Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXnc57xZDji9zNkyNAvNgJbWIQg.roa
File: PXnc57xZDji9zNkyNAvNgJbWIQg.roa (raw, json)
Hash identifier: d9OfCdUTCCfVh8M4ibkG8cPuCJ5WwC7IeO5E8unu0E0=
Subject key identifier: 3D:79:DC:E7:BC:59:0E:38:BD:CC:D9:32:34:0B:CD:80:96:D6:21:08
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183E4DCCA0B5A16F26079440A1FA6FDFC83
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXnc57xZDji9zNkyNAvNgJbWIQg.roa
Signing time: Mon 17 Oct 2022 07:33:38 +0000
ROA not before: Mon 17 Oct 2022 07:33:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:b107:1120::/44 maxlen: 48
2a0e:97c6:4400::/40 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a0e:97c6:4200::/40 maxlen: 48
2a10:cc42:1b00::/40 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:dc:ca:0b:5a:16:f2:60:79:44:0a:1f:a6:fd:fc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 17 07:33:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d79dce7bc590e38bdccd932340bcd8096d62108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:1e:7f:a0:59:35:14:5f:b3:b5:24:4c:68:
3e:38:40:82:f8:03:69:c4:42:76:ea:93:5d:85:83:
57:0a:0d:c5:a4:ec:6e:68:b7:af:13:7f:81:59:09:
c6:28:3d:16:e0:56:02:ba:27:cd:d1:9e:ba:3d:3e:
21:a2:18:d4:e4:f3:41:fd:23:71:8d:66:4b:43:7b:
a9:c4:b1:43:75:3b:d2:f6:a8:f7:f8:3f:9c:e7:93:
f6:0e:22:db:ae:b9:e8:d3:02:61:70:33:f6:6a:fa:
ad:7f:47:bf:bc:bb:17:46:c2:2d:47:84:df:cc:55:
6a:d2:84:aa:99:a3:c0:2d:bf:23:ef:3d:34:63:16:
a7:2c:92:e6:ae:09:95:6e:8e:cd:e2:e4:cc:cf:32:
7e:a8:c6:1e:28:2d:ea:24:5d:db:ab:bc:43:2e:52:
41:a8:7d:8d:f0:9a:50:ef:fd:28:1e:b5:ff:b3:87:
25:84:72:0c:f3:26:bd:80:bf:9a:94:0b:8d:7c:1b:
2c:a8:23:b5:af:8f:e6:2d:ca:a7:a6:0b:9a:1a:a2:
5b:ee:40:d4:7a:bc:b5:cc:28:af:d9:34:5b:ae:8e:
bf:7e:b1:f4:6c:44:60:80:d1:49:62:65:55:6c:5b:
3c:61:f0:f7:f2:46:23:e7:db:1f:6a:2b:d0:e2:01:
19:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:79:DC:E7:BC:59:0E:38:BD:CC:D9:32:34:0B:CD:80:96:D6:21:08
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXnc57xZDji9zNkyNAvNgJbWIQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:4000::/34
2a0e:b107:1120::/44
2a10:cc42:1000::/36
Signature Algorithm: sha256WithRSAEncryption
93:bb:e0:60:bf:7c:1e:ac:95:d5:8d:e5:52:cd:a8:17:44:17:
d6:f7:85:ae:c8:fb:f3:2d:4d:87:04:4d:11:e6:58:c3:bd:b4:
74:36:67:77:5e:25:4e:e4:15:32:15:70:db:4a:b0:ae:13:01:
66:51:37:00:24:fa:e3:f9:a5:e7:af:12:95:0d:8c:d0:e7:39:
37:61:9e:e6:4a:4d:1d:66:7c:ad:f7:b8:de:a9:04:9c:c3:40:
aa:a0:12:a3:54:c2:95:fc:30:35:77:86:7a:c8:a5:3f:51:8a:
28:34:25:b9:36:8c:21:6a:95:9c:0f:bc:dc:b5:73:cd:a7:38:
86:79:5a:57:c3:11:30:ad:49:1a:2e:a5:24:12:11:e4:cf:77:
df:88:9e:a0:2e:6e:a7:f4:29:58:d7:b9:e9:06:88:3e:60:51:
e9:13:51:6a:75:5b:8e:51:45:86:3a:94:cf:ed:c9:03:ab:26:
de:22:e4:d1:27:9c:9a:c9:04:c0:d1:14:95:ad:ab:2c:31:71:
c2:8e:3b:a4:3c:75:09:0f:09:a5:7a:04:ba:9e:be:91:ac:95:
a6:16:27:1d:bf:14:48:49:67:9e:a6:3f:26:4a:c6:a4:1c:d9:
52:1c:fb:f0:88:97:26:70:c0:93:c2:d1:2c:25:8d:54:97:1b:
26:fd:b5:ce
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYPk3MoLWhbyYHlECh+m/fyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE3MDczMzM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc5ZGNlN2JjNTkwZTM4YmRjY2Q5MzIzNDBiY2Q4MDk2ZDYyMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaIef6BZNRRfs7UkTGg+OECC+ANp
xEJ26pNdhYNXCg3FpOxuaLevE3+BWQnGKD0W4FYCuifN0Z66PT4hohjU5PNB/SNx
jWZLQ3upxLFDdTvS9qj3+D+c55P2DiLbrrno0wJhcDP2avqtf0e/vLsXRsItR4Tf
zFVq0oSqmaPALb8j7z00YxanLJLmrgmVbo7N4uTMzzJ+qMYeKC3qJF3bq7xDLlJB
qH2N8JpQ7/0oHrX/s4clhHIM8ya9gL+alAuNfBssqCO1r4/mLcqnpguaGqJb7kDU
ery1zCiv2TRbro6/frH0bERggNFJYmVVbFs8YfD38kYj59sfaivQ4gEZiQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFD153Oe8WQ44vczZMjQLzYCW1iEIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUFhuYzU3eFpEamk5ek5reU5Bdk5nSmJXSVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYGKg6XxkAD
BwQqDrEHESADBgQqEMxCEDANBgkqhkiG9w0BAQsFAAOCAQEAk7vgYL98HqyV1Y3l
Us2oF0QX1veFrsj78y1NhwRNEeZYw720dDZnd14lTuQVMhVw20qwrhMBZlE3ACT6
4/ml568SlQ2M0Oc5N2Ge5kpNHWZ8rfe43qkEnMNAqqASo1TClfwwNXeGesilP1GK
KDQluTaMIWqVnA+83LVzzac4hnlaV8MRMK1JGi6lJBIR5M9334ieoC5up/QpWNe5
6QaIPmBR6RNRanVbjlFFhjqUz+3JA6sm3iLk0SecmskEwNEUla2rLDFxwo47pDx1
CQ8JpXoEup6+kayVphYnHb8USElnnqY/JkrGpBzZUhz78IiXJnDAk8LRLCWNVJcb
Jv21zg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org