Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRakg3-9MdZAXyvG4d95AaUIh8M.roa
File: bRakg3-9MdZAXyvG4d95AaUIh8M.roa (raw, json)
Hash identifier: aijsqsb+J8M26CKuLSFzumdPLbdnGWHvbSmwl6LXJZU=
Subject key identifier: 6D:16:A4:83:7F:BD:31:D6:40:5F:2B:C6:E1:DF:79:01:A5:08:87:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 112D6A16
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRakg3-9MdZAXyvG4d95AaUIh8M.roa
Signing time: Fri 07 Jan 2022 20:02:37 +0000
ROA not before: Fri 07 Jan 2022 20:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211659
IP address blocks: 2a0e:b105:128::/48 maxlen: 48
2a0e:b105:12d::/48 maxlen: 48
2a0e:b105:12e::/48 maxlen: 48
2a0e:b105:123::/48 maxlen: 48
2a0e:b105:12c::/48 maxlen: 48
2a0e:b105:121::/48 maxlen: 48
2a0e:b105:122::/48 maxlen: 48
2a0e:b105:127::/48 maxlen: 48
2a0e:b105:120::/48 maxlen: 48
2a0e:b105:125::/48 maxlen: 48
2a0e:b105:126::/48 maxlen: 48
2a10:cc40:100::/44 maxlen: 48
2a10:cc40:110::/44 maxlen: 48
2a0e:b105:12b::/48 maxlen: 48
2a0e:b105:124::/48 maxlen: 48
2a0e:b105:129::/48 maxlen: 48
2a0e:b105:12a::/48 maxlen: 48
2a0e:b105:12f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288188950 (0x112d6a16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 7 20:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d16a4837fbd31d6405f2bc6e1df7901a50887c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9c:3a:1a:a0:42:b5:76:10:68:7a:4c:83:a4:
d5:35:60:88:15:01:f8:b8:ea:d0:8f:42:f6:fb:d3:
e0:57:46:59:20:0b:c5:a0:78:2b:35:12:59:eb:0f:
3c:47:00:e9:98:94:6f:8a:9e:ec:3b:bc:de:2c:88:
45:fa:31:be:40:f5:31:fc:57:67:b2:17:1a:8f:2a:
2d:bd:b2:04:0a:54:16:f6:24:02:ad:99:8a:64:ee:
eb:b3:b8:75:0a:cf:c6:18:6a:da:b6:57:f3:c7:c8:
26:71:f0:39:d1:56:d9:d7:86:82:89:c8:f2:3a:b6:
3d:f8:6c:27:3a:aa:7c:c7:05:77:31:e1:cc:ae:60:
ba:c6:2f:6f:9a:4f:c0:1b:fe:cc:92:68:a1:a7:8e:
53:7f:1f:a0:c8:79:61:a7:75:6b:e9:1b:a2:a2:83:
84:47:22:ed:73:f9:8a:fe:4e:ae:e6:9b:b3:13:0c:
b0:ea:6c:75:5d:3a:81:e9:79:f0:3e:bb:cf:c2:96:
34:e7:59:22:f2:a0:af:22:39:5c:fc:df:6b:93:18:
1d:36:c8:64:be:9a:15:87:5f:b8:8a:9e:74:89:72:
ad:82:9f:17:cf:f1:cd:18:0d:bc:a1:84:0e:d4:fa:
69:dd:d7:b2:74:60:8e:6a:9a:9c:c7:39:08:f2:f8:
c6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:16:A4:83:7F:BD:31:D6:40:5F:2B:C6:E1:DF:79:01:A5:08:87:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRakg3-9MdZAXyvG4d95AaUIh8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b105:120::/44
2a10:cc40:100::/43
Signature Algorithm: sha256WithRSAEncryption
96:5a:dd:17:6b:07:fc:95:f9:dc:14:8a:1d:45:fc:55:dd:da:
cd:e3:c9:3d:73:46:0c:b5:8f:a0:ca:0a:6b:7a:ae:a7:42:b6:
54:8a:5f:86:ac:ed:ef:6d:78:8a:59:5b:af:f4:55:85:35:25:
36:1a:8c:5c:52:14:e9:97:57:7e:e9:2a:a7:fc:6a:c1:2d:fb:
8b:c1:33:9f:a2:59:84:bc:6b:b3:ef:04:85:21:9a:e4:cc:4f:
6b:d4:7c:c2:0b:b3:79:69:e0:45:45:7a:ed:16:df:b7:68:e4:
b4:ee:95:50:19:e8:bd:38:bc:52:10:9a:07:b3:13:c0:ab:39:
72:d4:51:bc:65:2f:68:24:07:f8:f6:f8:bc:03:9e:2a:61:e3:
8e:eb:41:af:2a:40:01:6f:c4:a4:a9:8c:dd:ee:30:34:c8:0c:
89:d3:71:44:8a:ed:bc:8a:3d:88:9c:55:8b:b4:f2:af:e1:e3:
eb:ef:08:19:aa:05:a8:b4:8b:73:5d:40:60:e7:6d:23:15:8a:
b7:17:18:89:35:56:c1:b8:8e:e0:28:7f:60:44:67:7e:25:28:
99:ef:73:f5:09:59:e3:c9:4e:95:ba:81:69:27:85:dc:06:c1:
b8:1a:94:1e:64:f2:55:72:ab:08:e8:82:71:b6:ea:b1:87:26:
3f:0a:d1:83
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEES1qFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
NzIwMDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxNmE0ODM3ZmJk
MzFkNjQwNWYyYmM2ZTFkZjc5MDFhNTA4ODdjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCcOhqgQrV2EGh6TIOk1TVgiBUB+Ljq0I9C9vvT4FdGWSAL
xaB4KzUSWesPPEcA6ZiUb4qe7Du83iyIRfoxvkD1MfxXZ7IXGo8qLb2yBApUFvYk
Aq2ZimTu67O4dQrPxhhq2rZX88fIJnHwOdFW2deGgonI8jq2PfhsJzqqfMcFdzHh
zK5gusYvb5pPwBv+zJJooaeOU38foMh5Yad1a+kboqKDhEci7XP5iv5OruabsxMM
sOpsdV06gel58D67z8KWNOdZIvKgryI5XPzfa5MYHTbIZL6aFYdfuIqedIlyrYKf
F8/xzRgNvKGEDtT6ad3XsnRgjmqanMc5CPL4xjkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRtFqSDf70x1kBfK8bh33kBpQiHwzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2JSYWtnMy05TWRaQVh5dkc0ZDk1QWFVSWg4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOsQUBIAMHBSoQzEABADANBgkq
hkiG9w0BAQsFAAOCAQEAllrdF2sH/JX53BSKHUX8Vd3azePJPXNGDLWPoMoKa3qu
p0K2VIpfhqzt7214illbr/RVhTUlNhqMXFIU6ZdXfukqp/xqwS37i8Ezn6JZhLxr
s+8EhSGa5MxPa9R8wguzeWngRUV67Rbft2jktO6VUBnovTi8UhCaB7MTwKs5ctRR
vGUvaCQH+Pb4vAOeKmHjjutBrypAAW/EpKmM3e4wNMgMidNxRIrtvIo9iJxVi7Ty
r+Hj6+8IGaoFqLSLc11AYOdtIxWKtxcYiTVWwbiO4Ch/YERnfiUome9z9QlZ48lO
lbqBaSeF3AbBuBqUHmTyVXKrCOiCcbbqsYcmPwrRgw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org