Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NxhV3sRtHYGbBu7khPjakkUwt0g.roa
File: NxhV3sRtHYGbBu7khPjakkUwt0g.roa (raw, json)
Hash identifier: os0cT0NZoANkxeaITSUeWK5hKyJL0ANxs/5I9uqdzBI=
Subject key identifier: 37:18:55:DE:C4:6D:1D:81:9B:06:EE:E4:84:F8:DA:92:45:30:B7:48
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183147A059BD30CB1FCB401ECE69F104C46
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NxhV3sRtHYGbBu7khPjakkUwt0g.roa
Signing time: Tue 06 Sep 2022 20:24:44 +0000
ROA not before: Tue 06 Sep 2022 20:24:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203074
IP address blocks: 2a0e:97c0:4b0::/48 maxlen: 48
2a0e:97c0:4b3::/48 maxlen: 48
2a0e:97c0:4b1::/48 maxlen: 48
2a0e:97c0:4b2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:7a:05:9b:d3:0c:b1:fc:b4:01:ec:e6:9f:10:4c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 6 20:24:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=371855dec46d1d819b06eee484f8da924530b748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:ac:f1:2c:20:c6:b7:63:0a:86:44:b7:20:
82:95:70:7e:e0:8d:2f:9f:62:fe:f0:4c:94:8b:a6:
7b:26:d8:7a:c2:f0:e7:cc:b9:c5:2b:66:ff:68:5c:
e7:bf:31:fe:f5:95:f1:50:6e:d0:20:1c:8c:f5:56:
01:f7:46:d0:59:53:fc:d7:08:dd:d1:5e:5e:25:7f:
d9:79:91:15:bc:00:74:d6:d1:d1:e7:db:7c:ef:e4:
f2:21:a4:68:89:a8:51:ad:bf:a5:47:da:03:2a:55:
69:0e:e3:f5:b8:3c:b6:ab:28:fb:a3:80:94:9d:da:
da:f1:6c:b1:69:a4:eb:a7:fd:8b:6f:0b:4a:11:ae:
d7:99:58:0c:5e:f7:d6:f0:3a:53:ea:bc:2c:bd:14:
1f:8f:33:30:ba:57:55:85:56:9c:f7:3e:32:12:eb:
4d:f0:ba:9c:fa:ab:46:cc:9b:87:a9:31:73:76:b3:
a4:fa:c9:28:75:e1:56:b0:27:d4:33:35:f9:80:b2:
64:05:74:17:37:64:32:06:b6:87:d7:d3:58:96:8f:
30:e7:ad:3c:95:90:e8:a8:63:06:76:41:3a:b5:f1:
25:e7:70:0e:17:e9:7f:3b:12:a3:c8:48:2a:88:4b:
5d:71:45:4e:a2:96:34:7a:ce:cc:2c:dd:29:90:a2:
8e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:18:55:DE:C4:6D:1D:81:9B:06:EE:E4:84:F8:DA:92:45:30:B7:48
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NxhV3sRtHYGbBu7khPjakkUwt0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:4b0::/46
Signature Algorithm: sha256WithRSAEncryption
11:78:63:47:88:a5:81:7b:0a:6c:f7:67:96:a6:0a:c9:a2:0c:
c7:a3:54:54:45:79:9e:17:7a:e2:c7:ac:a3:ec:23:dd:21:8e:
c0:95:45:c5:77:47:dd:c9:82:f4:0f:d5:2b:ac:c6:57:a6:b8:
75:82:58:92:28:28:30:9f:f8:e5:46:38:fe:62:a3:49:a9:92:
24:a6:63:b4:14:d5:f2:80:c7:0f:d9:05:e9:c6:3f:b4:28:be:
15:14:d3:97:cf:17:07:bd:f5:68:c6:cf:c8:81:b9:e7:35:ad:
7d:53:4e:3f:01:56:b6:d8:b0:d8:30:a0:a9:2b:c6:5c:dd:a2:
df:92:d0:10:e1:4e:03:89:4a:8f:2f:44:d9:31:5e:5b:6b:47:
6b:08:30:eb:21:d2:d2:12:fc:4e:1f:ac:18:98:fb:94:34:4b:
c6:d4:ed:9a:90:73:b0:09:7c:26:88:6a:21:4d:52:a8:13:27:
f4:2d:53:2d:02:14:2b:c1:bc:af:09:f6:a0:46:23:fb:74:65:
53:2e:97:f6:e9:ac:2b:5e:fb:b2:28:ee:1e:15:21:84:15:c7:
ac:ba:47:aa:ee:2e:48:55:dc:7e:8a:23:88:f6:7c:ab:f7:9b:
a8:62:e6:1c:a2:a6:13:d4:28:1f:ab:0b:fd:49:e4:79:fd:d5:
fe:6d:40:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMUegWb0wyx/LQB7OafEExGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTA2MjAyNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE4NTVkZWM0NmQxZDgxOWIwNmVlZTQ4NGY4ZGE5MjQ1MzBiNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Gs8SwgxrdjCoZEtyCClXB+4I0v
n2L+8EyUi6Z7Jth6wvDnzLnFK2b/aFznvzH+9ZXxUG7QIByM9VYB90bQWVP81wjd
0V5eJX/ZeZEVvAB01tHR59t87+TyIaRoiahRrb+lR9oDKlVpDuP1uDy2qyj7o4CU
ndra8WyxaaTrp/2LbwtKEa7XmVgMXvfW8DpT6rwsvRQfjzMwuldVhVac9z4yEutN
8Lqc+qtGzJuHqTFzdrOk+skodeFWsCfUMzX5gLJkBXQXN2QyBraH19NYlo8w5608
lZDoqGMGdkE6tfEl53AOF+l/OxKjyEgqiEtdcUVOopY0es7MLN0pkKKO/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDcYVd7EbR2Bmwbu5IT42pJFMLdIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTnhoVjNzUnRIWUdiQnU3a2hQamFra1V3dDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XwASw
MA0GCSqGSIb3DQEBCwUAA4IBAQAReGNHiKWBewps92eWpgrJogzHo1RURXmeF3ri
x6yj7CPdIY7AlUXFd0fdyYL0D9UrrMZXprh1gliSKCgwn/jlRjj+YqNJqZIkpmO0
FNXygMcP2QXpxj+0KL4VFNOXzxcHvfVoxs/IgbnnNa19U04/AVa22LDYMKCpK8Zc
3aLfktAQ4U4DiUqPL0TZMV5ba0drCDDrIdLSEvxOH6wYmPuUNEvG1O2akHOwCXwm
iGohTVKoEyf0LVMtAhQrwbyvCfagRiP7dGVTLpf26awrXvuyKO4eFSGEFcesukeq
7i5IVdx+iiOI9nyr95uoYuYcoqYT1Cgfqwv9SeR5/dX+bUBn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org