Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBuWsiGEKfyhtmxZK05DOt6PlTk.roa
File: TBuWsiGEKfyhtmxZK05DOt6PlTk.roa (raw, json)
Hash identifier: WAvZYH6K9RBgbDq43hLd44UsMUkANxFKCi6toSZvIKQ=
Subject key identifier: 4C:1B:96:B2:21:84:29:FC:A1:B6:6C:59:2B:4E:43:3A:DE:8F:95:39
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182C834BA091EF635FDA33F732ECFE09FFF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBuWsiGEKfyhtmxZK05DOt6PlTk.roa
Signing time: Tue 23 Aug 2022 00:57:54 +0000
ROA not before: Tue 23 Aug 2022 00:57:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400542
IP address blocks: 2a0e:97c0:a46::/48 maxlen: 48
2a0e:b107:b11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c8:34:ba:09:1e:f6:35:fd:a3:3f:73:2e:cf:e0:9f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 23 00:57:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c1b96b2218429fca1b66c592b4e433ade8f9539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:79:a0:54:14:b1:fd:47:ce:86:22:ef:3e:aa:
5f:7e:0c:24:a6:52:40:0b:f4:a8:8e:9e:34:ed:b7:
cf:5c:91:9f:24:01:53:56:27:3f:a5:fc:c5:3d:0a:
ce:45:0b:38:35:4c:18:e1:01:68:f6:58:65:d5:b1:
74:e4:1f:ae:e0:98:82:e9:43:cf:7f:a6:8d:9c:ed:
81:47:f3:ef:f5:9a:1e:4f:7d:75:aa:d1:4e:d5:a5:
89:27:94:a6:dc:00:92:0c:fc:e4:72:2b:2a:a8:6e:
25:7d:b1:06:ad:51:dd:e9:cb:03:b1:4a:b7:a5:1b:
c8:af:12:70:b2:b8:71:b7:be:2d:75:11:3c:dd:93:
b5:8d:91:58:a5:cf:52:65:97:9a:53:51:76:de:c5:
1f:fd:32:20:69:12:24:e4:33:40:1f:6d:9f:9e:3b:
39:89:20:ef:29:6c:0b:5a:e8:a3:f5:01:e9:02:52:
84:3c:84:2c:40:1a:79:ad:1c:d7:be:d4:4d:9e:48:
14:33:d2:82:13:57:63:84:20:dc:b5:9b:ab:60:80:
f5:d8:0e:25:6c:6d:76:65:f4:84:80:4f:cc:80:73:
0b:b5:a0:0a:fa:fd:a5:31:c3:eb:de:45:84:f4:e2:
1c:d9:25:7a:3c:16:72:33:ed:47:c2:d5:50:c8:f2:
d6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1B:96:B2:21:84:29:FC:A1:B6:6C:59:2B:4E:43:3A:DE:8F:95:39
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBuWsiGEKfyhtmxZK05DOt6PlTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a46::/48
2a0e:b107:b11::/48
Signature Algorithm: sha256WithRSAEncryption
93:4d:a6:93:82:9c:47:e2:7a:dd:e8:1a:76:95:33:2d:c7:f0:
81:cc:c2:d1:70:8e:32:ba:25:ee:4b:e3:33:26:10:0a:a4:f6:
1b:9e:73:eb:c4:04:e6:7e:61:cd:36:1b:00:6e:67:27:a3:37:
46:05:77:78:17:ee:8c:c1:2c:50:c5:be:16:41:08:5b:69:28:
03:fd:a7:7b:be:ca:c9:06:3c:c1:97:ef:0e:43:9a:9e:42:44:
ba:17:fd:ba:29:2d:e1:05:ae:3a:35:cf:ba:35:d6:c1:02:c4:
3b:83:73:bf:9d:ee:e7:15:54:e4:18:1d:62:99:3f:09:dc:07:
22:45:5e:99:37:a6:bc:8e:21:67:77:02:8c:d7:7f:2a:34:a8:
88:36:7e:b0:4a:7c:a3:7f:7f:ca:bb:43:d2:93:9e:5d:74:ad:
7e:c2:78:d4:5b:f2:4d:2a:10:bb:3a:f0:b9:72:fc:45:dc:e2:
63:97:15:3c:23:9d:f2:72:bf:98:29:59:f3:a1:25:85:1c:80:
eb:85:b5:e5:7d:78:6f:67:55:8d:6a:5a:1e:00:3a:cf:4f:b7:
95:b9:4c:1f:48:bd:7a:97:4f:6b:08:30:25:02:a6:6f:cc:70:
8a:32:90:0c:5d:c0:36:d8:39:d3:91:4b:d5:53:f2:1e:d6:d6:
9f:9f:d7:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLINLoJHvY1/aM/cy7P4J//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODIzMDA1NzU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFiOTZiMjIxODQyOWZjYTFiNjZjNTkyYjRlNDMzYWRlOGY5NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknmgVBSx/UfOhiLvPqpffgwkplJA
C/Sojp407bfPXJGfJAFTVic/pfzFPQrORQs4NUwY4QFo9lhl1bF05B+u4JiC6UPP
f6aNnO2BR/Pv9ZoeT311qtFO1aWJJ5Sm3ACSDPzkcisqqG4lfbEGrVHd6csDsUq3
pRvIrxJwsrhxt74tdRE83ZO1jZFYpc9SZZeaU1F23sUf/TIgaRIk5DNAH22fnjs5
iSDvKWwLWuij9QHpAlKEPIQsQBp5rRzXvtRNnkgUM9KCE1djhCDctZurYID12A4l
bG12ZfSEgE/MgHMLtaAK+v2lMcPr3kWE9OIc2SV6PBZyM+1HwtVQyPLWnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEwblrIhhCn8obZsWStOQzrej5U5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVEJ1V3NpR0VLZnlodG14WkswNURPdDZQbFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwApG
AwcAKg6xBwsRMA0GCSqGSIb3DQEBCwUAA4IBAQCTTaaTgpxH4nrd6Bp2lTMtx/CB
zMLRcI4yuiXuS+MzJhAKpPYbnnPrxATmfmHNNhsAbmcnozdGBXd4F+6MwSxQxb4W
QQhbaSgD/ad7vsrJBjzBl+8OQ5qeQkS6F/26KS3hBa46Nc+6NdbBAsQ7g3O/ne7n
FVTkGB1imT8J3AciRV6ZN6a8jiFndwKM138qNKiINn6wSnyjf3/Ku0PSk55ddK1+
wnjUW/JNKhC7OvC5cvxF3OJjlxU8I53ycr+YKVnzoSWFHIDrhbXlfXhvZ1WNaloe
ADrPT7eVuUwfSL16l09rCDAlAqZvzHCKMpAMXcA22DnTkUvVU/Ie1tafn9eH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org