Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUaQA7xqjZlPsGlXx5xKEWQckCQ.roa
File: hUaQA7xqjZlPsGlXx5xKEWQckCQ.roa (raw, json)
Hash identifier: /90ghMjYWJAl68CKbtanoZRyl+6CqWUOD+W+r4NvxDo=
Subject key identifier: 85:46:90:03:BC:6A:8D:99:4F:B0:69:57:C7:9C:4A:11:64:1C:90:24
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13148AD2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUaQA7xqjZlPsGlXx5xKEWQckCQ.roa
Signing time: Wed 23 Mar 2022 05:48:15 +0000
ROA not before: Wed 23 Mar 2022 05:48:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210013
IP address blocks: 2a0e:97c0:6cd::/48 maxlen: 48
2a0e:97c0:6c8::/48 maxlen: 48
2a0e:97c0:6c3::/48 maxlen: 48
2a0e:97c0:6ce::/48 maxlen: 48
2a0e:97c0:6c1::/48 maxlen: 48
2a0e:97c0:6cc::/48 maxlen: 48
2a0e:97c0:6c7::/48 maxlen: 48
2a0e:97c0:6c2::/48 maxlen: 48
2a0e:97c0:6c5::/48 maxlen: 48
2a0e:97c0:6cb::/48 maxlen: 48
2a0e:97c0:6c6::/48 maxlen: 48
2a0e:97c0:6c9::/48 maxlen: 48
2a0e:97c0:6c4::/48 maxlen: 48
2a0e:97c0:6cf::/48 maxlen: 48
2a0e:97c0:6ca::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320113362 (0x13148ad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 23 05:48:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85469003bc6a8d994fb06957c79c4a11641c9024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:f9:48:0d:bf:21:87:90:a8:0f:e7:9d:31:
3b:96:62:eb:6c:f1:8a:70:75:de:67:d4:0f:56:6b:
e5:7d:aa:43:de:a6:c3:ae:5c:fc:1f:36:2d:9d:de:
88:56:5b:42:cc:f0:da:e3:34:58:28:76:6d:8c:94:
81:3e:cc:c3:2e:32:f3:41:86:70:b7:14:9f:1e:5d:
4c:a5:cb:7d:68:c5:c0:18:eb:fc:e7:97:1e:ea:92:
21:7b:26:80:0c:fd:49:45:0e:4a:3a:63:11:95:b2:
f0:d8:6a:ed:f8:23:73:6f:a1:f9:e1:f4:f3:e7:27:
2b:b1:68:1a:fe:13:92:05:a5:6c:ef:7c:75:21:66:
09:d1:da:ef:b1:ec:a2:68:4f:0b:a2:ce:fd:02:44:
c3:55:cb:61:16:5d:96:b0:43:2f:91:8b:b7:f6:8a:
fe:3e:f1:f4:8d:11:69:22:56:10:cc:34:75:e4:b2:
62:6e:df:70:b8:e2:8c:d7:9a:cd:b6:c7:bf:5d:48:
e3:d1:22:67:8f:be:a3:1b:d2:78:ab:d7:37:f2:4d:
7f:e7:27:e2:3c:01:12:d1:04:26:86:cb:bb:c9:e2:
15:c1:9f:f4:94:9c:f1:c1:46:84:c9:f6:41:3c:97:
a1:47:00:eb:f3:8d:36:fd:ae:75:24:13:76:b2:56:
12:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:46:90:03:BC:6A:8D:99:4F:B0:69:57:C7:9C:4A:11:64:1C:90:24
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUaQA7xqjZlPsGlXx5xKEWQckCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6c1::-2a0e:97c0:6cf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:3b:63:1a:e5:7b:eb:9d:ec:f0:ee:57:65:e2:77:ed:3d:68:
7d:19:79:70:cd:b4:b7:9a:f5:b8:e8:af:c8:b0:74:31:33:96:
b3:4a:75:a4:25:42:72:0f:5d:be:fc:14:f9:de:15:31:54:62:
be:34:2c:0b:87:da:5b:d6:49:00:9d:da:7e:78:db:93:8b:dd:
8b:02:f4:88:1c:36:5f:c2:0f:4f:50:64:37:99:b8:df:24:c3:
ae:91:25:fe:61:70:1e:11:ea:92:ed:15:b6:4c:86:46:b5:a5:
db:4f:26:c7:ba:4f:60:e1:64:33:15:0c:fe:c6:80:5c:01:a5:
13:4d:5c:36:af:da:2c:b4:69:e0:e5:db:45:bc:7b:86:1b:dc:
5c:5d:b9:38:25:42:d8:86:a2:d7:1a:34:b3:d7:23:e1:cd:6b:
6c:61:34:23:83:45:6e:7e:46:49:5f:b3:fc:9b:63:05:51:c4:
f6:9d:84:1d:8f:44:35:54:98:24:cc:69:37:f6:2d:dd:95:e6:
65:73:ff:45:29:49:16:9c:98:6d:c9:95:ad:ef:03:74:4c:db:
d4:af:9f:d9:9f:5d:36:18:a1:f5:23:70:42:36:06:58:19:14:
25:42:2d:dd:f5:5a:e6:80:d2:ae:41:66:53:5d:60:cb:41:bf:
1c:44:12:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEExSK0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
MzA1NDgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU0NjkwMDNiYzZh
OGQ5OTRmYjA2OTU3Yzc5YzRhMTE2NDFjOTAyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0F+UgNvyGHkKgP550xO5Zi62zxinB13mfUD1Zr5X2qQ96m
w65c/B82LZ3eiFZbQszw2uM0WCh2bYyUgT7Mwy4y80GGcLcUnx5dTKXLfWjFwBjr
/OeXHuqSIXsmgAz9SUUOSjpjEZWy8Nhq7fgjc2+h+eH08+cnK7FoGv4TkgWlbO98
dSFmCdHa77HsomhPC6LO/QJEw1XLYRZdlrBDL5GLt/aK/j7x9I0RaSJWEMw0deSy
Ym7fcLjijNeazbbHv11I49EiZ4++oxvSeKvXN/JNf+cn4jwBEtEEJobLu8niFcGf
9JSc8cFGhMn2QTyXoUcA6/ONNv2udSQTdrJWErsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSFRpADvGqNmU+waVfHnEoRZByQJDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2hVYVFBN3hxalpsUHNHbFh4NXhLRVdRY2tDUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcAKg6XwAbBAwcEKg6XwAbAMA0G
CSqGSIb3DQEBCwUAA4IBAQBpO2Ma5Xvrnezw7ldl4nftPWh9GXlwzbS3mvW46K/I
sHQxM5azSnWkJUJyD12+/BT53hUxVGK+NCwLh9pb1kkAndp+eNuTi92LAvSIHDZf
wg9PUGQ3mbjfJMOukSX+YXAeEeqS7RW2TIZGtaXbTybHuk9g4WQzFQz+xoBcAaUT
TVw2r9ostGng5dtFvHuGG9xcXbk4JULYhqLXGjSz1yPhzWtsYTQjg0VufkZJX7P8
m2MFUcT2nYQdj0Q1VJgkzGk39i3dleZlc/9FKUkWnJhtyZWt7wN0TNvUr5/Zn102
GKH1I3BCNgZYGRQlQi3d9VrmgNKuQWZTXWDLQb8cRBL7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org