Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PmfooqfPC4-H083ZucbQOU_MgEU.roa
File: PmfooqfPC4-H083ZucbQOU_MgEU.roa (raw, json)
Hash identifier: d+qF2rERSgapdgGM1QvEBegLpvShjzocGjkqlPSZsZs=
Subject key identifier: 3E:67:E8:A2:A7:CF:0B:8F:87:D3:CD:D9:B9:C6:D0:39:4F:CC:80:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12D066B1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PmfooqfPC4-H083ZucbQOU_MgEU.roa
Signing time: Thu 10 Mar 2022 02:30:57 +0000
ROA not before: Thu 10 Mar 2022 02:30:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208529
IP address blocks: 2a0e:b107:178a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315647665 (0x12d066b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 10 02:30:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e67e8a2a7cf0b8f87d3cdd9b9c6d0394fcc8045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2c:d7:b3:32:67:9d:93:5f:39:64:d4:b1:8e:
10:3b:39:07:5e:3f:cd:a8:ea:0b:80:2d:6d:bf:f8:
a4:e9:12:31:e2:7a:28:b4:40:17:e8:d8:64:f5:5d:
86:0c:6b:5e:fa:51:46:1a:6d:df:28:2e:c4:b3:5e:
8d:0e:36:cc:8a:eb:1d:f3:ff:f6:b6:fe:ec:a5:a5:
0b:f1:81:25:ce:c4:5d:07:8f:23:d7:ec:7a:0d:b8:
6b:af:6c:d2:c4:8a:3e:bc:3c:cd:c6:aa:75:75:90:
75:9a:7d:b6:1a:24:99:2d:69:54:fc:6e:6d:20:47:
c5:ef:06:91:23:13:6b:54:74:25:d5:f0:78:e1:c5:
32:67:38:88:21:32:7b:4b:3a:70:4e:97:81:57:ca:
d1:e1:54:9e:5e:f4:39:ed:19:01:c5:93:dc:73:e1:
ae:43:2b:84:39:9d:08:02:d9:6c:40:9c:94:d4:e0:
43:35:51:d7:a5:f5:cc:cb:6c:90:66:60:f6:8e:42:
9f:ea:15:12:2e:e7:0a:65:df:ac:a9:d9:6b:e6:5c:
98:cf:7d:08:f7:9f:e2:4c:a9:c2:f2:af:a9:78:db:
8f:e1:e5:9c:51:9e:f5:b3:e8:46:48:03:59:3a:f8:
0d:2d:8c:6c:3b:74:8b:3c:4b:0f:ba:37:9b:5a:89:
9f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:67:E8:A2:A7:CF:0B:8F:87:D3:CD:D9:B9:C6:D0:39:4F:CC:80:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PmfooqfPC4-H083ZucbQOU_MgEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:178a::/48
Signature Algorithm: sha256WithRSAEncryption
ca:e6:ce:e9:05:ba:22:66:bf:79:a6:8a:38:79:71:2a:87:ff:
4b:de:75:c5:cd:c8:83:a4:c9:cf:e5:b6:ea:a8:aa:63:ce:c1:
6b:7b:e6:b2:05:a9:9d:ad:5a:85:d4:81:d3:7c:40:bf:ea:bf:
ef:dc:67:b3:24:2d:f0:27:91:76:84:ec:5a:5f:96:76:f6:06:
2c:f2:da:0e:80:d1:f4:10:90:ed:2f:71:23:30:9f:3d:02:d0:
24:6c:2d:fe:f9:f5:ad:f5:06:23:14:d3:9b:34:8a:21:e6:c2:
a5:bc:7c:73:e4:ac:f2:be:72:07:06:64:18:20:3c:f3:c8:78:
e4:04:2e:f6:52:f2:f5:73:3f:d2:77:4d:f3:34:07:b2:ee:96:
06:d2:76:94:2c:53:13:1b:32:65:3a:e6:c9:29:3a:89:da:f0:
af:85:a5:3d:ec:a7:64:eb:f1:9e:20:10:1f:36:70:d5:62:0d:
59:2e:f2:15:c4:ae:c3:c1:26:de:17:62:b9:10:f3:11:bf:a1:
92:fc:96:ff:5c:c1:47:43:dc:f7:bf:a0:33:d9:07:80:5d:7b:
40:bc:2c:00:da:9d:c2:7b:dc:70:10:ed:fc:b7:cb:e8:ae:bd:
c5:e0:69:ae:be:14:a4:1b:eb:f5:60:ae:24:b9:23:d8:53:60:
b4:10:00:d9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEtBmsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMx
MDAyMzA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U2N2U4YTJhN2Nm
MGI4Zjg3ZDNjZGQ5YjljNmQwMzk0ZmNjODA0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANos17MyZ52TXzlk1LGOEDs5B14/zajqC4Atbb/4pOkSMeJ6
KLRAF+jYZPVdhgxrXvpRRhpt3yguxLNejQ42zIrrHfP/9rb+7KWlC/GBJc7EXQeP
I9fseg24a69s0sSKPrw8zcaqdXWQdZp9thokmS1pVPxubSBHxe8GkSMTa1R0JdXw
eOHFMmc4iCEye0s6cE6XgVfK0eFUnl70Oe0ZAcWT3HPhrkMrhDmdCALZbECclNTg
QzVR16X1zMtskGZg9o5Cn+oVEi7nCmXfrKnZa+ZcmM99CPef4kypwvKvqXjbj+Hl
nFGe9bPoRkgDWTr4DS2MbDt0izxLD7o3m1qJn08CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ+Z+iip88Lj4fTzdm5xtA5T8yARTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1BtZm9vcWZQQzQtSDA4M1p1Y2JRT1VfTWdFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcXijANBgkqhkiG9w0BAQsF
AAOCAQEAyubO6QW6Ima/eaaKOHlxKof/S951xc3Ig6TJz+W26qiqY87Ba3vmsgWp
na1ahdSB03xAv+q/79xnsyQt8CeRdoTsWl+WdvYGLPLaDoDR9BCQ7S9xIzCfPQLQ
JGwt/vn1rfUGIxTTmzSKIebCpbx8c+Ss8r5yBwZkGCA888h45AQu9lLy9XM/0ndN
8zQHsu6WBtJ2lCxTExsyZTrmySk6idrwr4WlPeynZOvxniAQHzZw1WINWS7yFcSu
w8Em3hdiuRDzEb+hkvyW/1zBR0Pc97+gM9kHgF17QLwsANqdwnvccBDt/LfL6K69
xeBprr4UpBvr9WCuJLkj2FNgtBAA2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org