Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d3TzhfaiQcejPOPmQLR0lpGI2_o.roa
File: d3TzhfaiQcejPOPmQLR0lpGI2_o.roa (raw, json)
Hash identifier: lR4rjNaVfq/47hKwynGx9PTU8Vv7lfGUj0yGpHHu5HY=
Subject key identifier: 77:74:F3:85:F6:A2:41:C7:A3:3C:E3:E6:40:B4:74:96:91:88:DB:FA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12205BE5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d3TzhfaiQcejPOPmQLR0lpGI2_o.roa
Signing time: Wed 16 Feb 2022 14:25:56 +0000
ROA not before: Wed 16 Feb 2022 14:25:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211946
IP address blocks: 2a0e:97c0:145::/48 maxlen: 48
2a0e:97c0:143::/48 maxlen: 48
2a0e:97c0:141::/48 maxlen: 48
2a0e:97c0:144::/48 maxlen: 48
2a0e:97c0:142::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304110565 (0x12205be5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 16 14:25:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7774f385f6a241c7a33ce3e640b474969188dbfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:9a:20:44:8e:40:a5:b1:17:b8:4b:57:81:
02:e5:4e:67:c6:78:6f:cf:b0:00:5d:a3:7a:ef:ef:
67:fb:6f:a5:39:d3:da:45:b5:1c:95:d7:be:6b:6e:
48:cc:a9:26:6d:99:2b:fc:7f:3a:c7:2a:fa:06:06:
4c:31:36:d8:9c:6a:4b:9d:75:6b:4a:a5:75:3e:a6:
e2:46:f7:29:86:3c:89:fa:6d:66:99:a4:0c:f7:55:
7f:19:95:00:37:8e:c9:03:4e:0b:25:8d:a2:ea:b3:
ff:cc:aa:f1:da:7e:48:6d:b5:33:54:b6:4b:a4:f8:
c0:a5:9f:7f:22:61:30:c4:23:9e:c3:a7:23:96:6e:
be:ff:80:c8:3c:b9:28:3b:b5:c0:59:ff:4b:f3:c4:
44:46:3e:f5:bb:8a:1b:a7:0e:9a:37:47:3c:80:40:
65:8a:59:03:12:34:e5:a1:fe:ab:2c:77:91:af:3b:
35:e0:c0:70:34:b1:b3:bf:86:e2:a1:f9:07:e9:ef:
44:42:11:63:cd:c3:fd:a0:0e:3a:1a:36:85:4f:e5:
c1:26:31:31:70:76:69:34:0e:a6:d5:50:ec:89:ca:
57:74:49:f9:78:02:e5:4d:42:6f:3b:a7:2d:3d:fe:
57:92:55:e5:1e:b4:30:c1:75:eb:af:07:26:55:6d:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:74:F3:85:F6:A2:41:C7:A3:3C:E3:E6:40:B4:74:96:91:88:DB:FA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d3TzhfaiQcejPOPmQLR0lpGI2_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:141::-2a0e:97c0:145:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c8:36:61:3e:7a:ec:28:76:02:11:97:9b:8f:4e:1f:e9:83:95:
91:3d:2b:21:5e:05:86:f8:f5:44:d0:30:0d:19:f6:11:40:23:
ac:f0:13:d8:d5:0b:ff:48:f0:36:51:61:39:bf:62:d0:85:cb:
57:5b:98:b5:23:c4:51:5b:01:19:32:24:32:25:0d:c2:ef:b5:
71:e0:ad:72:b9:63:ba:c3:ab:69:30:1c:f5:81:40:87:66:e1:
52:67:59:41:17:45:b3:87:79:2c:45:8a:0e:55:6c:0e:f6:98:
f5:21:38:3e:a4:50:f9:96:2e:e7:44:24:60:e0:b3:d0:c0:d0:
87:9c:e7:ff:bb:5d:c7:7d:6b:ad:eb:fa:b0:0f:da:eb:ae:3e:
4c:a3:ba:50:6c:58:94:53:c5:e0:02:3c:fc:a6:46:1f:7e:16:
35:23:d6:c2:3c:33:6b:4b:be:46:08:27:d8:44:34:55:04:33:
36:6a:69:15:c6:6a:1d:a5:00:cb:fa:93:de:bd:18:fe:0d:c3:
4f:80:32:2a:71:c7:92:ab:bf:39:f9:dc:75:df:b8:31:fe:a9:
57:42:8b:6d:4b:6c:08:ff:72:a9:28:7e:be:27:67:ee:f6:5a:
6c:12:bd:57:b5:6c:c2:d1:45:ed:9f:99:fb:05:b4:c8:fc:bf:
fd:01:b1:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEEiBb5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
NjE0MjU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc3NGYzODVmNmEy
NDFjN2EzM2NlM2U2NDBiNDc0OTY5MTg4ZGJmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK32miBEjkClsRe4S1eBAuVOZ8Z4b8+wAF2jeu/vZ/tvpTnT
2kW1HJXXvmtuSMypJm2ZK/x/Oscq+gYGTDE22JxqS511a0qldT6m4kb3KYY8ifpt
ZpmkDPdVfxmVADeOyQNOCyWNouqz/8yq8dp+SG21M1S2S6T4wKWffyJhMMQjnsOn
I5Zuvv+AyDy5KDu1wFn/S/PEREY+9buKG6cOmjdHPIBAZYpZAxI05aH+qyx3ka87
NeDAcDSxs7+G4qH5B+nvREIRY83D/aAOOho2hU/lwSYxMXB2aTQOptVQ7InKV3RJ
+XgC5U1CbzunLT3+V5JV5R60MMF1668HJlVt9fsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBR3dPOF9qJBx6M84+ZAtHSWkYjb+jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2QzVHpoZmFpUWNlalBPUG1RTFIwbHBHSTJfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcAKg6XwAFBAwcBKg6XwAFEMA0G
CSqGSIb3DQEBCwUAA4IBAQDINmE+euwodgIRl5uPTh/pg5WRPSshXgWG+PVE0DAN
GfYRQCOs8BPY1Qv/SPA2UWE5v2LQhctXW5i1I8RRWwEZMiQyJQ3C77Vx4K1yuWO6
w6tpMBz1gUCHZuFSZ1lBF0Wzh3ksRYoOVWwO9pj1ITg+pFD5li7nRCRg4LPQwNCH
nOf/u13HfWut6/qwD9rrrj5Mo7pQbFiUU8XgAjz8pkYffhY1I9bCPDNrS75GCCfY
RDRVBDM2amkVxmodpQDL+pPevRj+DcNPgDIqcceSq785+dx137gx/qlXQottS2wI
/3KpKH6+J2fu9lpsEr1XtWzC0UXtn5n7BbTI/L/9AbH7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org