Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S6eoIR7XMGIwGvJX3g5EAP__OtY.roa
File: S6eoIR7XMGIwGvJX3g5EAP__OtY.roa (raw, json)
Hash identifier: U7HhVN5dceylaJs4BibVsjBc6eb4l1s/XU1U7nDZneE=
Subject key identifier: 4B:A7:A8:21:1E:D7:30:62:30:1A:F2:57:DE:0E:44:00:FF:FF:3A:D6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01847A69CD3DE9510907808F150357F787DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S6eoIR7XMGIwGvJX3g5EAP__OtY.roa
Signing time: Tue 15 Nov 2022 08:31:04 +0000
ROA not before: Tue 15 Nov 2022 08:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:cc44:800::/37 maxlen: 48
2a0e:97c6:4000::/40 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
2a0e:97c7:800::/37 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:69:cd:3d:e9:51:09:07:80:8f:15:03:57:f7:87:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 15 08:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ba7a8211ed73062301af257de0e4400ffff3ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f6:70:fc:4a:a8:23:c8:47:1d:63:34:3e:20:
68:70:71:4a:0b:9e:d7:4a:8c:8a:34:33:2b:fd:dc:
3e:1a:ed:87:bb:0e:c7:b0:3a:70:57:82:24:42:d5:
ca:b7:c8:bd:d1:88:f0:df:0b:f7:f4:ed:ee:f1:92:
5c:48:4c:f0:4b:b0:31:5c:94:d3:a6:4a:68:8b:db:
ab:b7:10:9d:0a:94:a3:e7:5d:ac:f2:f7:14:09:9a:
7d:5c:42:9a:26:1f:09:f6:42:2b:f7:9e:b9:71:30:
be:8a:c3:d3:84:79:66:f9:4f:a2:ec:b8:7d:b9:45:
3a:0e:48:5a:4f:db:bc:77:ce:9d:19:5e:0f:f8:77:
52:1a:b8:d3:af:d7:6c:ba:f4:ff:aa:24:f3:cc:27:
3f:42:fb:6d:c7:95:1d:98:43:98:88:63:10:c2:05:
b7:fa:26:7e:8d:22:6e:b9:8b:01:d3:ee:50:85:c9:
e4:bd:16:56:f9:6b:6e:6a:c4:57:62:eb:cf:24:cb:
17:e2:99:47:dd:d6:68:cd:8c:ba:4f:36:7a:7b:79:
e4:70:b5:32:a8:3e:69:60:ae:51:e5:1e:6d:bd:9c:
49:d4:a9:27:3d:bc:8e:37:0b:70:e8:e4:6a:6e:3a:
e0:11:d6:4c:94:8e:4d:07:8e:08:15:6a:60:dc:39:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A7:A8:21:1E:D7:30:62:30:1A:F2:57:DE:0E:44:00:FF:FF:3A:D6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S6eoIR7XMGIwGvJX3g5EAP__OtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c6:4000::/40
2a0e:97c7:800::/37
2a10:cc42:1000::/36
2a10:cc44:800::/37
Signature Algorithm: sha256WithRSAEncryption
86:ab:c5:df:05:9e:f4:f5:b7:49:7a:b4:44:74:e7:58:01:b6:
37:c0:38:6b:9f:5d:e1:4f:1b:c7:7a:83:01:b2:7c:8b:77:b3:
c8:aa:7f:65:8b:c5:79:e0:6e:72:42:67:cd:5b:1c:4a:0f:f9:
ef:78:a9:ff:f4:38:54:40:02:a6:fb:f6:c0:92:5b:92:5c:de:
f7:f4:9a:b6:9c:54:b7:3f:04:f6:0c:01:56:b0:d3:15:80:12:
e6:0e:a3:fc:7a:30:76:63:20:a6:4e:29:99:02:3b:63:0d:1c:
85:72:88:d2:9e:67:0e:19:a2:4a:8d:e8:39:69:4a:f5:d1:4d:
44:9e:4e:42:e8:45:ea:c4:96:dc:12:21:04:dc:98:21:0f:84:
dc:3a:ba:2a:ca:73:cb:0a:6d:e3:af:a7:bb:dc:d3:7d:bc:c8:
7c:7e:7b:03:79:06:e2:90:8a:44:ae:12:98:ec:a8:6e:3a:3c:
87:e3:29:f2:e2:5f:99:65:03:0a:34:66:9f:7f:0e:dc:b3:40:
db:89:35:1d:11:ec:3d:36:8d:22:8f:73:ae:e3:81:5f:5c:93:
34:49:34:07:81:b0:85:68:0a:3c:5d:f4:a5:72:72:9e:42:7c:
14:b1:7e:04:8e:27:9e:40:17:2d:31:db:fb:6d:cb:b2:d5:e5:
5f:e2:23:f5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYR6ac096VEJB4CPFQNX94fdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE1MDgzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE3YTgyMTFlZDczMDYyMzAxYWYyNTdkZTBlNDQwMGZmZmYzYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfZw/EqoI8hHHWM0PiBocHFKC57X
SoyKNDMr/dw+Gu2Huw7HsDpwV4IkQtXKt8i90Yjw3wv39O3u8ZJcSEzwS7AxXJTT
pkpoi9urtxCdCpSj512s8vcUCZp9XEKaJh8J9kIr9565cTC+isPThHlm+U+i7Lh9
uUU6DkhaT9u8d86dGV4P+HdSGrjTr9dsuvT/qiTzzCc/Qvttx5UdmEOYiGMQwgW3
+iZ+jSJuuYsB0+5QhcnkvRZW+WtuasRXYuvPJMsX4plH3dZozYy6TzZ6e3nkcLUy
qD5pYK5R5R5tvZxJ1KknPbyONwtw6ORqbjrgEdZMlI5NB44IFWpg3DkHJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEunqCEe1zBiMBryV94ORAD//zrWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUzZlb0lSN1hNR0l3R3ZKWDNnNUVBUF9fT3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYDKg6XwQgD
BgAqDpfGQAMGAyoOl8cIAwYEKhDMQhADBgMqEMxECDANBgkqhkiG9w0BAQsFAAOC
AQEAhqvF3wWe9PW3SXq0RHTnWAG2N8A4a59d4U8bx3qDAbJ8i3ezyKp/ZYvFeeBu
ckJnzVscSg/573ip//Q4VEACpvv2wJJbklze9/SatpxUtz8E9gwBVrDTFYAS5g6j
/HowdmMgpk4pmQI7Yw0chXKI0p5nDhmiSo3oOWlK9dFNRJ5OQuhF6sSW3BIhBNyY
IQ+E3Dq6Kspzywpt46+nu9zTfbzIfH57A3kG4pCKRK4SmOyobjo8h+Mp8uJfmWUD
CjRmn38O3LNA24k1HRHsPTaNIo9zruOBX1yTNEk0B4GwhWgKPF30pXJynkJ8FLF+
BI4nnkAXLTHb+23LstXlX+Ij9Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org