Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RKp_RZq2iVokcumbFYy_vTZGpto.roa
File: RKp_RZq2iVokcumbFYy_vTZGpto.roa (raw, json)
Hash identifier: aEpoPFI2pyYm+RNRgDBmezMZpwkXC7IuXX+RWcavG68=
Subject key identifier: 44:AA:7F:45:9A:B6:89:5A:24:72:E9:9B:15:8C:BF:BD:36:46:A6:DA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11B0D9B4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RKp_RZq2iVokcumbFYy_vTZGpto.roa
Signing time: Wed 02 Feb 2022 01:20:11 +0000
ROA not before: Wed 02 Feb 2022 01:20:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210337
IP address blocks: 2a0e:b107:9f7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296802740 (0x11b0d9b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 2 01:20:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44aa7f459ab6895a2472e99b158cbfbd3646a6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:0e:25:33:89:71:65:a1:75:07:8d:7d:fc:
c3:1e:79:d1:a5:16:ee:c5:ef:30:d6:9a:ae:00:c7:
c2:d4:97:54:fc:89:5d:b2:cd:9d:d5:97:cd:4e:f1:
7d:7c:4f:95:e9:dd:19:42:6b:7e:df:1e:db:92:35:
89:86:49:01:c0:aa:07:b6:2d:d4:c5:04:3b:69:69:
1f:6f:24:11:bf:15:cb:5e:14:09:c7:cb:b4:03:3f:
d2:b9:83:62:8f:be:71:14:41:fb:90:41:73:be:78:
e1:78:cf:1e:d6:9d:f0:28:8f:2e:5c:97:fe:c7:73:
cb:8b:af:54:da:10:f1:b1:05:8b:41:f3:37:cb:65:
63:3a:f2:4a:01:a7:2a:0c:60:f3:79:c6:27:1a:58:
b7:48:d8:1a:91:2d:a0:5d:a8:30:98:3f:00:c4:f6:
7c:3f:64:39:1d:f9:1c:4d:9d:21:28:32:fb:e8:25:
10:1f:fe:b6:bd:91:60:cc:6c:9b:b8:9c:2a:f3:8e:
d1:8d:5f:bf:78:0a:76:ad:9b:dc:1b:ec:e0:75:c9:
c8:e0:00:57:33:65:ba:00:48:64:2c:96:22:c4:31:
e4:90:77:27:f1:c3:92:e7:05:23:58:73:43:c2:a9:
ba:5b:67:4d:c3:d6:64:84:c4:7f:88:a1:ae:d3:f0:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:7F:45:9A:B6:89:5A:24:72:E9:9B:15:8C:BF:BD:36:46:A6:DA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RKp_RZq2iVokcumbFYy_vTZGpto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:9f7::/48
Signature Algorithm: sha256WithRSAEncryption
6f:b5:4d:d3:39:37:61:b8:af:5d:7f:60:e9:6f:1d:a8:df:72:
81:c8:01:c4:47:62:31:27:6b:e1:40:56:9b:30:a7:42:dd:62:
2d:75:ba:1d:c0:4e:6b:57:7a:9f:d9:bf:43:51:f3:a9:8c:1f:
6c:a3:6b:8a:c0:4b:e9:eb:2e:ec:1a:de:0a:7c:ca:ea:9b:96:
9c:c4:41:75:ef:62:d3:8b:b4:c4:19:cd:00:0b:db:7a:40:98:
2c:f7:3a:50:cb:ff:8c:77:25:3a:66:d1:99:81:3a:09:9b:34:
53:a5:b3:e6:58:b8:92:7e:57:8c:69:a3:a1:b8:4a:bc:9a:1c:
04:38:8b:80:fd:bd:b8:5c:66:e8:fe:96:39:93:db:24:67:f9:
23:18:5f:64:f1:d9:aa:c3:52:6d:4a:8c:00:c7:72:25:b6:2e:
55:f5:e7:3b:93:c5:b6:94:bc:38:c6:cd:35:fb:bf:60:fc:46:
78:b2:a5:bc:b5:2a:96:ec:02:b5:1a:c0:da:30:f2:9b:1c:72:
00:24:74:3e:58:be:55:f0:07:d6:72:23:9c:8a:3f:ce:48:f7:
cd:8a:d5:ce:64:1c:b4:85:d2:4f:e4:ab:17:02:14:a4:51:4f:
40:49:b3:69:37:18:2c:5f:24:ce:cc:55:9c:ed:0d:7c:86:59:
a8:8c:e9:d6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEbDZtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIw
MjAxMjAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRhYTdmNDU5YWI2
ODk1YTI0NzJlOTliMTU4Y2JmYmQzNjQ2YTZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw6DiUziXFloXUHjX38wx550aUW7sXvMNaargDHwtSXVPyJ
XbLNndWXzU7xfXxPlendGUJrft8e25I1iYZJAcCqB7Yt1MUEO2lpH28kEb8Vy14U
CcfLtAM/0rmDYo++cRRB+5BBc7544XjPHtad8CiPLlyX/sdzy4uvVNoQ8bEFi0Hz
N8tlYzrySgGnKgxg83nGJxpYt0jYGpEtoF2oMJg/AMT2fD9kOR35HE2dISgy++gl
EB/+tr2RYMxsm7icKvOO0Y1fv3gKdq2b3Bvs4HXJyOAAVzNlugBIZCyWIsQx5JB3
J/HDkucFI1hzQ8KpultnTcPWZITEf4ihrtPwg+sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBREqn9FmraJWiRy6ZsVjL+9Nkam2jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1JLcF9SWnEyaVZva2N1bWJGWXlfdlRaR3B0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcJ9zANBgkqhkiG9w0BAQsF
AAOCAQEAb7VN0zk3YbivXX9g6W8dqN9ygcgBxEdiMSdr4UBWmzCnQt1iLXW6HcBO
a1d6n9m/Q1HzqYwfbKNrisBL6esu7BreCnzK6puWnMRBde9i04u0xBnNAAvbekCY
LPc6UMv/jHclOmbRmYE6CZs0U6Wz5li4kn5XjGmjobhKvJocBDiLgP29uFxm6P6W
OZPbJGf5IxhfZPHZqsNSbUqMAMdyJbYuVfXnO5PFtpS8OMbNNfu/YPxGeLKlvLUq
luwCtRrA2jDymxxyACR0Pli+VfAH1nIjnIo/zkj3zYrVzmQctIXST+SrFwIUpFFP
QEmzaTcYLF8kzsxVnO0NfIZZqIzp1g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org