Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cb7Tki-DHV-GwHMLX4X6JbAycH8.roa
File: cb7Tki-DHV-GwHMLX4X6JbAycH8.roa (raw, json)
Hash identifier: Ps6B9ykx8AGAJcQUHNyrF8z3AYY24Ow1c/gvuWbnGEw=
Subject key identifier: 71:BE:D3:92:2F:83:1D:5F:86:C0:73:0B:5F:85:FA:25:B0:32:70:7F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14C343D4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cb7Tki-DHV-GwHMLX4X6JbAycH8.roa
Signing time: Fri 20 May 2022 22:50:17 +0000
ROA not before: Fri 20 May 2022 22:50:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207556
IP address blocks: 2a0e:b100:106::/48 maxlen: 48
2a0e:b100:101::/48 maxlen: 48
2a0e:b100:107::/48 maxlen: 48
2a0e:b100:10a::/48 maxlen: 48
2a0e:b100:105::/48 maxlen: 48
2a0e:b100:100::/48 maxlen: 48
2a0e:b100:110::/48 maxlen: 48
2a10:2f00:181::/48 maxlen: 48
2a0e:b100:109::/48 maxlen: 48
2a0e:b100:104::/48 maxlen: 48
2a0e:b100:102::/48 maxlen: 48
2a0e:b100:108::/48 maxlen: 48
2a0e:b100:103::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348341204 (0x14c343d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 20 22:50:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71bed3922f831d5f86c0730b5f85fa25b032707f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:a0:6b:8e:fd:ee:c1:61:2e:51:d3:54:1d:
fb:78:60:85:95:a7:df:5b:df:4d:88:90:65:a8:5d:
32:09:d6:fa:27:f0:72:b8:cd:cd:3f:af:08:91:74:
c3:e5:ed:f0:c8:59:54:7e:9b:45:0f:4c:ea:e6:48:
1d:9d:82:b6:4e:d7:1c:21:63:1c:41:82:89:23:db:
90:41:08:f9:6d:d3:c0:22:6a:4f:8a:07:8e:2a:e2:
1c:be:0b:de:75:a5:80:38:eb:36:ea:8c:aa:39:1f:
6c:9a:00:f8:0e:16:40:23:d0:56:db:ef:31:8e:63:
49:6c:0b:12:df:0e:32:60:58:60:ba:9d:45:44:80:
fd:d1:8e:38:46:93:a5:45:d6:bf:86:d0:1c:3b:e1:
21:6e:68:2f:e3:58:2b:7e:e6:60:76:4a:59:70:1b:
4c:df:27:e0:68:7b:63:0e:20:66:f4:93:75:ea:6d:
0a:2e:15:20:eb:e5:40:12:74:bc:32:5d:28:f6:5e:
ef:0f:7b:32:c9:7f:f4:1e:72:c2:34:26:fd:50:2e:
09:3c:31:6b:f0:da:76:f5:1f:89:9c:05:e9:95:ae:
4e:ea:f2:4a:6c:ac:a2:ac:12:8c:f6:d1:c4:23:d8:
f7:22:39:b8:7f:ac:88:54:ea:94:9f:53:1d:ac:3c:
f4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BE:D3:92:2F:83:1D:5F:86:C0:73:0B:5F:85:FA:25:B0:32:70:7F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cb7Tki-DHV-GwHMLX4X6JbAycH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b100:100::-2a0e:b100:10a:ffff:ffff:ffff:ffff:ffff
2a0e:b100:110::/48
2a10:2f00:181::/48
Signature Algorithm: sha256WithRSAEncryption
51:41:fd:2e:94:a1:3e:1b:c0:4e:12:fa:e4:2a:c6:84:ae:a2:
68:3b:e8:4a:b1:cf:10:15:ff:cc:16:88:76:43:db:ab:e8:96:
54:64:85:b6:54:bb:a1:ed:2d:fa:36:0e:95:4a:47:c7:7b:6f:
97:da:10:56:d3:16:fa:65:89:a5:c8:b6:bf:84:bc:4b:6f:44:
e7:6e:69:03:f2:c6:fd:6a:25:da:0a:a3:80:40:2b:69:74:3c:
9c:f1:57:07:60:7f:61:bd:86:42:88:c0:30:3b:33:3d:37:6b:
5c:56:ab:5c:7f:3d:6a:f8:63:f8:c3:aa:ab:04:a5:da:ae:01:
fc:f4:a9:80:6f:ce:b9:dd:60:e9:58:b5:25:35:da:0a:ff:c8:
e9:81:0e:eb:2d:a3:f0:07:52:84:7d:2e:d1:14:ad:b2:a6:28:
fa:09:0d:65:6f:ae:e7:7b:a8:1e:72:1e:89:5f:13:78:0e:df:
a5:80:25:3e:14:96:51:ea:7b:fe:0b:11:37:7d:a5:ec:11:33:
03:5a:fe:85:84:b0:03:f9:20:4e:e4:4c:63:e8:ce:82:4b:ab:
85:0e:e3:93:2c:2b:b6:55:8a:09:93:11:ba:e6:86:88:98:91:
be:9b:05:a8:ab:8e:c0:f8:65:28:81:da:7e:e3:5d:ba:ab:03:
9f:8e:7e:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEFMND1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUy
MDIyNTAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFiZWQzOTIyZjgz
MWQ1Zjg2YzA3MzBiNWY4NWZhMjViMDMyNzA3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1AoGuO/e7BYS5R01Qd+3hghZWn31vfTYiQZahdMgnW+ifw
crjNzT+vCJF0w+Xt8MhZVH6bRQ9M6uZIHZ2Ctk7XHCFjHEGCiSPbkEEI+W3TwCJq
T4oHjiriHL4L3nWlgDjrNuqMqjkfbJoA+A4WQCPQVtvvMY5jSWwLEt8OMmBYYLqd
RUSA/dGOOEaTpUXWv4bQHDvhIW5oL+NYK37mYHZKWXAbTN8n4Gh7Yw4gZvSTdept
Ci4VIOvlQBJ0vDJdKPZe7w97Msl/9B5ywjQm/VAuCTwxa/DadvUfiZwF6ZWuTury
SmysoqwSjPbRxCPY9yI5uH+siFTqlJ9THaw89L8CAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBRxvtOSL4MdX4bAcwtfhfolsDJwfzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2NiN1RraS1ESFYtR3dITUxYNFg2SmJBeWNIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wKwQCAAIwJTARAwYAKg6xAAEDBwAqDrEAAQoDBwAq
DrEAARADBwAqEC8AAYEwDQYJKoZIhvcNAQELBQADggEBAFFB/S6UoT4bwE4S+uQq
xoSuomg76EqxzxAV/8wWiHZD26vollRkhbZUu6HtLfo2DpVKR8d7b5faEFbTFvpl
iaXItr+EvEtvROduaQPyxv1qJdoKo4BAK2l0PJzxVwdgf2G9hkKIwDA7Mz03a1xW
q1x/PWr4Y/jDqqsEpdquAfz0qYBvzrndYOlYtSU12gr/yOmBDusto/AHUoR9LtEU
rbKmKPoJDWVvrud7qB5yHolfE3gO36WAJT4UllHqe/4LETd9pewRMwNa/oWEsAP5
IE7kTGPozoJLq4UO45MsK7ZVigmTEbrmhoiYkb6bBairjsD4ZSiB2n7jXbqrA5+O
fpA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org