Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa
File: g-uOpOi-htmwU4IdG9BzluckncM.roa (raw, json)
Hash identifier: MNobISKlZ6SR1kjtRAuuOTtwu47NcXKdUJfcoqxN+/Q=
Subject key identifier: 83:EB:8E:A4:E8:BE:86:D9:B0:53:82:1D:1B:D0:73:96:E7:24:9D:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 1353D7C3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa
Signing time: Tue 29 Mar 2022 21:37:13 +0000
ROA not before: Tue 29 Mar 2022 21:37:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:b107:1788::/48 maxlen: 48
2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324261827 (0x1353d7c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 29 21:37:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83eb8ea4e8be86d9b053821d1bd07396e7249dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:75:0e:49:f0:d7:d2:d8:29:30:c3:dc:19:51:
62:a3:a2:0b:30:bc:93:cd:61:9a:ee:7f:97:2c:74:
8c:8a:d0:eb:10:0d:52:c4:3a:49:48:f3:7c:91:50:
11:0d:f4:e5:3a:66:0f:41:0e:b2:18:a9:fb:92:52:
f4:78:47:14:ff:76:79:45:c0:18:74:ce:4a:85:28:
32:70:bd:d9:d6:ae:20:ad:83:ea:e3:54:1f:19:b9:
be:7a:fe:a8:0f:2b:3f:c8:36:c8:a8:3a:fd:cf:96:
a3:ae:b0:6a:2d:8b:ef:46:e1:29:75:da:a5:f5:47:
87:49:17:57:07:e9:0a:82:20:11:1e:50:9c:53:c3:
82:73:d7:6d:29:69:96:ca:9e:30:19:3b:99:48:58:
67:98:ff:60:a9:58:62:c3:b2:db:d6:a4:92:a3:b3:
c1:4e:77:06:67:40:32:21:b3:49:a0:aa:d8:a6:7c:
e9:4a:76:c2:51:2e:bb:1e:01:bf:42:f4:05:32:c3:
0c:ce:cc:12:51:9c:c6:03:43:d8:c1:d2:11:47:2d:
7b:51:d8:ba:22:3d:9f:b3:1c:96:75:20:7a:bb:8e:
06:76:fb:78:86:d8:85:d2:e0:0f:fc:06:5f:e5:5a:
3d:2b:99:51:bd:a6:0b:bf:f6:f6:dc:dd:7f:eb:f2:
72:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EB:8E:A4:E8:BE:86:D9:B0:53:82:1D:1B:D0:73:96:E7:24:9D:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
2a0e:b107:1788::/48
Signature Algorithm: sha256WithRSAEncryption
0d:fe:a1:2f:ed:2d:15:d4:94:54:39:03:8f:53:3f:fe:5c:25:
77:3e:f5:bd:31:ba:f2:3c:9b:14:1f:36:93:44:a1:4a:fa:36:
3c:ee:da:99:46:36:bd:56:65:a7:24:bb:e8:2d:db:d8:07:0a:
49:7a:87:07:f3:70:8f:43:70:52:8a:33:5f:b2:ff:b2:4f:fb:
e8:d6:4d:47:3d:68:c8:9b:79:82:60:b1:c5:bb:40:62:c2:f8:
d9:92:63:cc:73:44:e4:40:c6:0f:2e:1a:97:11:f3:f8:ff:09:
5b:e4:d1:28:f7:c8:95:1e:eb:86:5a:a1:c8:b5:b8:28:58:3d:
9c:c7:5e:2d:29:37:fd:fa:78:46:36:b8:84:b2:2a:02:d1:95:
16:78:b0:b0:56:27:ec:e9:c6:f0:ac:a9:4e:5d:e9:3f:b7:64:
ac:f3:ad:4f:72:e5:47:54:2e:70:d5:83:c9:c4:be:8e:d7:05:
f9:fe:cd:51:bc:77:ad:7b:7d:bb:0d:76:6b:74:d9:b3:67:f5:
cb:26:ad:e0:15:a8:46:30:5b:30:10:e2:45:f8:b4:94:38:42:
74:d5:78:40:fd:f0:03:f0:ee:07:b3:9c:98:10:19:b7:14:cf:
77:fd:39:04:b2:15:a2:f7:e6:e9:3f:4f:d7:bd:20:bb:fa:cb:
29:d1:01:d2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEE1PXwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
OTIxMzcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNlYjhlYTRlOGJl
ODZkOWIwNTM4MjFkMWJkMDczOTZlNzI0OWRjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ1Dknw19LYKTDD3BlRYqOiCzC8k81hmu5/lyx0jIrQ6xAN
UsQ6SUjzfJFQEQ305TpmD0EOship+5JS9HhHFP92eUXAGHTOSoUoMnC92dauIK2D
6uNUHxm5vnr+qA8rP8g2yKg6/c+Wo66wai2L70bhKXXapfVHh0kXVwfpCoIgER5Q
nFPDgnPXbSlplsqeMBk7mUhYZ5j/YKlYYsOy29akkqOzwU53BmdAMiGzSaCq2KZ8
6Up2wlEuux4Bv0L0BTLDDM7MElGcxgND2MHSEUcte1HYuiI9n7MclnUgeruOBnb7
eIbYhdLgD/wGX+VaPSuZUb2mC7/29tzdf+vycq8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSD646k6L6G2bBTgh0b0HOW5ySdwzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2ctdU9wT2ktaHRtd1U0SWRHOUJ6bHVja25jTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOl8AKQAMHACoOsQcXiDANBgkq
hkiG9w0BAQsFAAOCAQEADf6hL+0tFdSUVDkDj1M//lwldz71vTG68jybFB82k0Sh
Svo2PO7amUY2vVZlpyS76C3b2AcKSXqHB/Nwj0NwUoozX7L/sk/76NZNRz1oyJt5
gmCxxbtAYsL42ZJjzHNE5EDGDy4alxHz+P8JW+TRKPfIlR7rhlqhyLW4KFg9nMde
LSk3/fp4Rja4hLIqAtGVFniwsFYn7OnG8KypTl3pP7dkrPOtT3LlR1QucNWDycS+
jtcF+f7NUbx3rXt9uw12a3TZs2f1yyat4BWoRjBbMBDiRfi0lDhCdNV4QP3wA/Du
B7OcmBAZtxTPd/05BLIVovfm6T9P170gu/rLKdEB0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org