Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bxYrfEnjbAiXdimBYkYKOu7lU3c.roa
File: bxYrfEnjbAiXdimBYkYKOu7lU3c.roa (raw, json)
Hash identifier: NxjoX7ump37R5Dot33O0nFtE+p3HLoxlPoeQGZ2oryM=
Subject key identifier: 6F:16:2B:7C:49:E3:6C:08:97:76:29:81:62:46:0A:3A:EE:E5:53:77
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184996F45418FCF0DB5AB2452947A0B2C7C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bxYrfEnjbAiXdimBYkYKOu7lU3c.roa
Signing time: Mon 21 Nov 2022 09:05:17 +0000
ROA not before: Mon 21 Nov 2022 09:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202929
IP address blocks: 2a0e:97c0:510::/47 maxlen: 48
2a0e:97c0:512::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:6f:45:41:8f:cf:0d:b5:ab:24:52:94:7a:0b:2c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 21 09:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f162b7c49e36c089776298162460a3aeee55377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:3b:7a:5d:01:ab:2d:dd:93:71:6d:a2:d6:
eb:76:07:9d:8c:60:2e:5a:12:e0:63:4a:ac:eb:fb:
b8:17:03:d2:6b:01:41:89:df:8b:0c:e6:18:26:b4:
1e:2e:7c:c9:bb:57:68:5c:36:b5:78:5b:4b:d5:f9:
15:f4:ce:d5:62:b7:33:5d:81:1a:d4:bb:91:80:12:
59:80:03:8b:dd:5b:0a:51:22:88:87:b2:fa:c9:be:
f6:e4:7b:55:4c:de:fc:48:45:d4:a4:be:eb:d9:dc:
56:d4:36:4e:b2:3e:2d:c2:82:71:f0:1b:5e:94:d7:
3b:01:55:ed:66:4d:28:e0:f9:06:8d:b6:87:9b:d3:
ce:93:64:4d:27:51:5d:9b:fb:f8:55:36:46:6a:4a:
0c:93:78:e4:c9:6c:58:88:05:6e:2c:38:bf:91:bd:
cc:e3:d7:46:72:50:d5:74:a6:ae:ee:d7:50:f5:b7:
26:c9:d1:a9:da:ac:2e:9c:6e:9d:23:b5:01:f1:00:
cb:c9:51:86:bd:30:66:4e:ae:23:8d:47:a7:55:dd:
91:84:5f:29:60:d9:47:09:14:36:82:b9:a9:88:89:
93:31:89:99:81:00:ab:6a:1c:79:1b:b4:1c:b8:da:
4f:27:28:31:b3:5b:6c:4f:0d:42:03:2c:b6:28:0a:
d8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:16:2B:7C:49:E3:6C:08:97:76:29:81:62:46:0A:3A:EE:E5:53:77
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bxYrfEnjbAiXdimBYkYKOu7lU3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:510::-2a0e:97c0:512:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:bd:0b:8a:5a:65:c0:df:2e:f4:58:37:66:7f:e4:a4:0c:4b:
5e:6a:46:14:00:55:c5:7e:97:32:48:d6:7c:73:4c:6b:e9:38:
3a:ea:fa:88:bf:a6:18:3e:70:c0:1d:33:52:8c:c2:bf:e8:a8:
76:6b:ce:b8:e8:a8:fe:7a:84:cf:4d:bb:88:b5:39:c3:c5:59:
7d:7c:64:c8:93:f8:69:47:ff:b5:68:68:ab:c1:aa:52:68:f7:
31:0a:37:5e:be:0d:13:fa:bd:95:6b:ca:c4:ec:8a:24:21:33:
c1:16:30:70:5e:33:de:30:f5:d8:58:d4:2d:66:e8:1a:b6:6d:
84:d4:59:ed:ff:49:46:f2:3e:8a:b4:8c:36:e9:53:d0:9e:4a:
e2:f0:be:c7:f4:71:84:64:9c:98:5a:6d:e3:c9:86:75:d3:d4:
45:e3:da:6f:a2:5d:14:fb:49:66:f3:12:5a:d8:52:aa:bb:6e:
a1:19:0e:da:73:bc:3f:ca:da:49:1f:86:0a:99:d9:b7:2c:8b:
a8:79:2c:67:5d:69:41:5b:e0:13:36:f7:56:41:f4:9e:8f:2a:
4d:56:22:42:e9:2e:38:a5:c4:3c:48:fe:e9:e2:94:ea:01:4f:
69:83:3b:a4:69:a6:64:73:4b:bc:27:75:f0:4a:bd:fc:ab:33:
27:85:1f:57
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSZb0VBj88NtaskUpR6Cyx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTIxMDkwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE2MmI3YzQ5ZTM2YzA4OTc3NjI5ODE2MjQ2MGEzYWVlZTU1Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBs7el0Bqy3dk3FtotbrdgedjGAu
WhLgY0qs6/u4FwPSawFBid+LDOYYJrQeLnzJu1doXDa1eFtL1fkV9M7VYrczXYEa
1LuRgBJZgAOL3VsKUSKIh7L6yb725HtVTN78SEXUpL7r2dxW1DZOsj4twoJx8Bte
lNc7AVXtZk0o4PkGjbaHm9POk2RNJ1Fdm/v4VTZGakoMk3jkyWxYiAVuLDi/kb3M
49dGclDVdKau7tdQ9bcmydGp2qwunG6dI7UB8QDLyVGGvTBmTq4jjUenVd2RhF8p
YNlHCRQ2grmpiImTMYmZgQCrahx5G7QcuNpPJygxs1tsTw1CAyy2KArYWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG8WK3xJ42wIl3YpgWJGCjru5VN3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYnhZcmZFbmpiQWlYZGltQllrWUtPdTdsVTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
BRADBwAqDpfABRIwDQYJKoZIhvcNAQELBQADggEBAHi9C4paZcDfLvRYN2Z/5KQM
S15qRhQAVcV+lzJI1nxzTGvpODrq+oi/phg+cMAdM1KMwr/oqHZrzrjoqP56hM9N
u4i1OcPFWX18ZMiT+GlH/7VoaKvBqlJo9zEKN16+DRP6vZVrysTsiiQhM8EWMHBe
M94w9dhY1C1m6Bq2bYTUWe3/SUbyPoq0jDbpU9CeSuLwvsf0cYRknJhabePJhnXT
1EXj2m+iXRT7SWbzElrYUqq7bqEZDtpzvD/K2kkfhgqZ2bcsi6h5LGddaUFb4BM2
91ZB9J6PKk1WIkLpLjilxDxI/unilOoBT2mDO6RppmRzS7wndfBKvfyrMyeFH1c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org