Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hCXFN0uAhWqZGZyMb5vcsjtirC8.roa
File: hCXFN0uAhWqZGZyMb5vcsjtirC8.roa (raw, json)
Hash identifier: sCftnxiVU4T44PmdzoxAo3fPhMXmoEoeDG+wZnP2bZ4=
Subject key identifier: 84:25:C5:37:4B:80:85:6A:99:19:9C:8C:6F:9B:DC:B2:3B:62:AC:2F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10ABA06A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hCXFN0uAhWqZGZyMb5vcsjtirC8.roa
Signing time: Sat 01 Jan 2022 09:05:16 +0000
ROA not before: Sat 01 Jan 2022 09:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210562
IP address blocks: 2a0e:97c0:620::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279683178 (0x10aba06a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8425c5374b80856a99199c8c6f9bdcb23b62ac2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:95:6b:2a:d9:c4:1f:cb:67:77:00:16:e5:d9:
36:c0:9e:00:38:b0:3e:45:2b:73:06:3a:74:2c:3e:
32:0b:26:e1:7b:00:15:d9:e8:17:46:a9:a5:a0:42:
5c:ec:b7:43:36:1a:91:27:5f:55:2b:95:2f:92:8a:
61:8e:58:cd:18:7e:f4:5a:4d:76:f8:44:6d:80:de:
a5:14:b3:c4:e9:05:3b:0e:06:4f:bb:48:7e:e3:7d:
5d:20:b9:c4:4a:35:7c:c8:e0:37:7a:5b:e0:22:fc:
75:f8:58:c7:39:37:ed:e0:12:6c:ce:7c:a2:3c:af:
ae:7d:2f:ae:03:32:ca:46:c4:02:fd:67:7b:a4:ca:
c0:e5:d1:29:2c:c3:d5:43:32:c9:bd:65:35:34:1d:
2b:c7:78:25:a3:7b:6c:fb:79:7c:16:80:93:02:57:
b6:0a:7c:a8:99:bd:2a:c6:1c:25:5b:ba:15:90:71:
47:63:93:6d:2f:61:59:73:95:b4:c1:84:b4:82:93:
3a:39:c7:e7:98:fe:9a:f5:f0:03:19:78:7f:6f:40:
ad:5c:87:ae:e1:cf:6e:f9:0d:61:ce:f4:36:85:5b:
49:7d:50:1c:b1:98:72:38:ed:42:ac:bc:45:da:de:
31:44:3d:2d:61:e9:c9:8b:fd:09:7a:ff:89:2b:05:
ca:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:25:C5:37:4B:80:85:6A:99:19:9C:8C:6F:9B:DC:B2:3B:62:AC:2F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hCXFN0uAhWqZGZyMb5vcsjtirC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:620::/44
Signature Algorithm: sha256WithRSAEncryption
52:98:20:66:59:34:cc:e5:83:09:58:3a:81:a9:5d:6a:50:27:
5b:10:bb:5e:77:bf:11:ea:60:6e:c8:1f:11:42:37:3c:30:75:
d6:71:7f:f4:f6:69:82:52:90:ab:da:03:7f:fb:52:9e:22:24:
3f:b5:91:d0:21:54:b2:9e:63:03:f7:04:53:51:1e:3e:71:01:
ce:1d:8a:9f:cd:81:2e:6b:76:6a:9e:85:1a:34:d2:e3:8a:ab:
7e:e5:6e:2a:53:27:bc:92:7e:02:b1:27:08:59:0c:2b:53:44:
75:3e:81:80:eb:7b:f0:78:8e:ac:71:08:aa:5f:aa:f7:cc:34:
c1:e1:9c:a4:96:0d:c4:56:c5:78:28:02:69:48:d3:1a:c1:6b:
ab:12:37:2b:68:19:a0:cd:7f:e7:9f:c0:af:8f:98:11:bb:d3:
89:f4:10:12:b1:e8:3c:bc:02:63:fa:47:f9:30:64:b0:5c:e2:
73:b4:2f:77:13:87:b5:e0:f7:6b:48:a9:08:ac:0e:c5:64:78:
12:13:94:4f:41:e4:39:83:99:53:6c:be:dc:4b:64:35:ba:e8:
94:13:9b:8c:36:03:96:34:c9:1e:d5:b7:e6:5c:7b:53:bf:39:
aa:cd:38:49:e6:d3:ad:d3:8d:01:ea:ce:55:f6:0c:25:e1:12:
1d:f5:f3:6c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEKugajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQyNWM1Mzc0Yjgw
ODU2YTk5MTk5YzhjNmY5YmRjYjIzYjYyYWMyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKVayrZxB/LZ3cAFuXZNsCeADiwPkUrcwY6dCw+Mgsm4XsA
FdnoF0appaBCXOy3QzYakSdfVSuVL5KKYY5YzRh+9FpNdvhEbYDepRSzxOkFOw4G
T7tIfuN9XSC5xEo1fMjgN3pb4CL8dfhYxzk37eASbM58ojyvrn0vrgMyykbEAv1n
e6TKwOXRKSzD1UMyyb1lNTQdK8d4JaN7bPt5fBaAkwJXtgp8qJm9KsYcJVu6FZBx
R2OTbS9hWXOVtMGEtIKTOjnH55j+mvXwAxl4f29ArVyHruHPbvkNYc70NoVbSX1Q
HLGYcjjtQqy8RdreMUQ9LWHpyYv9CXr/iSsFyhcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSEJcU3S4CFapkZnIxvm9yyO2KsLzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2hDWEZOMHVBaFdxWkdaeU1iNXZjc2p0aXJDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AGIDANBgkqhkiG9w0BAQsF
AAOCAQEAUpggZlk0zOWDCVg6galdalAnWxC7Xne/EepgbsgfEUI3PDB11nF/9PZp
glKQq9oDf/tSniIkP7WR0CFUsp5jA/cEU1EePnEBzh2Kn82BLmt2ap6FGjTS44qr
fuVuKlMnvJJ+ArEnCFkMK1NEdT6BgOt78HiOrHEIql+q98w0weGcpJYNxFbFeCgC
aUjTGsFrqxI3K2gZoM1/55/Ar4+YEbvTifQQErHoPLwCY/pH+TBksFzic7QvdxOH
teD3a0ipCKwOxWR4EhOUT0HkOYOZU2y+3EtkNbrolBObjDYDljTJHtW35lx7U785
qs04SebTrdONAerOVfYMJeESHfXzbA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org