Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P1KdWYZSYKsuCngDinJtYkAJEXg.roa
File: P1KdWYZSYKsuCngDinJtYkAJEXg.roa (raw, json)
Hash identifier: XOxKBEHz28DuUNqr0yEycvYFVw9q6LcKJIM38uKf8oI=
Subject key identifier: 3F:52:9D:59:86:52:60:AB:2E:0A:78:03:8A:72:6D:62:40:09:11:78
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018501BD4C69A4CB258CDBD710AF88643652
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P1KdWYZSYKsuCngDinJtYkAJEXg.roa
Signing time: Sun 11 Dec 2022 15:11:01 +0000
ROA not before: Sun 11 Dec 2022 15:11:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208375
IP address blocks: 2a0e:97c0:c90::/48 maxlen: 48
2a0e:97c0:c9e::/48 maxlen: 48
2a0e:97c0:c91::/48 maxlen: 48
2a0e:97c0:c9f::/48 maxlen: 48
2a0e:97c0:c92::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:bd:4c:69:a4:cb:25:8c:db:d7:10:af:88:64:36:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 11 15:11:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f529d59865260ab2e0a78038a726d6240091178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:b6:17:b0:b6:48:7b:76:46:9b:f6:66:2d:
38:bc:68:77:6c:85:0d:f6:a6:a7:a2:db:eb:ff:7d:
77:c3:33:f0:5c:2b:85:15:75:3d:79:44:c5:5b:ce:
3d:b0:80:bd:24:ad:7f:82:2d:3a:8f:e8:72:9b:56:
f7:bf:b6:b8:d3:fa:a3:d6:05:fa:39:3d:f1:aa:30:
73:04:db:48:f5:63:82:f6:58:d4:9f:6a:bc:69:48:
3a:1a:73:df:2e:e8:f1:98:20:c0:57:98:ce:0b:94:
25:f2:1a:b8:f6:39:e1:0b:bf:f1:9b:45:d3:22:3e:
1b:38:09:de:dd:db:e3:ff:11:25:29:05:2a:6a:1e:
e5:e9:a3:54:65:39:a2:30:ad:22:8b:c0:49:45:8f:
f5:cb:f6:58:09:b6:49:33:74:16:53:a5:73:be:d1:
43:2a:4a:0b:b8:a2:bd:98:b1:08:ac:b3:52:5b:60:
9d:f0:81:98:7d:fc:60:ec:83:93:2c:b3:f4:f0:7d:
45:69:2f:23:54:de:2c:6c:28:0f:14:a5:76:c9:ce:
e4:d2:d9:9d:1f:45:62:1d:c6:9a:30:8a:b0:3b:fd:
6f:ff:ab:65:9b:76:31:44:88:a9:8c:78:7e:a8:a5:
5e:48:49:f3:f8:f6:5a:c1:cc:28:b7:0f:28:d3:4e:
e0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:52:9D:59:86:52:60:AB:2E:0A:78:03:8A:72:6D:62:40:09:11:78
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P1KdWYZSYKsuCngDinJtYkAJEXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c90::-2a0e:97c0:c92:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:c9e::/47
Signature Algorithm: sha256WithRSAEncryption
74:ac:0d:ad:c4:62:7a:fd:51:9a:bf:85:d1:19:5d:61:d3:ee:
41:a0:58:32:98:80:1b:bc:1e:2b:1a:20:65:cc:10:5b:62:57:
63:78:91:99:6c:5f:80:ec:54:a2:99:3c:df:75:f7:44:4f:b0:
b3:cc:c8:13:58:04:1d:1d:f3:4d:5e:60:97:d9:f6:e7:67:33:
9e:fe:dc:d6:e3:5e:0c:99:a1:9b:ef:fc:e7:0f:4b:c0:9e:24:
19:34:f5:a1:2e:ef:04:c0:ae:7d:f1:33:34:3a:a4:b6:de:3a:
85:d7:60:44:55:4f:99:c9:2c:16:36:39:38:77:f8:00:85:6c:
b8:30:36:d1:7b:01:69:39:0a:cf:42:ce:6e:93:d4:9e:ad:84:
48:4e:5b:2a:0f:f6:fd:ed:27:d1:b1:ee:05:f3:37:6d:b1:de:
0a:ce:e4:b8:bf:78:ea:a0:7c:4b:47:9d:a2:11:0e:b0:bb:4e:
a2:90:f6:4f:8a:ac:10:b0:fb:81:5f:77:0c:32:b3:ea:a8:46:
db:aa:73:13:60:a7:81:06:70:24:13:c5:a1:90:b2:e7:f3:23:
7e:b6:40:26:86:6f:a8:ef:b8:24:13:01:c3:52:5f:3f:73:40:
e4:2b:8f:1e:13:2b:e9:32:51:7e:3d:2b:ac:c2:f4:c2:13:8d:
9b:4a:a9:71
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYUBvUxppMsljNvXEK+IZDZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjExMTUxMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUyOWQ1OTg2NTI2MGFiMmUwYTc4MDM4YTcyNmQ2MjQwMDkxMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDG2F7C2SHt2Rpv2Zi04vGh3bIUN
9qanotvr/313wzPwXCuFFXU9eUTFW849sIC9JK1/gi06j+hym1b3v7a40/qj1gX6
OT3xqjBzBNtI9WOC9ljUn2q8aUg6GnPfLujxmCDAV5jOC5Ql8hq49jnhC7/xm0XT
Ij4bOAne3dvj/xElKQUqah7l6aNUZTmiMK0ii8BJRY/1y/ZYCbZJM3QWU6VzvtFD
KkoLuKK9mLEIrLNSW2Cd8IGYffxg7IOTLLP08H1FaS8jVN4sbCgPFKV2yc7k0tmd
H0ViHcaaMIqwO/1v/6tlm3YxRIipjHh+qKVeSEnz+PZawcwotw8o007gawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD9SnVmGUmCrLgp4A4pybWJACRF4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUDFLZFdZWlNZS3N1Q25nRGluSnRZa0FKRVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQqDpfA
DJADBwAqDpfADJIDBwEqDpfADJ4wDQYJKoZIhvcNAQELBQADggEBAHSsDa3EYnr9
UZq/hdEZXWHT7kGgWDKYgBu8HisaIGXMEFtiV2N4kZlsX4DsVKKZPN9190RPsLPM
yBNYBB0d801eYJfZ9udnM57+3NbjXgyZoZvv/OcPS8CeJBk09aEu7wTArn3xMzQ6
pLbeOoXXYERVT5nJLBY2OTh3+ACFbLgwNtF7AWk5Cs9Czm6T1J6thEhOWyoP9v3t
J9Gx7gXzN22x3grO5Li/eOqgfEtHnaIRDrC7TqKQ9k+KrBCw+4Ffdwwys+qoRtuq
cxNgp4EGcCQTxaGQsufzI362QCaGb6jvuCQTAcNSXz9zQOQrjx4TK+kyUX49K6zC
9MITjZtKqXE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org