Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PiCosN-LRu5KoIvVeQyvtpvVL0A.roa
File: PiCosN-LRu5KoIvVeQyvtpvVL0A.roa (raw, json)
Hash identifier: vKSQzrq++yqb4iOmd+bMbHppYUFYGApEqObQoQJu5ac=
Subject key identifier: 3E:20:A8:B0:DF:8B:46:EE:4A:A0:8B:D5:79:0C:AF:B6:9B:D5:2F:40
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 156D607B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PiCosN-LRu5KoIvVeQyvtpvVL0A.roa
Signing time: Wed 29 Jun 2022 23:58:03 +0000
ROA not before: Wed 29 Jun 2022 23:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:b107:1788::/48 maxlen: 48
2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a44::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359489659 (0x156d607b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 29 23:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e20a8b0df8b46ee4aa08bd5790cafb69bd52f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:1a:41:d8:2a:2e:68:f7:6a:0a:57:c8:b6:
13:82:5b:f0:65:a2:da:ef:f2:75:30:2e:b0:bb:2b:
32:49:1f:69:a3:92:91:3b:97:0f:cb:29:27:b1:58:
9d:1b:69:37:62:3e:c2:dc:cc:0c:d4:da:03:57:26:
dd:03:38:5a:2e:b0:34:23:49:9d:c1:db:ec:7f:e0:
2b:0a:5a:dd:71:a6:61:fc:ee:10:e2:16:30:33:3c:
6c:ba:8f:f8:5c:41:dd:4c:6b:f6:14:cf:21:84:ac:
09:d4:3e:96:9a:b3:55:7a:c6:28:9b:4e:3d:32:38:
d4:ab:e9:6a:c8:3b:61:91:1c:3f:fd:4e:8e:90:0a:
59:a2:a1:f1:b3:2c:78:c8:09:1f:84:ca:12:9a:9d:
93:98:3a:b2:42:e2:69:78:d6:f1:29:3b:e4:ad:ee:
db:44:ea:3e:4e:c6:13:7d:7f:13:4f:99:69:91:0a:
72:3e:7a:16:29:7e:ac:ce:94:3f:99:31:40:a4:4a:
8b:6f:35:70:f4:24:5c:44:c4:8f:21:26:36:3f:a2:
5d:0e:2d:db:02:b2:0c:ce:22:d6:dd:ba:a7:33:ca:
7a:a6:e0:22:00:0a:b5:f0:65:03:ff:87:ce:9d:ba:
e6:a7:e6:9b:50:41:af:13:05:d1:a2:8a:14:f9:cc:
6a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:20:A8:B0:DF:8B:46:EE:4A:A0:8B:D5:79:0C:AF:B6:9B:D5:2F:40
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PiCosN-LRu5KoIvVeQyvtpvVL0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
2a0e:b107:1788::/48
Signature Algorithm: sha256WithRSAEncryption
94:8c:a0:2e:3e:5e:9a:32:57:db:db:49:0e:83:3d:ed:62:eb:
ea:1f:2a:54:d9:ed:99:2b:dd:42:45:29:6e:00:92:b2:b8:25:
7c:39:bf:df:29:3b:b4:ca:7a:6b:db:45:cf:ea:c3:73:93:d1:
e0:99:84:d1:79:02:c8:1e:16:ca:74:0d:97:79:46:c1:4d:03:
57:4e:8f:30:78:51:67:45:0b:d6:22:93:82:fb:e2:c4:4d:4e:
cc:8a:b7:8b:9c:90:86:ed:5f:fb:4e:ea:95:3f:51:25:0b:ab:
56:c6:63:f5:52:82:0b:68:7a:7c:1e:04:8e:bf:ea:9f:fb:3b:
dc:fc:f1:3f:98:f9:af:10:2f:5c:00:f6:11:17:30:99:7d:b7:
02:42:5f:79:61:0c:76:4b:e4:94:25:ba:35:84:27:40:52:f8:
26:d8:82:e8:0b:25:ec:08:4d:79:c9:a3:ed:99:5a:a7:8f:37:
11:62:90:2a:90:8c:b4:0c:7d:c9:4c:3c:f8:a6:ea:ad:36:4d:
4c:2f:39:84:f8:b7:d9:9f:c7:c5:5c:c8:17:b1:81:2c:85:d7:
16:33:14:9d:a9:9c:7c:14:d5:e3:97:bd:7a:55:3c:1a:1b:4d:
83:72:7d:90:a1:67:91:e3:d7:44:de:5e:db:dc:ce:dd:8e:f3:
b3:7b:64:a1
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFW1gezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYy
OTIzNTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UyMGE4YjBkZjhi
NDZlZTRhYTA4YmQ1NzkwY2FmYjY5YmQ1MmY0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVXGkHYKi5o92oKV8i2E4Jb8GWi2u/ydTAusLsrMkkfaaOS
kTuXD8spJ7FYnRtpN2I+wtzMDNTaA1cm3QM4Wi6wNCNJncHb7H/gKwpa3XGmYfzu
EOIWMDM8bLqP+FxB3Uxr9hTPIYSsCdQ+lpqzVXrGKJtOPTI41Kvpasg7YZEcP/1O
jpAKWaKh8bMseMgJH4TKEpqdk5g6skLiaXjW8Sk75K3u20TqPk7GE31/E0+ZaZEK
cj56Fil+rM6UP5kxQKRKi281cPQkXETEjyEmNj+iXQ4t2wKyDM4i1t26pzPKeqbg
IgAKtfBlA/+Hzp265qfmm1BBrxMF0aKKFPnMauECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ+IKiw34tG7kqgi9V5DK+2m9UvQDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1BpQ29zTi1MUnU1S29JdlZlUXl2dHB2VkwwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOl8AKQAMHACoOsQcXiDANBgkq
hkiG9w0BAQsFAAOCAQEAlIygLj5emjJX29tJDoM97WLr6h8qVNntmSvdQkUpbgCS
srglfDm/3yk7tMp6a9tFz+rDc5PR4JmE0XkCyB4WynQNl3lGwU0DV06PMHhRZ0UL
1iKTgvvixE1OzIq3i5yQhu1f+07qlT9RJQurVsZj9VKCC2h6fB4Ejr/qn/s73Pzx
P5j5rxAvXAD2ERcwmX23AkJfeWEMdkvklCW6NYQnQFL4JtiC6Asl7AhNecmj7Zla
p483EWKQKpCMtAx9yUw8+KbqrTZNTC85hPi32Z/HxVzIF7GBLIXXFjMUnamcfBTV
45e9elU8GhtNg3J9kKFnkePXRN5e29zO3Y7zs3tkoQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org