Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlOZY3R9UdHCf-PZepJVFy2BxOc.roa
File: NlOZY3R9UdHCf-PZepJVFy2BxOc.roa (raw, json)
Hash identifier: VLZqbBqkc3evjLlpOxO6CcISu5fF7HZPLFra2RZmtIk=
Subject key identifier: 36:53:99:63:74:7D:51:D1:C2:7F:E3:D9:7A:92:55:17:2D:81:C4:E7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182EA36A977A5DCA895308AEBC334F8123E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlOZY3R9UdHCf-PZepJVFy2BxOc.roa
Signing time: Mon 29 Aug 2022 15:27:06 +0000
ROA not before: Mon 29 Aug 2022 15:27:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:36:a9:77:a5:dc:a8:95:30:8a:eb:c3:34:f8:12:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 29 15:27:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36539963747d51d1c27fe3d97a9255172d81c4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a9:89:c5:9f:6b:25:24:80:0e:78:da:f7:40:
95:82:2f:37:5a:d5:b1:2f:b5:15:7f:b7:b2:44:bf:
79:00:cd:4b:4e:8f:f9:4b:44:0d:92:e8:16:63:d3:
1b:97:2b:14:5e:d8:1f:35:06:69:31:44:13:c4:64:
dd:80:f1:7d:a3:2b:24:05:0d:19:3f:a0:e4:92:0a:
ca:87:07:2a:33:51:5b:97:5b:b5:41:1a:1c:dc:5f:
60:67:e8:24:16:ab:18:b5:06:89:a5:f8:6f:fc:b3:
91:70:b1:2e:d2:ed:b6:59:77:73:21:ce:85:79:fd:
8c:7b:fa:f3:74:b0:a9:24:de:74:cb:65:71:e8:14:
0c:06:99:bf:03:0b:00:b5:73:ca:86:17:cc:5d:c7:
25:fa:a4:5c:16:47:7d:69:fe:7b:a8:18:51:03:8a:
44:4e:07:13:3f:12:a8:32:80:26:b6:32:48:9d:99:
85:f8:d8:c4:68:1a:b0:6f:64:27:ed:b1:78:3d:5c:
88:dc:27:b5:59:65:f8:cd:fe:5e:e1:f0:53:88:ae:
b9:2f:77:d0:22:c3:77:55:33:29:d5:02:3b:68:97:
f9:a9:2b:67:24:35:b2:c3:f9:92:19:30:1e:78:84:
d5:d7:36:a4:46:6a:c5:97:2e:7d:6c:ce:37:1e:a5:
c4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:53:99:63:74:7D:51:D1:C2:7F:E3:D9:7A:92:55:17:2D:81:C4:E7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlOZY3R9UdHCf-PZepJVFy2BxOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
65:ea:db:dd:81:e0:d4:81:50:09:79:c1:b7:ba:a3:30:e7:61:
17:e7:17:91:76:e3:37:1c:73:c0:54:3b:29:8d:1d:bb:1d:e6:
2b:1f:b9:6a:e3:a9:42:fb:8d:51:8e:be:16:93:e2:6b:13:41:
61:2e:42:9e:91:65:58:23:d6:56:d0:aa:50:3e:77:04:ff:d6:
e7:ca:c5:14:ef:b0:8c:84:59:66:dc:52:7e:b0:1f:2d:2d:e5:
d4:f3:18:4e:9a:0f:3e:64:10:60:bb:fa:ea:5b:df:13:35:8f:
b4:a8:e7:45:a4:95:59:7c:cf:d8:aa:01:be:c5:b2:2e:d0:ac:
a4:bf:9b:f6:3a:5d:cf:a9:3a:0c:d3:0a:47:80:51:d2:b4:62:
2c:50:56:42:54:a1:c4:46:42:d9:0b:03:0c:16:08:72:5b:10:
1b:1b:9f:f7:43:37:8a:02:b6:1e:eb:aa:dc:c0:42:b7:21:c2:
2f:89:d4:3f:f2:87:38:8d:69:f7:0d:50:c7:d5:ad:08:22:f0:
9e:d8:4b:de:88:e6:04:c7:3d:1c:af:e8:22:09:db:45:d8:4f:
30:8c:f8:c2:36:a7:7d:a3:cf:8b:11:f2:d0:e9:c3:33:dd:6e:
fa:b8:05:da:8d:5f:5d:a7:5f:d6:80:93:00:dd:4f:98:ea:c1:
ad:32:38:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLqNql3pdyolTCK68M0+BI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI5MTUyNzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUzOTk2Mzc0N2Q1MWQxYzI3ZmUzZDk3YTkyNTUxNzJkODFjNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6mJxZ9rJSSADnja90CVgi83WtWx
L7UVf7eyRL95AM1LTo/5S0QNkugWY9MblysUXtgfNQZpMUQTxGTdgPF9oyskBQ0Z
P6DkkgrKhwcqM1Fbl1u1QRoc3F9gZ+gkFqsYtQaJpfhv/LORcLEu0u22WXdzIc6F
ef2Me/rzdLCpJN50y2Vx6BQMBpm/AwsAtXPKhhfMXccl+qRcFkd9af57qBhRA4pE
TgcTPxKoMoAmtjJInZmF+NjEaBqwb2Qn7bF4PVyI3Ce1WWX4zf5e4fBTiK65L3fQ
IsN3VTMp1QI7aJf5qStnJDWyw/mSGTAeeITV1zakRmrFly59bM43HqXEQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDZTmWN0fVHRwn/j2XqSVRctgcTnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTmxPWlkzUjlVZEhDZi1QWmVwSlZGeTJCeE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxmg
MA0GCSqGSIb3DQEBCwUAA4IBAQBl6tvdgeDUgVAJecG3uqMw52EX5xeRduM3HHPA
VDspjR27HeYrH7lq46lC+41Rjr4Wk+JrE0FhLkKekWVYI9ZW0KpQPncE/9bnysUU
77CMhFlm3FJ+sB8tLeXU8xhOmg8+ZBBgu/rqW98TNY+0qOdFpJVZfM/YqgG+xbIu
0Kykv5v2Ol3PqToM0wpHgFHStGIsUFZCVKHERkLZCwMMFghyWxAbG5/3QzeKArYe
66rcwEK3IcIvidQ/8oc4jWn3DVDH1a0IIvCe2EveiOYExz0cr+giCdtF2E8wjPjC
Nqd9o8+LEfLQ6cMz3W76uAXajV9dp1/WgJMA3U+Y6sGtMjhj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org