Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRQ9JKETg6Q6PI0CrCkqEghHGYQ.roa
File: hRQ9JKETg6Q6PI0CrCkqEghHGYQ.roa (raw, json)
Hash identifier: xHkUzrIybICeZ5KO5j62O+UMk1oPjuftOdh4oTnjbRo=
Subject key identifier: 85:14:3D:24:A1:13:83:A4:3A:3C:8D:02:AC:29:2A:12:08:47:19:84
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01842A2F93957524506515592CA6B9F9FC08
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRQ9JKETg6Q6PI0CrCkqEghHGYQ.roa
Signing time: Sun 30 Oct 2022 18:37:51 +0000
ROA not before: Sun 30 Oct 2022 18:37:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:b107:1a20::/48 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2a:2f:93:95:75:24:50:65:15:59:2c:a6:b9:f9:fc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 30 18:37:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85143d24a11383a43a3c8d02ac292a1208471984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:46:37:0f:8e:c6:e8:73:89:4d:74:e4:62:5d:
45:1f:d7:5c:04:e6:ca:41:fd:66:78:af:ae:64:cd:
76:3e:53:62:a1:8d:3f:c1:c5:27:0c:5f:3a:2c:01:
9e:59:be:9b:9b:17:e7:e5:cf:19:58:df:4e:4b:fb:
72:17:96:f5:d9:2a:cf:5b:51:75:47:5a:a0:87:14:
41:12:bc:ea:da:8e:01:51:ed:b8:e7:24:fd:1b:3d:
4a:f0:bd:b3:8b:25:7b:87:b7:75:35:2d:e2:1c:c1:
a9:c8:3d:1d:04:76:b0:fd:9e:39:3f:27:bb:40:77:
1a:38:5a:17:27:0e:6f:0f:4c:50:7e:1e:09:1a:59:
6b:eb:e4:81:7c:9b:ac:d4:27:12:02:e5:df:f0:c9:
5c:ab:cb:30:ba:9a:ff:b8:57:77:cb:c0:22:18:96:
c8:3b:7a:d7:d5:d4:10:a0:af:5d:a0:ee:cb:c1:a5:
26:70:4d:22:b7:46:54:8c:3d:42:3d:25:61:0e:05:
47:43:40:84:7e:b6:af:2b:d3:67:5a:b7:a8:5b:c7:
02:19:08:57:6f:b7:80:64:22:08:e2:52:d7:0e:fc:
ce:62:ed:5e:19:68:1d:5a:95:7a:b3:ca:a7:b5:f6:
29:ba:69:00:b0:ae:83:3f:9b:ac:83:a5:35:27:dd:
91:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:14:3D:24:A1:13:83:A4:3A:3C:8D:02:AC:29:2A:12:08:47:19:84
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hRQ9JKETg6Q6PI0CrCkqEghHGYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a20::/48
2a10:2f00:187::/48
Signature Algorithm: sha256WithRSAEncryption
5f:68:e4:b1:8a:e6:76:98:cc:39:b1:c0:f6:22:f5:1b:01:bc:
0f:61:dd:6f:50:b8:3a:23:55:d2:01:15:4d:53:7a:e5:a6:47:
04:a2:0d:b5:d6:11:0a:6a:32:a4:39:82:d9:26:4d:51:76:a7:
6c:3f:ae:83:1c:5d:30:ab:fd:f4:a8:9f:59:b8:84:d2:d8:6a:
6e:d1:70:0e:73:ca:db:58:c4:04:19:99:ba:49:41:3d:51:f2:
7c:19:ad:02:84:b1:47:72:38:d0:af:ed:32:63:d9:88:6d:6b:
4c:fb:4e:54:41:ad:a5:85:3a:ea:44:62:51:04:5f:5a:2c:1c:
37:6f:64:2c:23:a0:f6:35:3c:5d:eb:6b:b6:c9:e3:a7:bb:1d:
b3:31:5e:0c:98:46:d8:aa:af:af:3f:3e:6e:41:6e:b6:8f:86:
2f:9b:ca:7b:bd:fe:1d:94:21:8e:10:9a:44:bb:bd:73:14:8c:
fa:53:44:7b:ab:04:cd:0f:c8:f5:cd:8e:56:4c:8c:08:26:22:
3c:7f:1b:1a:c0:b3:ca:70:49:a2:bf:50:52:5f:81:6a:0b:1b:
f7:17:b4:23:87:9c:ca:cd:7b:94:8e:9e:79:a2:9b:de:67:92:
06:ca:46:f6:55:20:83:14:a7:34:ab:d7:d6:e2:17:e1:88:7a:
1c:3d:ce:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQqL5OVdSRQZRVZLKa5+fwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDMwMTgzNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE0M2QyNGExMTM4M2E0M2EzYzhkMDJhYzI5MmExMjA4NDcxOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Y3D47G6HOJTXTkYl1FH9dcBObK
Qf1meK+uZM12PlNioY0/wcUnDF86LAGeWb6bmxfn5c8ZWN9OS/tyF5b12SrPW1F1
R1qghxRBErzq2o4BUe245yT9Gz1K8L2ziyV7h7d1NS3iHMGpyD0dBHaw/Z45Pye7
QHcaOFoXJw5vD0xQfh4JGllr6+SBfJus1CcSAuXf8Mlcq8swupr/uFd3y8AiGJbI
O3rX1dQQoK9doO7LwaUmcE0it0ZUjD1CPSVhDgVHQ0CEfravK9NnWreoW8cCGQhX
b7eAZCII4lLXDvzOYu1eGWgdWpV6s8qntfYpumkAsK6DP5usg6U1J92RDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIUUPSShE4OkOjyNAqwpKhIIRxmEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFJROUpLRVRnNlE2UEkwQ3JDa3FFZ2hIR1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxog
AwcAKhAvAAGHMA0GCSqGSIb3DQEBCwUAA4IBAQBfaOSxiuZ2mMw5scD2IvUbAbwP
Yd1vULg6I1XSARVNU3rlpkcEog211hEKajKkOYLZJk1RdqdsP66DHF0wq/30qJ9Z
uITS2Gpu0XAOc8rbWMQEGZm6SUE9UfJ8Ga0ChLFHcjjQr+0yY9mIbWtM+05UQa2l
hTrqRGJRBF9aLBw3b2QsI6D2NTxd62u2yeOnux2zMV4MmEbYqq+vPz5uQW62j4Yv
m8p7vf4dlCGOEJpEu71zFIz6U0R7qwTND8j1zY5WTIwIJiI8fxsawLPKcEmiv1BS
X4FqCxv3F7Qjh5zKzXuUjp55opveZ5IGykb2VSCDFKc0q9fW4hfhiHocPc5W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org