Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Us4YAp9JAoig32RvHsf88ZqFn7U.roa
File: Us4YAp9JAoig32RvHsf88ZqFn7U.roa (raw, json)
Hash identifier: iZPiby6FpSjfyRmboFw3TySzr4H2y+lsG4vbAdUB3gQ=
Subject key identifier: 52:CE:18:02:9F:49:02:88:A0:DF:64:6F:1E:C7:FC:F1:9A:85:9F:B5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14836EAB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Us4YAp9JAoig32RvHsf88ZqFn7U.roa
Signing time: Tue 10 May 2022 17:25:02 +0000
ROA not before: Tue 10 May 2022 17:25:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49678
IP address blocks: 2a0e:97c0:a80::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 344157867 (0x14836eab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 10 17:25:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52ce18029f490288a0df646f1ec7fcf19a859fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:98:a3:c6:ba:7a:cf:65:4f:ce:34:71:1f:
c1:b0:f6:79:5f:dd:0f:87:c8:b4:5b:a7:23:62:18:
b6:64:ad:68:c0:53:82:3f:9b:d2:07:4b:7b:fa:94:
9b:a2:a3:ec:f5:95:79:1f:5e:f0:ae:02:d0:b4:a1:
34:4c:b2:c5:ba:45:65:51:8d:29:71:52:44:5f:6f:
98:e9:34:d4:6c:a2:0f:70:75:b7:b7:01:10:1c:6b:
b3:9a:d0:e4:35:1c:17:6b:99:dc:bc:ee:37:70:cd:
ba:59:89:7a:9c:68:08:bf:54:ac:ab:d5:4a:34:76:
d8:ed:04:4d:bc:34:90:1a:43:ed:b4:dc:da:47:b4:
1a:f6:4e:53:34:60:cd:fd:a2:7c:74:db:91:db:e2:
95:bb:65:59:af:82:0f:95:64:19:da:b6:99:61:74:
c8:88:ed:57:45:f8:77:e1:79:e6:90:fb:c4:f0:c6:
f7:a6:19:5d:fc:5f:ef:d9:23:2b:4b:02:6a:76:48:
35:9e:92:3b:09:02:7e:28:3b:29:f6:c1:12:94:5a:
72:ef:4f:e7:c7:aa:b7:33:fe:7c:ef:92:21:42:f5:
9b:ad:d9:3c:e1:53:fb:d3:34:84:fc:de:b1:0e:a1:
96:f3:cc:05:30:6b:71:02:39:77:22:7b:2d:60:c6:
99:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CE:18:02:9F:49:02:88:A0:DF:64:6F:1E:C7:FC:F1:9A:85:9F:B5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Us4YAp9JAoig32RvHsf88ZqFn7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
7a:81:82:40:94:09:58:df:46:38:84:cb:c9:ce:b6:be:17:ee:
4d:dd:32:97:e6:eb:4e:fd:47:77:51:07:8a:71:2f:66:0f:48:
60:e2:fe:a1:9b:22:51:73:a6:76:be:8b:68:6e:33:19:27:7e:
9d:81:e6:a4:70:1a:7d:a5:b6:d2:18:54:ed:f2:7b:96:81:c3:
27:19:78:ad:5d:fa:34:34:2f:07:eb:eb:f9:57:66:d5:34:00:
e4:ee:55:07:1d:d0:70:18:12:25:36:8f:2f:77:2c:ec:a6:17:
99:e9:4a:98:cd:e5:d7:c3:3a:ae:50:b9:18:ff:58:6e:81:c2:
9a:40:34:a7:3a:17:ff:95:33:f6:1f:8e:0f:13:84:1f:27:a0:
83:c5:0a:d2:13:8e:33:4e:8f:46:bc:f4:d9:18:bd:75:9b:37:
01:4d:52:e1:30:5d:66:cb:75:01:fd:37:0c:8d:65:c8:a4:a8:
15:6d:ed:55:69:37:34:84:d9:5c:21:71:77:14:ea:ae:6e:6a:
94:49:41:cc:4f:62:39:f0:af:19:ce:68:ad:94:98:86:8b:92:
58:ee:a7:c4:9d:35:b2:58:4a:a3:21:17:01:5e:26:e6:d0:a4:
cb:6b:84:e4:03:20:f2:db:26:b5:f6:76:e8:e9:20:cb:17:17:
5f:d2:9f:35
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFINuqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUx
MDE3MjUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJjZTE4MDI5ZjQ5
MDI4OGEwZGY2NDZmMWVjN2ZjZjE5YTg1OWZiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5BmKPGunrPZU/ONHEfwbD2eV/dD4fItFunI2IYtmStaMBT
gj+b0gdLe/qUm6Kj7PWVeR9e8K4C0LShNEyyxbpFZVGNKXFSRF9vmOk01GyiD3B1
t7cBEBxrs5rQ5DUcF2uZ3LzuN3DNulmJepxoCL9UrKvVSjR22O0ETbw0kBpD7bTc
2ke0GvZOUzRgzf2ifHTbkdvilbtlWa+CD5VkGdq2mWF0yIjtV0X4d+F55pD7xPDG
96YZXfxf79kjK0sCanZINZ6SOwkCfig7KfbBEpRacu9P58eqtzP+fO+SIUL1m63Z
POFT+9M0hPzesQ6hlvPMBTBrcQI5dyJ7LWDGmZcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRSzhgCn0kCiKDfZG8ex/zxmoWftTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1VzNFlBcDlKQW9pZzMyUnZIc2Y4OFpxRm43VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AKgDANBgkqhkiG9w0BAQsF
AAOCAQEAeoGCQJQJWN9GOITLyc62vhfuTd0yl+brTv1Hd1EHinEvZg9IYOL+oZsi
UXOmdr6LaG4zGSd+nYHmpHAafaW20hhU7fJ7loHDJxl4rV36NDQvB+vr+Vdm1TQA
5O5VBx3QcBgSJTaPL3cs7KYXmelKmM3l18M6rlC5GP9YboHCmkA0pzoX/5Uz9h+O
DxOEHyegg8UK0hOOM06PRrz02Ri9dZs3AU1S4TBdZst1Af03DI1lyKSoFW3tVWk3
NITZXCFxdxTqrm5qlElBzE9iOfCvGc5orZSYhouSWO6nxJ01slhKoyEXAV4m5tCk
y2uE5AMg8tsmtfZ26OkgyxcXX9KfNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org