Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZKkt11qFt5apPcsTNlFjYjM6vEs.roa
File: ZKkt11qFt5apPcsTNlFjYjM6vEs.roa (raw, json)
Hash identifier: vF3fd8dHLBX/Ubhqo/p3YXdMMXaipRKlSguQlJxLMAs=
Subject key identifier: 64:A9:2D:D7:5A:85:B7:96:A9:3D:CB:13:36:51:63:62:33:3A:BC:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183E9431B03B0B036C340C103ACEF3F7522
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZKkt11qFt5apPcsTNlFjYjM6vEs.roa
Signing time: Tue 18 Oct 2022 04:03:52 +0000
ROA not before: Tue 18 Oct 2022 04:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211946
IP address blocks: 2a0e:97c0:145::/48 maxlen: 48
2a0e:97c0:143::/48 maxlen: 48
2a0e:97c0:141::/48 maxlen: 48
2a0e:b107:1c31::/48 maxlen: 48
2a0e:97c0:144::/48 maxlen: 48
2a0e:97c0:142::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e9:43:1b:03:b0:b0:36:c3:40:c1:03:ac:ef:3f:75:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 18 04:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64a92dd75a85b796a93dcb1336516362333abc4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ff:be:97:16:8b:cf:42:dd:ba:8b:03:e7:e7:
6b:65:5b:43:72:ba:12:f5:f1:80:30:aa:94:70:01:
1a:d7:50:54:a9:0a:1f:7d:52:3f:02:47:b4:6d:f5:
d8:15:f2:66:de:41:c6:8e:85:00:50:ee:aa:cb:54:
9f:bc:bc:e8:c8:1f:67:fe:85:ac:d2:87:49:00:3c:
50:47:0c:a5:c7:4e:30:6d:ba:67:91:d3:71:17:e1:
43:82:02:56:81:88:ff:4a:63:34:24:70:f8:87:8e:
95:47:b9:a7:d5:e4:b3:f9:8b:03:75:ba:38:92:15:
fe:17:2a:a3:d1:89:12:ca:82:31:c8:da:10:1e:b0:
15:20:f7:52:a6:8f:82:c0:8b:a8:f1:01:ff:8c:19:
f4:1d:9f:25:3b:b7:5f:12:60:ed:bc:f5:38:ad:51:
78:03:a2:bf:02:b7:81:47:e6:22:c8:7f:c0:3b:18:
b3:2b:2a:22:9a:32:9c:e2:d4:89:9b:49:11:05:d4:
f7:6c:be:b7:28:31:33:88:d1:97:25:ca:25:cb:80:
e5:82:62:a7:ac:3c:72:70:89:22:28:58:80:9d:db:
f2:b6:2f:48:d3:a3:3b:11:3a:22:e1:d1:0e:99:3a:
a1:19:e7:73:7b:74:c6:66:ae:e6:8f:f2:2b:b0:cf:
62:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A9:2D:D7:5A:85:B7:96:A9:3D:CB:13:36:51:63:62:33:3A:BC:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZKkt11qFt5apPcsTNlFjYjM6vEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:141::-2a0e:97c0:145:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1c31::/48
Signature Algorithm: sha256WithRSAEncryption
12:d3:12:aa:56:7e:02:05:85:08:20:4c:30:eb:bb:99:f0:2e:
9b:b9:ec:b4:a0:bb:5f:7d:a4:57:e8:10:7e:f7:dc:48:a5:00:
0a:4a:07:56:16:79:fc:a3:fb:83:43:33:8e:e4:a4:0c:63:77:
29:17:96:88:ad:ef:06:21:7c:9b:bb:6b:bd:8d:b0:d3:a5:94:
6e:cc:9c:c6:d7:6f:21:21:d9:9d:62:3a:62:d0:e6:c9:3d:b6:
97:86:88:8d:7f:f5:b5:e2:a0:6c:f5:28:46:a3:0f:97:63:ac:
56:86:bd:20:47:e8:17:92:42:df:1f:5f:13:71:ce:fe:f3:c3:
6a:74:c2:1b:49:60:e5:c6:c4:30:ae:3b:73:f3:b4:87:e1:3d:
73:69:55:c4:3c:83:ae:60:81:00:ee:b7:b7:9e:41:2d:77:d5:
92:57:dd:5b:77:e1:da:72:0b:1e:60:fc:f3:e9:47:b1:5c:48:
79:18:eb:62:51:24:33:5b:49:d8:73:e5:80:17:7b:a9:b7:44:
59:8e:87:61:9f:1b:04:7c:6c:5f:d1:ee:46:34:a5:d6:01:6d:
bf:29:e1:12:44:95:a0:f4:11:b8:8e:88:81:6d:47:d0:72:72:
fa:d1:1a:e4:c3:33:a4:67:fd:09:cf:b8:3a:fb:46:81:c5:d7:
14:c5:11:b6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYPpQxsDsLA2w0DBA6zvP3UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE4MDQwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE5MmRkNzVhODViNzk2YTkzZGNiMTMzNjUxNjM2MjMzM2FiYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf++lxaLz0LduosD5+drZVtDcroS
9fGAMKqUcAEa11BUqQoffVI/Ake0bfXYFfJm3kHGjoUAUO6qy1SfvLzoyB9n/oWs
0odJADxQRwylx04wbbpnkdNxF+FDggJWgYj/SmM0JHD4h46VR7mn1eSz+YsDdbo4
khX+Fyqj0YkSyoIxyNoQHrAVIPdSpo+CwIuo8QH/jBn0HZ8lO7dfEmDtvPU4rVF4
A6K/AreBR+YiyH/AOxizKyoimjKc4tSJm0kRBdT3bL63KDEziNGXJcoly4DlgmKn
rDxycIkiKFiAndvyti9I06M7EToi4dEOmTqhGedze3TGZq7mj/IrsM9ibwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGSpLddahbeWqT3LEzZRY2IzOrxLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWktrdDExcUZ0NWFwUGNzVE5sRmpZak02dkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqDpfA
AUEDBwEqDpfAAUQDBwAqDrEHHDEwDQYJKoZIhvcNAQELBQADggEBABLTEqpWfgIF
hQggTDDru5nwLpu57LSgu199pFfoEH733EilAApKB1YWefyj+4NDM47kpAxjdykX
loit7wYhfJu7a72NsNOllG7MnMbXbyEh2Z1iOmLQ5sk9tpeGiI1/9bXioGz1KEaj
D5djrFaGvSBH6BeSQt8fXxNxzv7zw2p0whtJYOXGxDCuO3PztIfhPXNpVcQ8g65g
gQDut7eeQS131ZJX3Vt34dpyCx5g/PPpR7FcSHkY62JRJDNbSdhz5YAXe6m3RFmO
h2GfGwR8bF/R7kY0pdYBbb8p4RJElaD0EbiOiIFtR9BycvrRGuTDM6Rn/QnPuDr7
RoHF1xTFEbY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:00 2023 by rpki-client on console-ams.rpki-client.org