Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bh38Jwe7ng47a58daRUFClgmpp8.roa
File: bh38Jwe7ng47a58daRUFClgmpp8.roa (raw, json)
Hash identifier: cLkqDD+okx1U1ae1cSHhYLcstJHpT896oxm34n9g+Vw=
Subject key identifier: 6E:1D:FC:27:07:BB:9E:0E:3B:6B:9F:1D:69:15:05:0A:58:26:A6:9F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 116D63E8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bh38Jwe7ng47a58daRUFClgmpp8.roa
Signing time: Thu 20 Jan 2022 14:14:18 +0000
ROA not before: Thu 20 Jan 2022 14:14:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210969
IP address blocks: 2a0e:97c0:500::/44 maxlen: 48
2a0e:97c0:500::/48 maxlen: 48
2a0e:97c0:503::/48 maxlen: 48
2a0e:97c0:501::/48 maxlen: 48
2a0e:97c0:502::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 292381672 (0x116d63e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 20 14:14:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e1dfc2707bb9e0e3b6b9f1d6915050a5826a69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:23:6d:a4:0f:c4:bd:95:04:35:0d:20:e2:cd:
8d:94:1f:63:f4:43:d6:9b:5e:de:eb:29:22:1e:be:
01:62:b1:1b:1c:5e:ed:ea:a7:52:0c:b9:c8:c8:a0:
b3:46:e2:45:1c:41:15:29:f1:06:48:a4:46:19:c4:
39:f2:94:42:91:49:3a:12:28:91:7f:22:a1:02:2c:
53:36:ea:c9:48:e9:7d:8e:4a:f2:3d:03:9b:52:19:
26:6b:2b:4d:22:98:c3:7c:01:7a:8f:ad:f4:f7:7e:
0d:6a:c0:d7:ff:d2:25:ed:bc:c7:cb:87:be:fa:d5:
0f:cf:b7:d1:ba:cf:2a:b0:cc:f1:52:a8:07:d9:ef:
07:bb:b3:87:aa:14:57:0d:7d:5d:f6:05:95:3d:c0:
54:74:4a:6b:7c:8c:8d:eb:ac:e3:4f:ed:b8:0e:65:
f4:c5:e0:3f:e9:8b:a1:b5:0c:ec:93:72:f6:66:c6:
d2:ad:d1:26:81:b3:df:66:43:b7:ed:37:8e:fe:c0:
26:57:73:93:06:00:5e:c5:0d:a2:ac:9c:5c:6f:0e:
51:3c:df:1b:13:7f:0b:90:0c:ea:21:09:1b:a0:4d:
c9:21:c9:3a:e9:e8:19:2f:a5:9b:f7:68:60:5c:cf:
f3:c1:c6:4c:a7:e7:53:43:d1:3a:63:e5:73:f6:3a:
cd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1D:FC:27:07:BB:9E:0E:3B:6B:9F:1D:69:15:05:0A:58:26:A6:9F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bh38Jwe7ng47a58daRUFClgmpp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:500::/44
Signature Algorithm: sha256WithRSAEncryption
1f:44:7a:b1:df:d5:b0:1f:8f:54:bd:78:cb:1b:0f:f9:06:22:
19:94:d3:6d:9b:42:c8:ef:1a:20:d9:0a:dc:39:fa:b7:24:7d:
e6:78:49:be:c0:00:32:76:60:41:fb:fb:1b:36:5b:83:15:1c:
d1:30:06:7e:fc:d5:9a:a9:f9:8c:df:ef:77:a9:1d:c4:af:26:
c2:17:04:29:6c:1e:30:06:2c:10:4f:b8:9b:05:2a:10:89:56:
fc:b6:c8:c4:27:0e:47:5e:25:a2:f0:bc:6f:27:47:09:71:bf:
7c:2f:53:bb:d7:85:91:e7:d4:f7:c0:78:65:18:be:98:75:3e:
65:8d:c6:1c:c6:52:62:5a:38:3f:fb:3f:23:b3:b1:80:d5:55:
c0:72:82:1a:1f:9c:44:86:0f:c0:3b:24:3d:ea:8e:f3:04:ac:
df:8b:c7:f0:60:86:d0:16:1d:c9:64:ce:4f:6f:c4:7d:81:4d:
2a:50:8d:92:9d:d7:76:11:b2:b8:6a:6c:83:00:66:45:0b:23:
9c:87:fb:16:b4:0a:d0:28:46:50:f9:dd:4c:6d:34:58:3a:e6:
49:f1:be:b5:42:f5:48:bd:2e:4c:32:dd:ef:33:fd:0e:ab:fb:
43:7a:74:30:62:6b:85:c2:c8:6f:d9:2e:0f:cc:1c:aa:e9:f4:
76:35:92:b1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEW1j6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEy
MDE0MTQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUxZGZjMjcwN2Ji
OWUwZTNiNmI5ZjFkNjkxNTA1MGE1ODI2YTY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0jbaQPxL2VBDUNIOLNjZQfY/RD1pte3uspIh6+AWKxGxxe
7eqnUgy5yMigs0biRRxBFSnxBkikRhnEOfKUQpFJOhIokX8ioQIsUzbqyUjpfY5K
8j0Dm1IZJmsrTSKYw3wBeo+t9Pd+DWrA1//SJe28x8uHvvrVD8+30brPKrDM8VKo
B9nvB7uzh6oUVw19XfYFlT3AVHRKa3yMjeus40/tuA5l9MXgP+mLobUM7JNy9mbG
0q3RJoGz32ZDt+03jv7AJldzkwYAXsUNoqycXG8OUTzfGxN/C5AM6iEJG6BNySHJ
OunoGS+lm/doYFzP88HGTKfnU0PROmPlc/Y6zWUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRuHfwnB7ueDjtrnx1pFQUKWCamnzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2JoMzhKd2U3bmc0N2E1OGRhUlVGQ2xnbXBwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AFADANBgkqhkiG9w0BAQsF
AAOCAQEAH0R6sd/VsB+PVL14yxsP+QYiGZTTbZtCyO8aINkK3Dn6tyR95nhJvsAA
MnZgQfv7GzZbgxUc0TAGfvzVmqn5jN/vd6kdxK8mwhcEKWweMAYsEE+4mwUqEIlW
/LbIxCcOR14lovC8bydHCXG/fC9Tu9eFkefU98B4ZRi+mHU+ZY3GHMZSYlo4P/s/
I7OxgNVVwHKCGh+cRIYPwDskPeqO8wSs34vH8GCG0BYdyWTOT2/EfYFNKlCNkp3X
dhGyuGpsgwBmRQsjnIf7FrQK0ChGUPndTG00WDrmSfG+tUL1SL0uTDLd7zP9Dqv7
Q3p0MGJrhcLIb9kuD8wcqun0djWSsQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org