:bf:f0:7a:c2:cd:a3:7b:6f:9d:e3:24:f3:38:
65:9f:8a:37:bf:f6:91:11:5c:c3:78:5a:75:d6:b7:
63:9b:cf:13:c6:f3:0a:90:8f:bf:79:24:1b:0a:0b:
42:1f:d7:00:93:84:90:79:19:fa:5a:a0:df:c8:aa:
1f:e4:5e:f9:d6:58:20:f3:8f:86:2d:f3:57:57:22:
68:15:02:3d:49:28:21:f8:bc:cc:01:73:6b:53:a2:
9d:73:ff:0e:d0:71:42:da:43:43:b6:3a:f5:14:77:
7b:a3:6b:2f:1b:5f:c1:88:bb:87:d9:21:f9:cd:d4:
b7:34:25:bb:c5:11:e4:8b:d9:07:05:50:85:70:c4:
c2:d7:d2:10:c9:ad:58:c3:d6:d6:5a:b8:12:ab:6d:
cc:2e:99:14:97:c4:5b:b7:f8:d6:88:3b:4c:b1:1e:
50:fb:90:97:a1:44:eb:46:44:33:58:4a:e3:2a:b6:
eb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8E:60:B5:A5:BD:0E:B1:1F:A9:E3:87:86:0C:D6:EE:86:9F:EF:0E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NY5gtaW9DrEfqeOHhgzW7oaf7w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c00::/48
2a0e:b107:1c0e::/47
Signature Algorithm: sha256WithRSAEncryption
59:ca:c8:1f:b4:d5:3c:ea:7b:b8:cc:e9:4c:c3:d5:7c:8e:9c:
31:50:d3:95:6c:6a:ec:0a:e2:21:c7:37:f7:78:61:8d:4b:f5:
70:b2:3c:68:65:39:14:d8:08:0f:42:e6:6d:43:2c:92:f2:7a:
40:46:de:65:6e:00:4b:66:db:94:6a:fe:a2:39:be:15:34:42:
76:7a:1b:1a:ef:a7:8c:0f:53:30:e3:5d:80:62:7f:8a:32:db:
6d:4a:8c:98:b5:7b:ba:f8:bf:91:ef:19:cd:2d:0e:6b:cb:a7:
5c:db:98:61:07:be:a0:d0:84:1a:b4:a9:98:36:00:91:84:9d:
cb:f3:97:87:f3:d4:f5:ea:91:66:56:2b:38:39:58:0d:47:6f:
61:dd:3f:f8:8a:e2:42:81:bc:8d:90:84:d5:1f:b0:1c:eb:95:
a6:cf:38:d5:c1:42:73:51:28:dd:4a:4d:12:32:8e:ea:83:4a:
d4:d5:3c:7d:0e:14:2c:10:f5:b7:24:3d:81:b5:ff:56:b8:6f:
8b:f2:b9:80:28:a3:2b:e3:4f:12:8c:99:71:8d:fb:13:38:c3:
5a:3b:ab:87:79:d5:85:2e:a3:e3:df:c8:3a:71:dc:e1:ff:3e:
78:c9:4d:e4:5f:fd:0a:92:3c:d9:3a:2e:4b:2a:36:0d:78:0e:
4e:5d:d8:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKd8NYAs7D+gcHK0UQeMntYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODE0MTk1OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThlNjBiNWE1YmQwZWIxMWZhOWUzODc4NjBjZDZlZTg2OWZlZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPkP8dl3ps+KCzF6le25lBRXfevF
xKZtutpTEtK8CBtBq125vO95VunHtS6gmUbKAclBbGsWZZoGkVNZody464gdpzNK
0o5RwOQWXL/wesLNo3tvneMk8zhln4o3v/aREVzDeFp11rdjm88TxvMKkI+/eSQb
CgtCH9cAk4SQeRn6WqDfyKof5F751lgg84+GLfNXVyJoFQI9SSgh+LzMAXNrU6Kd
c/8O0HFC2kNDtjr1FHd7o2svG1/BiLuH2SH5zdS3NCW7xRHki9kHBVCFcMTC19IQ
ya1Yw9bWWrgSq23MLpkUl8Rbt/jWiDtMsR5Q+5CXoUTrRkQzWErjKrbriwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDWOYLWlvQ6xH6njh4YM1u6Gn+8OMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTlk1Z3RhVzlEckVmcWVPSGhnelc3b2FmN3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxwA
AwcBKg6xBxwOMA0GCSqGSIb3DQEBCwUAA4IBAQBZysgftNU86nu4zOlMw9V8jpwx
UNOVbGrsCuIhxzf3eGGNS/VwsjxoZTkU2AgPQuZtQyyS8npARt5lbgBLZtuUav6i
Ob4VNEJ2ehsa76eMD1Mw412AYn+KMtttSoyYtXu6+L+R7xnNLQ5ry6dc25hhB76g
0IQatKmYNgCRhJ3L85eH89T16pFmVis4OVgNR29h3T/4iuJCgbyNkITVH7Ac65Wm
zzjVwUJzUSjdSk0SMo7qg0rU1Tx9DhQsEPW3JD2Btf9WuG+L8rmAKKMr408SjJlx
jfsTOMNaO6uHedWFLqPj38g6cdzh/z54yU3kX/0KkjzZOi5LKjYNeA5OXdga
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org