Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hEqBRGYSRbTxMXqbAQU99j1K9dk.roa
File: hEqBRGYSRbTxMXqbAQU99j1K9dk.roa (raw, json)
Hash identifier: 1FQPki094x0Ewxz30pqquhB0DhGHSkvAJ2WgDma1KJE=
Subject key identifier: 84:4A:81:44:66:12:45:B4:F1:31:7A:9B:01:05:3D:F6:3D:4A:F5:D9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018426C7163467AD268DB927312E35C5690D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hEqBRGYSRbTxMXqbAQU99j1K9dk.roa
Signing time: Sun 30 Oct 2022 02:44:52 +0000
ROA not before: Sun 30 Oct 2022 02:44:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:97c1:800::/37 maxlen: 48
2a0e:97c7:800::/37 maxlen: 48
2a10:cc42:1800::/37 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:26:c7:16:34:67:ad:26:8d:b9:27:31:2e:35:c5:69:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 30 02:44:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=844a8144661245b4f1317a9b01053df63d4af5d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:42:ce:dc:f5:b6:b7:9a:d8:6d:5a:1e:ee:
fe:43:6f:22:c2:21:3d:c6:e5:7a:a7:6b:aa:e2:4c:
fa:9b:d1:94:02:26:96:1a:24:6d:cf:6e:b9:2d:db:
42:fb:7c:be:f2:71:91:f7:8b:1c:78:00:13:ee:a0:
fd:03:55:c1:3d:c9:90:2d:85:7f:29:5c:90:b4:43:
65:8f:7a:07:53:33:17:14:4c:3a:65:4e:e9:ee:00:
01:5b:97:ba:44:9e:2d:9c:c1:71:f9:87:8c:f0:55:
44:fe:59:c5:d5:d1:75:7b:a7:7b:97:5e:f5:c4:93:
6b:6b:39:27:75:07:a9:b4:6f:3f:39:50:92:6f:e8:
53:fa:7e:cf:98:f4:65:09:a4:21:6b:1c:b1:50:cd:
c7:7a:a2:8d:c6:77:d8:7c:47:7a:e9:1d:a0:c8:d6:
2b:d1:e5:57:df:d2:a3:56:d2:ec:28:fb:c0:b1:56:
71:01:d3:9b:db:4c:ac:fb:f0:b2:af:e6:d1:d3:72:
89:ea:fc:08:e8:42:fc:95:54:6a:78:fc:2a:7a:a2:
68:bb:bc:1e:3d:08:f7:ef:78:dd:6d:af:3d:b9:ad:
9f:a4:92:b9:7e:75:83:bf:e8:c2:92:26:12:c4:4d:
9d:2e:eb:3c:23:56:d8:62:d0:68:ab:c4:5f:a3:07:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4A:81:44:66:12:45:B4:F1:31:7A:9B:01:05:3D:F6:3D:4A:F5:D9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hEqBRGYSRbTxMXqbAQU99j1K9dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c7:800::/37
2a10:cc42:1800::/37
Signature Algorithm: sha256WithRSAEncryption
2a:97:7b:f0:e0:53:a9:1c:cf:e8:4f:f0:13:9f:07:4d:3c:7f:
f0:eb:19:f6:ff:14:eb:05:c9:ec:63:e2:59:8c:84:2f:f8:8f:
fb:a1:79:be:b5:f4:1b:4d:88:96:fc:ad:a6:a7:20:0c:93:6e:
cf:ec:c1:a5:c5:af:1d:e3:3b:84:16:16:d5:9f:c9:74:1e:8f:
fb:74:d2:b8:40:a9:38:20:a4:7f:46:c6:b9:57:44:f1:a9:f7:
a4:47:1e:ed:41:25:ce:25:61:3d:1d:64:ca:8c:e9:5a:39:6a:
a5:33:37:a4:8a:df:99:67:50:cc:d5:54:9d:c0:05:9c:21:7b:
d6:94:2a:3e:9a:f2:d1:02:9d:4d:5b:4b:1e:7d:99:05:1f:94:
43:68:60:16:f8:e2:2d:03:65:bc:5b:c6:8d:42:ba:78:75:d1:
4d:2b:9d:c6:6f:e3:92:d8:8c:12:77:8e:ff:c5:92:c2:82:8b:
fd:de:de:6d:19:1c:36:91:11:66:51:33:8d:0b:f5:6e:63:90:
d9:36:59:9f:1e:23:7b:01:13:e3:9c:0f:a2:6d:89:a7:ec:b4:
36:ca:2a:5c:31:e8:e2:f9:79:38:a0:b6:dc:cc:c5:45:b0:b8:
6b:29:bc:2a:c7:1d:36:61:28:4a:00:44:8d:38:77:58:64:1d:
1e:64:a4:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQmxxY0Z60mjbknMS41xWkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDMwMDI0NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRhODE0NDY2MTI0NWI0ZjEzMTdhOWIwMTA1M2RmNjNkNGFmNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+1Cztz1trea2G1aHu7+Q28iwiE9
xuV6p2uq4kz6m9GUAiaWGiRtz265LdtC+3y+8nGR94sceAAT7qD9A1XBPcmQLYV/
KVyQtENlj3oHUzMXFEw6ZU7p7gABW5e6RJ4tnMFx+YeM8FVE/lnF1dF1e6d7l171
xJNrazkndQeptG8/OVCSb+hT+n7PmPRlCaQhaxyxUM3HeqKNxnfYfEd66R2gyNYr
0eVX39KjVtLsKPvAsVZxAdOb20ys+/Cyr+bR03KJ6vwI6EL8lVRqePwqeqJou7we
PQj373jdba89ua2fpJK5fnWDv+jCkiYSxE2dLus8I1bYYtBoq8RfoweShQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIRKgURmEkW08TF6mwEFPfY9SvXZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaEVxQlJHWVNSYlR4TVhxYkFRVTk5ajFLOWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYDKg6XwQgD
BgMqDpfHCAMGAyoQzEIYMA0GCSqGSIb3DQEBCwUAA4IBAQAql3vw4FOpHM/oT/AT
nwdNPH/w6xn2/xTrBcnsY+JZjIQv+I/7oXm+tfQbTYiW/K2mpyAMk27P7MGlxa8d
4zuEFhbVn8l0Ho/7dNK4QKk4IKR/Rsa5V0TxqfekRx7tQSXOJWE9HWTKjOlaOWql
Mzekit+ZZ1DM1VSdwAWcIXvWlCo+mvLRAp1NW0sefZkFH5RDaGAW+OItA2W8W8aN
Qrp4ddFNK53Gb+OS2IwSd47/xZLCgov93t5tGRw2kRFmUTONC/VuY5DZNlmfHiN7
ARPjnA+ibYmn7LQ2yipcMeji+Xk4oLbczMVFsLhrKbwqxx02YShKAESNOHdYZB0e
ZKSR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org