Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T75bg3USZdlI3sy8aVViHCITQsE.roa
File: T75bg3USZdlI3sy8aVViHCITQsE.roa (raw, json)
Hash identifier: Q+4oKZXdCgvqCXn0rSrWkixNBNDWjXzzKZ5xvOP2qcM=
Subject key identifier: 4F:BE:5B:83:75:12:65:D9:48:DE:CC:BC:69:55:62:1C:22:13:42:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183BCACC4A1C6A5C3229289CB671F0B498F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T75bg3USZdlI3sy8aVViHCITQsE.roa
Signing time: Sun 09 Oct 2022 12:16:22 +0000
ROA not before: Sun 09 Oct 2022 12:16:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202929
IP address blocks: 2a0e:97c0:510::/48 maxlen: 48
2a0e:97c0:511::/48 maxlen: 48
2a0e:97c0:512::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bc:ac:c4:a1:c6:a5:c3:22:92:89:cb:67:1f:0b:49:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 9 12:16:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fbe5b83751265d948deccbc6955621c221342c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dd:44:81:71:9c:2a:b8:94:61:11:bf:e9:95:
66:3f:5b:e2:21:00:f4:f9:93:cc:fb:cb:85:28:2f:
63:d6:c2:af:a8:50:2f:c4:e5:06:bf:62:9b:95:27:
7d:3a:da:93:d1:b7:77:8c:0c:e0:3a:57:6f:0b:4d:
f1:f9:a4:c4:30:c3:e3:bf:cf:83:63:b7:8b:ea:e7:
d8:11:0e:c3:13:d9:d3:b2:ff:91:a6:fe:9a:ea:21:
5a:5e:2c:c0:1a:5c:16:60:1d:62:0f:9b:45:ae:a0:
35:e8:5f:b0:6c:5a:fe:ab:0d:ec:3a:11:f4:c1:32:
c3:6d:53:bc:8b:63:31:42:b5:e0:1e:87:37:0a:c0:
c9:be:7e:dc:5e:7e:fc:bf:36:5f:bd:f6:fe:79:fe:
42:18:12:52:dd:c0:3d:a4:13:a4:1b:d0:55:32:26:
4e:6a:06:05:53:42:0e:1e:cf:85:13:ea:12:0e:13:
bd:51:b6:1e:d4:a9:ac:53:ba:71:d1:dc:c3:a7:fd:
88:d5:21:db:df:c5:9d:51:a2:88:41:b4:15:0b:df:
66:bc:81:c0:b2:75:e1:ea:2b:42:e1:40:c2:6a:50:
f9:57:3b:3c:79:c1:70:97:d6:12:76:25:90:e1:d5:
0d:a3:ca:5a:49:10:6a:0c:8b:7b:93:33:58:0c:7d:
da:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BE:5B:83:75:12:65:D9:48:DE:CC:BC:69:55:62:1C:22:13:42:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T75bg3USZdlI3sy8aVViHCITQsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:510::-2a0e:97c0:512:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:b4:73:74:c7:9d:1d:66:9e:8c:ba:2a:d9:89:32:dc:c1:8d:
91:1f:a6:9a:79:86:4e:88:30:80:e1:0d:08:17:38:e9:1c:18:
3a:e3:01:58:1e:42:45:4e:8a:2b:2b:d8:89:3c:8c:e8:1a:46:
60:e8:9a:45:16:fe:25:be:62:e6:6d:19:7b:5e:76:05:24:b3:
97:ac:57:8e:8c:a9:43:eb:2f:1c:ea:11:fd:26:ce:0b:6e:1a:
38:96:ac:55:ee:b1:d4:6a:4a:ec:c8:be:35:94:1a:4e:13:3c:
e5:7c:e3:df:0f:ed:b8:5c:a6:f0:cb:89:4b:8a:2b:e5:8a:1e:
a8:ca:ad:c5:12:46:cc:cd:6d:84:50:28:84:e6:8d:73:f3:ad:
b4:3c:42:ab:a3:35:04:41:e7:20:3c:cf:eb:99:20:6d:b1:b2:
63:5c:5f:70:a2:5a:4a:d9:01:88:8e:05:88:ff:5c:5d:30:ae:
fd:80:5c:8a:c7:fd:e4:bc:ef:90:54:aa:5b:58:2c:fc:9a:35:
f6:5c:d2:5d:44:94:5f:f8:8a:be:ee:bc:24:59:02:31:40:8e:
bd:3d:8e:4f:19:27:47:99:cb:e9:48:ee:c4:9c:cd:4d:b6:50:
c3:64:3d:2a:05:d8:0a:2e:bb:e5:d0:89:9d:11:40:ec:f9:37:
ec:65:f8:03
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYO8rMShxqXDIpKJy2cfC0mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDA5MTIxNjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJlNWI4Mzc1MTI2NWQ5NDhkZWNjYmM2OTU1NjIxYzIyMTM0MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt1EgXGcKriUYRG/6ZVmP1viIQD0
+ZPM+8uFKC9j1sKvqFAvxOUGv2KblSd9OtqT0bd3jAzgOldvC03x+aTEMMPjv8+D
Y7eL6ufYEQ7DE9nTsv+Rpv6a6iFaXizAGlwWYB1iD5tFrqA16F+wbFr+qw3sOhH0
wTLDbVO8i2MxQrXgHoc3CsDJvn7cXn78vzZfvfb+ef5CGBJS3cA9pBOkG9BVMiZO
agYFU0IOHs+FE+oSDhO9UbYe1KmsU7px0dzDp/2I1SHb38WdUaKIQbQVC99mvIHA
snXh6itC4UDCalD5Vzs8ecFwl9YSdiWQ4dUNo8paSRBqDIt7kzNYDH3aTQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE++W4N1EmXZSN7MvGlVYhwiE0LBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVDc1YmczVVNaZGxJM3N5OGFWVmlIQ0lUUXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
BRADBwAqDpfABRIwDQYJKoZIhvcNAQELBQADggEBAGO0c3THnR1mnoy6KtmJMtzB
jZEfppp5hk6IMIDhDQgXOOkcGDrjAVgeQkVOiisr2Ik8jOgaRmDomkUW/iW+YuZt
GXtedgUks5esV46MqUPrLxzqEf0mzgtuGjiWrFXusdRqSuzIvjWUGk4TPOV8498P
7bhcpvDLiUuKK+WKHqjKrcUSRszNbYRQKITmjXPzrbQ8QqujNQRB5yA8z+uZIG2x
smNcX3CiWkrZAYiOBYj/XF0wrv2AXIrH/eS875BUqltYLPyaNfZc0l1ElF/4ir7u
vCRZAjFAjr09jk8ZJ0eZy+lI7sSczU22UMNkPSoF2Aouu+XQiZ0RQOz5N+xl+AM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org