Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fFmjPSR54i59mgvyF8_iSgXhk_o.roa
File: fFmjPSR54i59mgvyF8_iSgXhk_o.roa (raw, json)
Hash identifier: xNF3XC1zemsc7+lasNeQkwJ4wxPF72N/bGgPIuy6i0o=
Subject key identifier: 7C:59:A3:3D:24:79:E2:2E:7D:9A:0B:F2:17:CF:E2:4A:05:E1:93:FA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183E40775E35672844E87E38A6E756F9CFB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fFmjPSR54i59mgvyF8_iSgXhk_o.roa
Signing time: Mon 17 Oct 2022 03:40:37 +0000
ROA not before: Mon 17 Oct 2022 03:40:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:b107:1120::/44 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a10:cc42:1b00::/40 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:07:75:e3:56:72:84:4e:87:e3:8a:6e:75:6f:9c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 17 03:40:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c59a33d2479e22e7d9a0bf217cfe24a05e193fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b6:bf:68:9d:a7:33:da:4e:ac:59:fe:48:01:
57:50:2f:aa:bb:54:f1:16:f0:70:d0:be:5e:40:37:
6e:a2:ec:73:a1:79:64:83:5c:25:bb:a1:48:9a:c3:
a6:9e:7a:ae:6b:16:1a:b2:77:fd:df:84:fc:1a:ac:
a6:2e:af:a6:0a:74:b3:c2:5f:8e:40:2c:55:2a:70:
f8:43:33:78:d9:e5:cf:6d:4f:0d:99:4f:c5:2e:2d:
f9:2d:04:42:b1:04:bf:52:a6:ac:64:f1:73:a1:d4:
92:c6:98:46:fc:9d:07:00:3e:74:14:87:37:46:49:
09:78:65:51:96:89:a0:c9:04:22:e0:5f:c1:10:b8:
a3:d5:d9:e1:b5:b3:37:f0:92:e5:38:2a:2a:e5:73:
94:5d:60:aa:b5:51:6d:a9:0d:1a:2c:bb:dd:15:d5:
78:60:85:35:6c:bf:db:59:40:88:32:db:40:81:ac:
c2:b1:61:58:9e:42:0e:f1:77:64:63:b6:d8:60:46:
40:97:f4:f2:7e:ac:b1:ee:a8:c3:0a:08:4c:15:e8:
79:85:21:7a:ff:f4:ed:d0:9a:df:84:0d:ff:5c:89:
f6:7a:2f:ae:68:5d:58:6d:97:be:00:3a:2d:b3:5e:
d5:b5:d1:9f:fb:f6:6d:e0:01:53:01:97:42:de:29:
b6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:59:A3:3D:24:79:E2:2E:7D:9A:0B:F2:17:CF:E2:4A:05:E1:93:FA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fFmjPSR54i59mgvyF8_iSgXhk_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:4000::/34
2a0e:b107:1120::/44
2a10:cc42:1000::/36
Signature Algorithm: sha256WithRSAEncryption
45:46:5d:96:38:5b:1d:ff:78:d0:3a:b6:4e:d5:60:aa:36:0b:
db:5a:2e:2d:16:51:79:45:1c:e8:df:bd:ec:26:a9:e3:51:44:
90:54:9e:55:62:ec:13:0e:de:19:d3:31:66:15:79:bb:b7:22:
cf:71:ef:7b:f1:93:b2:88:70:32:b6:2d:d6:cf:31:ca:5f:83:
f1:c6:62:00:2e:da:03:2c:ed:bf:c2:8f:6b:7c:f2:88:bd:13:
6a:9a:43:03:e2:67:da:60:67:20:40:72:d0:61:66:30:f6:b2:
90:bb:e5:10:5a:5b:29:58:f9:03:14:5c:d8:20:f0:c7:b5:f9:
37:d7:c7:02:18:04:e6:a5:61:4c:c2:fa:7c:95:54:ee:c1:27:
d8:74:4f:01:89:63:97:90:81:16:1d:11:db:44:7c:54:4f:1a:
45:a6:7e:73:13:63:10:03:b6:cd:f5:ef:16:0c:ea:c0:5b:a0:
2d:29:0d:11:95:22:9b:c8:d5:dd:31:21:fe:6d:5b:d9:f0:97:
5c:cd:89:ba:d2:fd:78:35:5b:92:29:f9:2f:23:68:3f:c2:a1:
9d:88:91:20:53:01:a6:fc:8d:37:f5:dd:72:cc:22:60:3e:67:
77:3f:1b:eb:7d:97:6c:14:65:dd:83:09:e2:79:aa:4a:94:4a:
01:ec:ca:46
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYPkB3XjVnKETofjim51b5z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE3MDM0MDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU5YTMzZDI0NzllMjJlN2Q5YTBiZjIxN2NmZTI0YTA1ZTE5M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlra/aJ2nM9pOrFn+SAFXUC+qu1Tx
FvBw0L5eQDduouxzoXlkg1wlu6FImsOmnnquaxYasnf934T8GqymLq+mCnSzwl+O
QCxVKnD4QzN42eXPbU8NmU/FLi35LQRCsQS/UqasZPFzodSSxphG/J0HAD50FIc3
RkkJeGVRlomgyQQi4F/BELij1dnhtbM38JLlOCoq5XOUXWCqtVFtqQ0aLLvdFdV4
YIU1bL/bWUCIMttAgazCsWFYnkIO8XdkY7bYYEZAl/Tyfqyx7qjDCghMFeh5hSF6
//Tt0JrfhA3/XIn2ei+uaF1YbZe+ADots17VtdGf+/Zt4AFTAZdC3im2NQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFHxZoz0keeIufZoL8hfP4koF4ZP6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZkZtalBTUjU0aTU5bWd2eUY4X2lTZ1hoa19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYGKg6XxkAD
BwQqDrEHESADBgQqEMxCEDANBgkqhkiG9w0BAQsFAAOCAQEARUZdljhbHf940Dq2
TtVgqjYL21ouLRZReUUc6N+97Cap41FEkFSeVWLsEw7eGdMxZhV5u7ciz3Hve/GT
sohwMrYt1s8xyl+D8cZiAC7aAyztv8KPa3zyiL0TappDA+Jn2mBnIEBy0GFmMPay
kLvlEFpbKVj5AxRc2CDwx7X5N9fHAhgE5qVhTML6fJVU7sEn2HRPAYljl5CBFh0R
20R8VE8aRaZ+cxNjEAO2zfXvFgzqwFugLSkNEZUim8jV3TEh/m1b2fCXXM2JutL9
eDVbkin5LyNoP8KhnYiRIFMBpvyNN/XdcswiYD5ndz8b632XbBRl3YMJ4nmqSpRK
AezKRg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org