Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acsMXmpWqJSKvI1FC6y1JvOXEgs.roa
File: acsMXmpWqJSKvI1FC6y1JvOXEgs.roa (raw, json)
Hash identifier: i34okrgIfq/RnKLCAnjF3pC26GzXEhZRN6y+GX6aT4Q=
Subject key identifier: 69:CB:0C:5E:6A:56:A8:94:8A:BC:8D:45:0B:AC:B5:26:F3:97:12:0B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01822D39DFAE804FF61C53BCDC8CE06537E5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acsMXmpWqJSKvI1FC6y1JvOXEgs.roa
Signing time: Sat 23 Jul 2022 22:42:23 +0000
ROA not before: Sat 23 Jul 2022 22:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204901
IP address blocks: 2a0e:b107:f0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2d:39:df:ae:80:4f:f6:1c:53:bc:dc:8c:e0:65:37:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 23 22:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69cb0c5e6a56a8948abc8d450bacb526f397120b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:04:b3:8e:5b:bb:ba:aa:ce:4d:1d:0c:e2:
09:93:fe:b4:8d:34:aa:d1:e8:75:60:0d:db:9c:39:
c4:bb:aa:9b:bd:c8:77:90:f6:7d:97:9f:e2:71:32:
59:a2:8b:4c:c7:da:e2:82:a3:9c:a9:5d:d4:1d:b2:
e6:0b:ab:46:74:5d:17:9d:a3:57:4a:38:4c:a2:52:
7b:2f:8d:fe:70:a2:f5:26:09:28:05:f7:1a:1e:30:
ff:66:99:63:d1:2a:fc:5b:70:2e:e1:0a:fc:0f:13:
22:b7:90:6e:e9:f2:cc:8b:05:fa:73:f6:e3:f7:0a:
dd:a3:c0:30:f3:a6:f9:a1:d9:ef:87:c1:1b:fc:da:
85:dc:36:0e:2f:90:b4:f8:60:59:0b:8a:31:0e:e7:
48:9d:71:11:84:65:54:90:4e:be:39:0c:2f:61:36:
40:ce:98:d1:56:14:18:5d:cf:52:09:a0:5c:a6:dc:
68:bc:3c:1f:90:02:cf:0a:11:6e:5f:3f:9d:41:e0:
18:bd:78:5d:89:c6:81:15:3a:60:3c:28:33:37:79:
e7:48:07:05:81:05:31:d2:a8:c9:49:a1:c3:c4:7d:
d1:7c:10:0f:49:25:c5:e5:9a:6d:82:e3:95:7f:ac:
b0:66:f0:62:b8:84:4a:8f:ee:24:eb:b6:c4:78:c5:
03:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CB:0C:5E:6A:56:A8:94:8A:BC:8D:45:0B:AC:B5:26:F3:97:12:0B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acsMXmpWqJSKvI1FC6y1JvOXEgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f0::/44
Signature Algorithm: sha256WithRSAEncryption
70:43:36:28:23:da:1f:30:3e:16:3a:94:5a:3f:4c:fa:09:26:
63:0f:8a:30:7b:3d:9a:d7:d8:69:c6:cf:71:f7:e9:72:98:f1:
85:4b:23:bf:9a:e0:6f:69:14:5c:77:8d:31:d1:74:ab:4b:2e:
61:f9:0d:17:94:15:ac:34:90:a1:ee:04:d6:50:66:e9:b6:e4:
e4:20:d9:50:81:49:00:f7:30:b1:f9:94:f5:19:b7:d3:ce:52:
90:db:f6:91:bb:09:47:cd:e9:26:1a:48:64:0b:3c:a7:12:6b:
54:4c:42:92:d7:79:3c:21:dd:e3:f5:e4:0c:8f:66:e3:9f:1c:
7b:ef:9e:61:68:fc:c6:ed:06:fd:aa:98:62:98:f0:4a:8c:63:
1d:c7:48:17:66:6d:f9:e5:2c:fb:fb:54:41:cd:fa:65:4b:88:
4f:55:7c:7b:91:38:6a:47:fa:29:25:22:f3:85:ea:da:8e:b2:
5c:00:b2:8e:d8:d7:c8:01:b8:f6:8e:d7:85:5c:29:d4:a9:0a:
69:ad:37:2d:fd:0e:4c:8e:ab:72:5f:c2:ef:30:4f:b1:26:91:
ef:29:60:61:35:e2:b3:40:dc:b8:3a:bb:95:c2:14:86:e3:2c:
dd:ca:b3:ba:82:d0:77:db:0e:dd:32:28:bd:89:fe:e6:e6:39:
d5:ef:13:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYItOd+ugE/2HFO83IzgZTflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzIzMjI0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNiMGM1ZTZhNTZhODk0OGFiYzhkNDUwYmFjYjUyNmYzOTcxMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy0Es45bu7qqzk0dDOIJk/60jTSq
0eh1YA3bnDnEu6qbvch3kPZ9l5/icTJZootMx9rigqOcqV3UHbLmC6tGdF0XnaNX
SjhMolJ7L43+cKL1JgkoBfcaHjD/Zplj0Sr8W3Au4Qr8DxMit5Bu6fLMiwX6c/bj
9wrdo8Aw86b5odnvh8Eb/NqF3DYOL5C0+GBZC4oxDudInXERhGVUkE6+OQwvYTZA
zpjRVhQYXc9SCaBcptxovDwfkALPChFuXz+dQeAYvXhdicaBFTpgPCgzN3nnSAcF
gQUx0qjJSaHDxH3RfBAPSSXF5ZptguOVf6ywZvBiuIRKj+4k67bEeMUDqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGnLDF5qVqiUiryNRQustSbzlxILMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYWNzTVhtcFdxSlNLdkkxRkM2eTFKdk9YRWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwDw
MA0GCSqGSIb3DQEBCwUAA4IBAQBwQzYoI9ofMD4WOpRaP0z6CSZjD4owez2a19hp
xs9x9+lymPGFSyO/muBvaRRcd40x0XSrSy5h+Q0XlBWsNJCh7gTWUGbptuTkINlQ
gUkA9zCx+ZT1GbfTzlKQ2/aRuwlHzekmGkhkCzynEmtUTEKS13k8Id3j9eQMj2bj
nxx7755haPzG7Qb9qphimPBKjGMdx0gXZm355Sz7+1RBzfplS4hPVXx7kThqR/op
JSLzherajrJcALKO2NfIAbj2jteFXCnUqQpprTct/Q5MjqtyX8LvME+xJpHvKWBh
NeKzQNy4OruVwhSG4yzdyrO6gtB32w7dMii9if7m5jnV7xNQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org