Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/POCrhiChrm3VhKCl40AYGB_keSA.roa
File: POCrhiChrm3VhKCl40AYGB_keSA.roa (raw, json)
Hash identifier: 4N5/9E4c1v8xtnRjxPqo8kzdQDNtbh15gUK4V8hKUwc=
Subject key identifier: 3C:E0:AB:86:20:A1:AE:6D:D5:84:A0:A5:E3:40:18:18:1F:E4:79:20
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10EC51DB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/POCrhiChrm3VhKCl40AYGB_keSA.roa
Signing time: Sat 01 Jan 2022 09:05:54 +0000
ROA not before: Sat 01 Jan 2022 09:05:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212948
IP address blocks: 2a0e:b107:cb0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283922907 (0x10ec51db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ce0ab8620a1ae6dd584a0a5e34018181fe47920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:38:7f:8b:0c:71:7d:ad:18:63:23:e9:d1:
a6:8a:c3:c8:fc:4d:a1:dc:56:71:72:d0:30:12:49:
b9:fc:15:fd:77:e4:ef:6a:6d:5d:2e:3e:cd:d3:a1:
d6:ed:00:37:6f:b0:0a:6f:5e:44:5b:81:4a:97:a3:
cd:41:d9:d5:c9:c7:d7:84:de:3a:dd:93:41:13:ec:
dc:2c:bc:85:ca:0e:95:60:f6:04:d6:87:ca:e0:17:
72:19:2e:b4:66:06:aa:c7:b4:80:46:59:13:2e:06:
6a:dd:0f:16:5d:9f:83:89:24:07:07:67:c5:42:ec:
af:00:77:c2:70:be:fc:c9:80:0c:ce:ab:34:65:81:
3c:09:cb:f7:fc:08:14:17:22:44:b0:bb:98:d9:ec:
75:df:f5:4c:b3:1b:9f:9e:77:52:0a:a6:64:c1:0a:
08:f3:5f:bd:81:a9:6d:bd:9a:f2:a7:e4:6a:f4:83:
c0:be:41:86:f4:7d:c4:2e:ac:ed:70:14:cd:aa:86:
fd:84:c8:56:53:b0:fa:fe:e0:73:84:5a:18:d2:02:
47:b3:19:1c:db:ca:16:b0:4f:bb:bc:01:c9:f1:9c:
78:a8:11:f8:5e:11:b9:e4:13:bf:a7:ea:7d:be:ed:
68:d8:92:d0:91:37:54:7d:11:a9:25:d5:0b:83:11:
1a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E0:AB:86:20:A1:AE:6D:D5:84:A0:A5:E3:40:18:18:1F:E4:79:20
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/POCrhiChrm3VhKCl40AYGB_keSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:cb0::/44
Signature Algorithm: sha256WithRSAEncryption
39:66:4d:ed:40:38:83:d4:7c:e4:2e:27:5b:c8:da:02:82:17:
1a:bf:af:de:fc:08:65:03:58:18:12:52:eb:4b:54:8e:cc:7f:
c3:4a:5c:67:86:01:54:cc:31:9e:5e:1d:37:c6:29:5e:0a:bf:
f8:16:e9:ce:84:29:82:53:5f:04:83:58:a1:24:c6:52:34:43:
99:d2:f3:a4:c4:ea:4f:ee:ff:d1:d6:24:88:07:6d:1b:f0:91:
0e:f5:19:40:2e:45:60:42:d9:8e:4b:84:7b:b7:a5:5f:21:7c:
7d:ad:7f:41:cb:35:13:7e:99:f5:f7:54:e7:c5:b3:30:9a:a1:
79:97:72:6d:e9:9a:11:b8:c5:59:e3:bd:f0:1c:da:16:20:43:
31:d7:59:56:e4:0e:19:e6:35:0a:53:92:bf:59:5e:d1:a7:02:
57:10:64:fc:f6:bf:8a:10:6e:76:bb:b3:a1:5d:37:46:f3:37:
e2:1a:f7:2e:35:8e:55:79:9e:bb:f9:2c:1c:ba:f8:9d:50:a6:
d6:d1:02:fa:f4:6d:c1:c2:55:c5:c3:cd:50:15:be:e0:ba:11:
9c:70:9f:23:4a:87:10:84:87:35:7e:23:22:68:8e:23:67:02:
df:ec:1c:01:4d:52:ad:da:29:b0:f6:c6:d1:a2:a6:45:2f:06:
5b:f3:bc:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEOxR2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2NlMGFiODYyMGEx
YWU2ZGQ1ODRhMGE1ZTM0MDE4MTgxZmU0NzkyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJjOH+LDHF9rRhjI+nRporDyPxNodxWcXLQMBJJufwV/Xfk
72ptXS4+zdOh1u0AN2+wCm9eRFuBSpejzUHZ1cnH14TeOt2TQRPs3Cy8hcoOlWD2
BNaHyuAXchkutGYGqse0gEZZEy4Gat0PFl2fg4kkBwdnxULsrwB3wnC+/MmADM6r
NGWBPAnL9/wIFBciRLC7mNnsdd/1TLMbn553UgqmZMEKCPNfvYGpbb2a8qfkavSD
wL5BhvR9xC6s7XAUzaqG/YTIVlOw+v7gc4RaGNICR7MZHNvKFrBPu7wByfGceKgR
+F4RueQTv6fqfb7taNiS0JE3VH0RqSXVC4MRGoUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ84KuGIKGubdWEoKXjQBgYH+R5IDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1BPQ3JoaUNocm0zVmhLQ2w0MEFZR0Jfa2VTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcMsDANBgkqhkiG9w0BAQsF
AAOCAQEAOWZN7UA4g9R85C4nW8jaAoIXGr+v3vwIZQNYGBJS60tUjsx/w0pcZ4YB
VMwxnl4dN8YpXgq/+BbpzoQpglNfBINYoSTGUjRDmdLzpMTqT+7/0dYkiAdtG/CR
DvUZQC5FYELZjkuEe7elXyF8fa1/Qcs1E36Z9fdU58WzMJqheZdybemaEbjFWeO9
8BzaFiBDMddZVuQOGeY1ClOSv1le0acCVxBk/Pa/ihBudruzoV03RvM34hr3LjWO
VXmeu/ksHLr4nVCm1tEC+vRtwcJVxcPNUBW+4LoRnHCfI0qHEISHNX4jImiOI2cC
3+wcAU1SrdopsPbG0aKmRS8GW/O8Pg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org