Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TnfsmELp3qMcXxHmPIPszejLsKk.roa
File: TnfsmELp3qMcXxHmPIPszejLsKk.roa (raw, json)
Hash identifier: ykaZ9GxQ+9t3WPcjoEvksY2hfLVVRo6sKvIthLTnasI=
Subject key identifier: 4E:77:EC:98:42:E9:DE:A3:1C:5F:11:E6:3C:83:EC:CD:E8:CB:B0:A9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 149B4824
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TnfsmELp3qMcXxHmPIPszejLsKk.roa
Signing time: Fri 13 May 2022 13:28:41 +0000
ROA not before: Fri 13 May 2022 13:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211275
IP address blocks: 2a0e:97c0:410::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:41c::/48 maxlen: 48
2a0e:97c0:412::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345720868 (0x149b4824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 13 13:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e77ec9842e9dea31c5f11e63c83eccde8cbb0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c0:57:27:13:ab:48:c4:ab:6c:83:c2:6b:b1:
e0:75:fb:93:2b:a5:db:d4:3c:6b:19:53:5e:88:aa:
74:a4:06:c1:25:5a:76:b3:ac:2e:e4:97:8f:a0:3e:
01:71:a3:12:15:fb:6b:ad:bf:c6:b9:01:19:5e:3f:
f5:25:df:0b:4b:fd:89:14:5e:4d:e8:bd:5b:6f:50:
c8:c6:f1:af:6f:84:80:74:f8:1e:65:02:db:9e:8e:
4b:ac:2e:43:d0:e7:5b:f2:fc:5d:5c:16:dc:6c:6a:
f4:8e:fc:e2:63:fe:fe:a5:70:17:80:4b:2b:7d:3e:
d9:da:08:06:b7:1d:22:90:80:84:6d:ed:52:15:ab:
09:f7:2c:d5:22:fd:fc:28:02:66:38:fa:2c:ab:38:
aa:c9:d9:81:fe:2d:bd:42:06:aa:54:57:4b:05:29:
a5:b6:8c:af:d3:e0:b9:96:a4:4b:9f:06:76:c6:c2:
84:9b:73:61:67:4a:40:69:c1:1c:12:de:bd:25:8a:
c7:16:2a:14:01:73:51:a0:68:9b:0d:8f:b1:8a:5a:
0a:87:bf:b1:f6:65:c3:0a:6a:49:96:cb:d4:de:64:
bd:6d:b1:1b:a7:6f:71:5a:f6:90:cf:75:39:29:eb:
d7:bd:72:fc:ba:7d:c2:8d:04:49:1e:73:66:80:e8:
bd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:77:EC:98:42:E9:DE:A3:1C:5F:11:E6:3C:83:EC:CD:E8:CB:B0:A9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TnfsmELp3qMcXxHmPIPszejLsKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:410::-2a0e:97c0:412:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:41c::/48
Signature Algorithm: sha256WithRSAEncryption
3c:c4:00:cc:5a:28:64:ff:83:af:4e:aa:b6:97:10:62:3d:b2:
a3:1f:69:d7:46:84:a4:f7:2b:f6:5b:72:c8:18:d6:ee:79:34:
62:1c:99:cc:5d:3e:0a:19:4c:79:6a:d9:ee:14:dc:d2:51:b3:
21:62:6f:05:1a:18:8b:a5:d9:1a:5b:79:f8:f9:1d:a9:dd:d0:
89:df:a9:9e:e9:2a:ad:46:d7:a5:06:e0:a9:33:d5:70:78:2b:
f1:3c:f2:3c:3b:0a:a5:5c:5b:19:e9:6f:59:89:cb:72:64:37:
66:33:c5:e1:2b:67:de:01:54:8d:19:ac:0e:51:fd:56:8b:5e:
64:06:f8:20:a0:a0:25:c4:49:27:86:ea:af:7d:f2:e0:a9:e9:
ad:ac:fa:e8:b0:1b:45:07:6f:c1:a1:1a:0e:3b:96:8b:f6:02:
b2:9e:80:84:5f:06:46:63:ac:31:ea:f8:00:7c:51:fa:8c:bd:
0d:b0:2a:d7:fa:17:c3:3c:17:67:13:46:95:44:fb:06:60:6d:
6b:57:e8:bf:90:d9:e8:17:38:ad:9c:d1:13:e3:56:84:fa:6e:
10:f7:af:18:12:ef:09:69:15:98:39:8b:f1:52:bc:a2:2b:7d:
f5:d8:5a:f6:43:d8:6a:d4:fe:94:6e:e5:bd:c4:f8:c9:ea:1a:
d5:1c:f7:a4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEFJtIJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUx
MzEzMjg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU3N2VjOTg0MmU5
ZGVhMzFjNWYxMWU2M2M4M2VjY2RlOGNiYjBhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnAVycTq0jEq2yDwmux4HX7kyul29Q8axlTXoiqdKQGwSVa
drOsLuSXj6A+AXGjEhX7a62/xrkBGV4/9SXfC0v9iRReTei9W29QyMbxr2+EgHT4
HmUC256OS6wuQ9DnW/L8XVwW3Gxq9I784mP+/qVwF4BLK30+2doIBrcdIpCAhG3t
UhWrCfcs1SL9/CgCZjj6LKs4qsnZgf4tvUIGqlRXSwUppbaMr9PguZakS58GdsbC
hJtzYWdKQGnBHBLevSWKxxYqFAFzUaBomw2PsYpaCoe/sfZlwwpqSZbL1N5kvW2x
G6dvcVr2kM91OSnr171y/Lp9wo0ESR5zZoDovV8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBROd+yYQuneoxxfEeY8g+zN6MuwqTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1RuZnNtRUxwM3FNY1h4SG1QSVBzemVqTHNLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwIwQCAAIwHTASAwcEKg6XwAQQAwcAKg6XwAQSAwcA
Kg6XwAQcMA0GCSqGSIb3DQEBCwUAA4IBAQA8xADMWihk/4OvTqq2lxBiPbKjH2nX
RoSk9yv2W3LIGNbueTRiHJnMXT4KGUx5atnuFNzSUbMhYm8FGhiLpdkaW3n4+R2p
3dCJ36me6SqtRtelBuCpM9VweCvxPPI8OwqlXFsZ6W9ZictyZDdmM8XhK2feAVSN
GawOUf1Wi15kBvggoKAlxEknhuqvffLgqemtrProsBtFB2/BoRoOO5aL9gKynoCE
XwZGY6wx6vgAfFH6jL0NsCrX+hfDPBdnE0aVRPsGYG1rV+i/kNnoFzitnNET41aE
+m4Q968YEu8JaRWYOYvxUryiK3312Fr2Q9hq1P6UbuW9xPjJ6hrVHPek
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org