Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O_cPajgySeF80-0lOVEgHif4V2s.roa
File: O_cPajgySeF80-0lOVEgHif4V2s.roa (raw, json)
Hash identifier: h7kWK5KGwOyKsf7fVB9c0qW3tsECF9FHr9S+TNeTPvc=
Subject key identifier: 3B:F7:0F:6A:38:32:49:E1:7C:D3:ED:25:39:51:20:1E:27:F8:57:6B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10AE67FD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O_cPajgySeF80-0lOVEgHif4V2s.roa
Signing time: Sat 01 Jan 2022 09:05:17 +0000
ROA not before: Sat 01 Jan 2022 09:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210619
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:800::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279865341 (0x10ae67fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bf70f6a383249e17cd3ed253951201e27f8576b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5b:90:84:1d:0d:7c:30:54:e0:fc:59:45:ac:
8a:bb:a8:1b:e0:49:b2:04:04:03:50:a0:54:c0:da:
5a:51:e4:35:aa:c6:1d:de:25:8c:68:82:b4:39:d0:
52:73:68:fd:ee:ed:e8:1f:2e:30:72:99:7d:a2:27:
3c:82:e6:d2:6b:58:1a:e1:6c:bd:a0:58:5e:85:28:
d7:97:00:8e:97:f9:3f:cc:76:fa:4c:7e:62:01:a9:
96:95:68:2e:83:98:dc:5e:e1:8a:a7:ef:a2:87:e8:
cf:4f:5f:77:93:8c:32:a4:e6:14:89:cf:96:96:35:
9d:56:7b:eb:1b:de:11:8f:03:3f:d5:df:66:70:30:
c8:9a:4c:0b:2a:0b:cc:05:16:79:89:11:42:f7:f5:
f4:72:ee:a9:8a:0a:c4:2f:fd:a2:76:7e:19:77:36:
69:5d:55:d8:00:a4:29:f9:63:57:f8:a8:9a:e3:9a:
ba:80:7c:db:ce:54:32:58:5f:16:51:01:f0:d6:1c:
c3:8d:4b:30:5e:79:b2:13:e8:85:76:e5:89:f0:e7:
d9:27:f7:34:5d:f3:1a:7c:fc:a7:0f:39:e6:59:cd:
b9:5a:65:ba:e4:1b:93:0d:cc:bb:ee:67:c3:53:16:
ed:a4:72:45:09:72:b7:ef:91:83:b7:2f:45:92:fd:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F7:0F:6A:38:32:49:E1:7C:D3:ED:25:39:51:20:1E:27:F8:57:6B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O_cPajgySeF80-0lOVEgHif4V2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
2a0e:97c0:800::/39
Signature Algorithm: sha256WithRSAEncryption
a0:b7:d5:7a:58:58:b7:9c:61:29:48:b6:2d:38:7c:09:b0:b7:
65:2e:27:43:2f:c3:d5:29:6e:bb:a1:c9:67:bd:99:a6:9b:e9:
67:1e:ff:38:5d:86:e8:ef:1d:26:f5:34:db:ce:37:b0:c2:f2:
1d:bf:e6:21:1e:90:b9:97:b8:b2:03:0d:e8:c5:f7:00:48:44:
83:a2:c5:b4:78:55:ff:3a:53:f0:64:a2:fd:b1:27:41:47:57:
77:ed:ed:49:ab:58:5b:9b:41:22:af:13:46:0d:5d:9c:a8:dd:
c7:24:f0:52:64:f8:1a:01:dd:50:79:75:3e:d6:94:aa:d9:fa:
80:82:65:ab:5d:a7:94:99:cb:69:5b:df:65:84:04:d0:40:ba:
4e:d4:a2:fc:b5:ef:8e:96:28:8e:2e:12:0c:a4:4b:cd:e1:51:
3f:35:c5:a6:09:c9:45:e9:f8:c2:63:0d:7e:8a:8c:cc:0b:68:
10:da:40:1a:41:ea:76:19:3c:8d:0f:42:94:d9:8f:17:dc:f3:
fe:f7:30:ed:5c:5d:db:d3:01:f9:1f:d2:1a:ed:4f:d9:f3:9d:
18:85:78:ee:d3:6d:dc:b1:9e:ed:8e:56:7e:f2:a6:c1:2c:b0:
ce:b0:d5:6a:bf:3d:48:c6:e9:ca:e2:1a:23:90:2f:dd:1d:1d:
ef:54:c5:8c
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEEK5n/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JmNzBmNmEzODMy
NDllMTdjZDNlZDI1Mzk1MTIwMWUyN2Y4NTc2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtbkIQdDXwwVOD8WUWsiruoG+BJsgQEA1CgVMDaWlHkNarG
Hd4ljGiCtDnQUnNo/e7t6B8uMHKZfaInPILm0mtYGuFsvaBYXoUo15cAjpf5P8x2
+kx+YgGplpVoLoOY3F7hiqfvoofoz09fd5OMMqTmFInPlpY1nVZ76xveEY8DP9Xf
ZnAwyJpMCyoLzAUWeYkRQvf19HLuqYoKxC/9onZ+GXc2aV1V2ACkKfljV/iomuOa
uoB8285UMlhfFlEB8NYcw41LMF55shPohXblifDn2Sf3NF3zGnz8pw855lnNuVpl
uuQbkw3Mu+5nw1MW7aRyRQlyt++Rg7cvRZL9GTECAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBQ79w9qODJJ4XzT7SU5USAeJ/hXazAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L09fY1Bhamd5U2VGODAtMGxPVkVnSGlmNFYycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBCoOl8AFwAMGASoOl8AIMA0GCSqG
SIb3DQEBCwUAA4IBAQCgt9V6WFi3nGEpSLYtOHwJsLdlLidDL8PVKW67oclnvZmm
m+lnHv84XYbo7x0m9TTbzjewwvIdv+YhHpC5l7iyAw3oxfcASESDosW0eFX/OlPw
ZKL9sSdBR1d37e1Jq1hbm0EirxNGDV2cqN3HJPBSZPgaAd1QeXU+1pSq2fqAgmWr
XaeUmctpW99lhATQQLpO1KL8te+OliiOLhIMpEvN4VE/NcWmCclF6fjCYw1+iozM
C2gQ2kAaQep2GTyND0KU2Y8X3PP+9zDtXF3b0wH5H9Ia7U/Z850YhXju023csZ7t
jlZ+8qbBLLDOsNVqvz1IxunK4hojkC/dHR3vVMWM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org