Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZU5P9N3KFJOgAuzDc40he8_QuvU.roa
File: ZU5P9N3KFJOgAuzDc40he8_QuvU.roa (raw, json)
Hash identifier: xu9i3FoSB7CDVWffVuKaMUYrU89VocCOaxFl1o2ThQU=
Subject key identifier: 65:4E:4F:F4:DD:CA:14:93:A0:02:EC:C3:73:8D:21:7B:CF:D0:BA:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01840844BC4B2C698C84F298A48B4695D574
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZU5P9N3KFJOgAuzDc40he8_QuvU.roa
Signing time: Mon 24 Oct 2022 04:33:53 +0000
ROA not before: Mon 24 Oct 2022 04:33:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209391
IP address blocks: 2a0e:b107:1c90::/48 maxlen: 48
2a10:cc40:1c2::/48 maxlen: 48
2a10:cc40:1c0::/48 maxlen: 48
2a10:cc40:1c1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:44:bc:4b:2c:69:8c:84:f2:98:a4:8b:46:95:d5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 24 04:33:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=654e4ff4ddca1493a002ecc3738d217bcfd0baf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:eb:c2:16:55:7a:07:28:ed:dc:f6:42:b4:
af:5a:89:a2:7b:fd:a8:91:05:63:d6:f9:55:85:ff:
06:be:40:71:33:e8:1b:da:7d:d2:8e:c3:ef:e4:90:
5b:52:3a:a9:68:50:69:63:21:1f:3c:77:8d:ca:24:
42:81:97:7b:7d:15:02:98:17:84:66:79:2c:13:48:
db:c4:2f:a7:bd:25:19:ff:6a:32:09:e5:86:bf:db:
cf:e9:07:a5:0e:bc:49:4e:37:16:69:52:6e:76:cd:
dd:79:b8:4e:0d:4b:45:ae:55:e5:40:d6:29:13:0c:
81:6d:9c:03:43:58:42:46:3c:df:9f:00:36:a4:b3:
e4:93:e0:1d:e6:09:90:4e:42:a5:53:e3:4f:c0:21:
31:a1:fd:0b:ee:5e:04:67:9e:52:ad:12:8f:ab:0f:
6c:7b:9d:a3:95:bd:b3:66:56:3d:b5:d7:67:9c:f1:
5a:b0:41:34:f2:55:cf:a4:ef:6f:b0:5d:31:b6:9b:
74:c8:de:1b:72:0e:1b:3f:35:1e:30:55:2a:a8:f0:
90:4b:94:52:ac:87:d8:ba:8a:ce:b0:c2:00:0a:1b:
d9:7e:2e:c5:1b:82:74:cb:ad:1d:42:3f:c2:37:50:
73:c3:24:44:9e:1c:3f:9f:12:cb:34:bd:a6:12:c6:
eb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4E:4F:F4:DD:CA:14:93:A0:02:EC:C3:73:8D:21:7B:CF:D0:BA:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZU5P9N3KFJOgAuzDc40he8_QuvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c90::/48
2a10:cc40:1c0::-2a10:cc40:1c2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5b:17:d3:ef:3c:0b:8a:8e:e4:d6:03:5e:87:c0:ef:68:b8:7c:
eb:e8:50:7c:ba:cb:04:93:5e:32:1e:27:a7:0b:61:76:f3:36:
9b:07:67:ec:6f:5c:1d:fd:6b:f1:21:80:f2:28:dd:14:63:cb:
11:8f:08:97:99:72:30:ae:65:96:ed:22:7d:53:68:76:e8:4c:
eb:d5:a1:84:5f:a0:dd:00:d9:8e:ac:dd:ef:4d:e9:63:16:6f:
81:eb:ef:72:08:df:27:2b:58:7a:2b:c7:d5:97:27:c9:95:72:
96:aa:2b:d6:01:ad:ed:3e:d0:65:5d:5a:ce:d3:d9:4b:aa:22:
9f:26:cd:11:74:ef:40:01:d7:11:d8:fd:fc:06:fa:e4:70:f2:
24:85:b2:a3:2b:ba:30:7c:18:cc:32:da:2c:51:1b:19:e7:74:
10:92:35:09:b2:a1:87:57:e0:c9:5c:f0:63:17:68:eb:b9:74:
d1:0f:49:d8:5f:fa:57:70:ef:44:b6:27:a6:81:11:2a:2c:d4:
90:8f:a9:b2:bb:eb:97:0f:85:ad:00:98:49:7d:5b:e6:c0:96:
b4:2e:96:5b:22:60:3a:8f:eb:93:49:97:c8:8e:d4:4a:f0:d3:
d3:ec:01:cd:bc:9c:ac:37:e7:5e:7b:85:27:2e:fe:dd:cc:68:
58:93:c4:b0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYQIRLxLLGmMhPKYpItGldV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI0MDQzMzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRlNGZmNGRkY2ExNDkzYTAwMmVjYzM3MzhkMjE3YmNmZDBiYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDrrwhZVegco7dz2QrSvWomie/2o
kQVj1vlVhf8GvkBxM+gb2n3SjsPv5JBbUjqpaFBpYyEfPHeNyiRCgZd7fRUCmBeE
ZnksE0jbxC+nvSUZ/2oyCeWGv9vP6QelDrxJTjcWaVJuds3debhODUtFrlXlQNYp
EwyBbZwDQ1hCRjzfnwA2pLPkk+Ad5gmQTkKlU+NPwCExof0L7l4EZ55SrRKPqw9s
e52jlb2zZlY9tddnnPFasEE08lXPpO9vsF0xtpt0yN4bcg4bPzUeMFUqqPCQS5RS
rIfYuorOsMIAChvZfi7FG4J0y60dQj/CN1BzwyREnhw/nxLLNL2mEsbrawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGVOT/TdyhSToALsw3ONIXvP0Lr1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWlU1UDlOM0tGSk9nQXV6RGM0MGhlOF9RdXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBxyQ
MBIDBwYqEMxAAcADBwAqEMxAAcIwDQYJKoZIhvcNAQELBQADggEBAFsX0+88C4qO
5NYDXofA72i4fOvoUHy6ywSTXjIeJ6cLYXbzNpsHZ+xvXB39a/EhgPIo3RRjyxGP
CJeZcjCuZZbtIn1TaHboTOvVoYRfoN0A2Y6s3e9N6WMWb4Hr73II3ycrWHorx9WX
J8mVcpaqK9YBre0+0GVdWs7T2UuqIp8mzRF070AB1xHY/fwG+uRw8iSFsqMrujB8
GMwy2ixRGxnndBCSNQmyoYdX4Mlc8GMXaOu5dNEPSdhf+ldw70S2J6aBESos1JCP
qbK765cPha0AmEl9W+bAlrQullsiYDqP65NJl8iO1Erw09PsAc28nKw35157hScu
/t3MaFiTxLA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org