Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hIYPipDB3L56Hd0sk56jp5NtDsk.roa
File: hIYPipDB3L56Hd0sk56jp5NtDsk.roa (raw, json)
Hash identifier: CKJUtimyxac2DuDJAuzrKgWxc5IEmnXYx3pn631egAQ=
Subject key identifier: 84:86:0F:8A:90:C1:DC:BE:7A:1D:DD:2C:93:9E:A3:A7:93:6D:0E:C9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184EE2435233745FC78BA82DD5DB39D9C81
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hIYPipDB3L56Hd0sk56jp5NtDsk.roa
Signing time: Wed 07 Dec 2022 19:51:01 +0000
ROA not before: Wed 07 Dec 2022 19:51:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b70::/48 maxlen: 48
2a0e:97c1:100::/44 maxlen: 48
2a0e:97c0:b71::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ee:24:35:23:37:45:fc:78:ba:82:dd:5d:b3:9d:9c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 7 19:51:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84860f8a90c1dcbe7a1ddd2c939ea3a7936d0ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e3:8e:c1:df:e8:c5:ec:fc:5d:48:bf:7b:c6:
88:9b:48:1e:19:f5:b8:6c:5a:f4:71:08:f3:15:e1:
34:91:5e:36:b4:19:7a:7b:96:36:e2:25:bf:8b:ed:
cb:be:ed:b4:6e:b5:74:94:0c:af:a1:df:6c:87:0f:
18:8a:67:4a:48:85:c7:f3:5b:10:8a:7e:54:2c:3f:
d2:2b:74:09:86:26:31:63:64:76:5f:08:18:8d:a9:
24:25:66:d0:5a:a1:c0:30:9f:0f:2a:d5:de:53:c2:
5f:a9:ea:f4:d2:86:6c:b6:9a:85:68:7c:86:8e:1c:
9e:f8:0e:88:89:8f:08:dd:14:de:2f:d6:9a:7c:73:
02:7b:33:dd:66:d5:fc:4f:a3:17:1d:f6:13:bb:99:
af:88:a4:07:2c:a5:9d:ed:83:92:82:81:58:a3:37:
87:94:34:1e:97:d9:c3:9d:96:7f:62:8d:66:0f:f6:
f9:a6:7f:69:c3:2f:76:70:ca:db:d5:18:2e:18:86:
c4:2f:1c:82:8b:3a:ce:6b:b2:94:d8:9f:68:3e:e7:
f5:fa:09:1a:2e:c9:6d:ce:ba:57:e2:71:46:bf:15:
5f:92:24:54:18:f3:50:2d:1e:4e:50:12:1c:6b:d6:
5c:b0:c4:14:46:2a:b7:05:aa:1d:e4:ba:7a:72:d3:
38:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:86:0F:8A:90:C1:DC:BE:7A:1D:DD:2C:93:9E:A3:A7:93:6D:0E:C9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hIYPipDB3L56Hd0sk56jp5NtDsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/47
2a0e:97c1:100::/44
Signature Algorithm: sha256WithRSAEncryption
12:3e:51:dd:b1:76:75:46:bb:30:b8:bb:43:23:d3:f1:9f:01:
c7:10:e3:a2:70:fb:15:96:e3:1f:6d:7a:28:90:40:f6:8f:66:
ba:c1:d7:ab:92:48:a5:34:4d:07:12:6c:c5:19:d4:14:7b:42:
8f:84:cd:cf:4b:9f:4a:72:d8:73:9b:5e:ab:8d:4f:3b:47:65:
e8:6c:36:14:90:83:12:05:dc:b0:9f:ae:06:f7:06:f9:10:af:
28:78:1e:34:13:90:4f:4a:b8:bb:a4:7e:e9:02:e0:43:28:90:
b8:b2:67:8a:f1:fe:36:2d:98:24:0c:f2:4d:b6:7c:28:5d:ac:
71:83:dd:40:d3:8a:40:fe:a8:73:39:58:52:0d:de:16:56:04:
0e:0e:da:50:f5:73:e7:38:d8:2d:fd:36:64:ee:eb:21:fc:cd:
86:3d:84:fa:3b:c3:18:0e:6d:61:ba:66:97:86:21:6a:77:ae:
56:60:e4:e8:6f:8e:0e:4b:b9:67:64:d5:e4:94:6d:8a:b6:24:
1f:5f:76:86:89:94:2d:88:6f:9f:77:99:bf:a6:c4:62:37:c6:
f4:88:ea:b6:a6:cc:04:4e:ce:fb:55:38:a1:69:c3:c1:b0:89:
ba:73:c3:b6:67:62:47:43:b2:c4:ad:a5:b8:9f:b1:4b:4f:2c:
c9:30:96:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTuJDUjN0X8eLqC3V2znZyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA3MTk1MTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg2MGY4YTkwYzFkY2JlN2ExZGRkMmM5MzllYTNhNzkzNmQwZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleOOwd/oxez8XUi/e8aIm0geGfW4
bFr0cQjzFeE0kV42tBl6e5Y24iW/i+3Lvu20brV0lAyvod9shw8YimdKSIXH81sQ
in5ULD/SK3QJhiYxY2R2XwgYjakkJWbQWqHAMJ8PKtXeU8Jfqer00oZstpqFaHyG
jhye+A6IiY8I3RTeL9aafHMCezPdZtX8T6MXHfYTu5mviKQHLKWd7YOSgoFYozeH
lDQel9nDnZZ/Yo1mD/b5pn9pwy92cMrb1RguGIbELxyCizrOa7KU2J9oPuf1+gka
LsltzrpX4nFGvxVfkiRUGPNQLR5OUBIca9ZcsMQURiq3Baod5Lp6ctM4xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFISGD4qQwdy+eh3dLJOeo6eTbQ7JMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaElZUGlwREIzTDU2SGQwc2s1NmpwNU50RHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAtw
AwcEKg6XwQEAMA0GCSqGSIb3DQEBCwUAA4IBAQASPlHdsXZ1RrswuLtDI9PxnwHH
EOOicPsVluMfbXookED2j2a6wderkkilNE0HEmzFGdQUe0KPhM3PS59Kcthzm16r
jU87R2XobDYUkIMSBdywn64G9wb5EK8oeB40E5BPSri7pH7pAuBDKJC4smeK8f42
LZgkDPJNtnwoXaxxg91A04pA/qhzOVhSDd4WVgQODtpQ9XPnONgt/TZk7ush/M2G
PYT6O8MYDm1humaXhiFqd65WYOTob44OS7lnZNXklG2KtiQfX3aGiZQtiG+fd5m/
psRiN8b0iOq2pswETs77VTihacPBsIm6c8O2Z2JHQ7LEraW4n7FLTyzJMJYR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org