Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hbB74tAYkxT6xmB0o-BtNCr6Hac.roa
File: hbB74tAYkxT6xmB0o-BtNCr6Hac.roa (raw, json)
Hash identifier: rOuWhYm2ML8E69WKl0iZtwLoOAQofZssty6fT5/Q9dY=
Subject key identifier: 85:B0:7B:E2:D0:18:93:14:FA:C6:60:74:A3:E0:6D:34:2A:FA:1D:A7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184E761DF1215C0727C522035FEF3BCA51F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hbB74tAYkxT6xmB0o-BtNCr6Hac.roa
Signing time: Tue 06 Dec 2022 12:21:01 +0000
ROA not before: Tue 06 Dec 2022 12:21:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212173
IP address blocks: 2a0e:b107:1d40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:61:df:12:15:c0:72:7c:52:20:35:fe:f3:bc:a5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 6 12:21:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85b07be2d0189314fac66074a3e06d342afa1da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f8:7e:e6:e3:37:83:9a:56:41:7a:82:89:f0:
d1:13:c9:36:ac:10:3a:92:96:85:53:0c:fc:a8:e9:
1b:34:7c:0f:27:fb:d1:06:52:a7:47:6c:fc:b8:f1:
6f:74:2d:71:72:8f:f3:d0:60:60:99:d3:b5:eb:ae:
dc:7d:d9:73:18:92:de:86:d1:9d:bf:20:2d:ea:14:
7a:8f:0b:e8:8f:f4:41:2e:02:6a:3b:e2:66:22:67:
66:f1:65:99:19:09:a7:78:d5:7f:33:12:8b:bd:67:
e3:b5:3c:c3:26:cf:2f:61:44:7f:db:37:36:aa:73:
a5:c9:64:b5:f6:e3:3d:9b:73:cf:77:4c:06:90:8d:
6e:c2:c0:54:3a:af:fe:35:c2:04:91:5f:31:be:e1:
0c:22:03:de:cf:37:e1:dc:09:03:42:61:83:3d:4e:
37:4d:c5:4f:ad:ca:29:3b:aa:9f:79:21:57:e3:a7:
af:4c:06:24:e2:d9:d2:9f:3b:d1:d8:1b:7f:18:5f:
10:34:c7:45:44:35:bb:e3:09:ba:80:d4:ee:ef:d5:
98:94:42:6f:de:de:a1:c8:f9:82:a4:d6:4a:ff:f7:
fc:1b:5e:20:e7:c9:55:e9:54:6e:b6:76:f5:c0:07:
97:de:d8:21:c5:06:3b:cc:52:a1:b9:96:16:80:11:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B0:7B:E2:D0:18:93:14:FA:C6:60:74:A3:E0:6D:34:2A:FA:1D:A7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hbB74tAYkxT6xmB0o-BtNCr6Hac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d40::/48
Signature Algorithm: sha256WithRSAEncryption
49:0e:2d:81:ce:a2:20:af:7c:ef:45:cd:8d:a0:1c:d9:f9:37:
63:23:91:5d:a5:e3:ce:54:9c:e6:6c:c7:ea:c2:96:24:60:2d:
74:72:b1:49:05:70:b6:5a:43:b1:7e:4c:b0:25:8f:f6:a7:52:
2b:5c:a3:75:99:e7:d4:d6:59:23:50:fb:53:b4:5b:98:af:9c:
8e:7a:3c:fa:80:ec:02:99:db:ad:60:9f:9f:01:51:56:ca:71:
81:f3:23:ca:54:49:5a:e2:0c:cf:34:1f:9a:d1:c8:eb:e6:1a:
3b:ff:f3:31:43:d4:64:c2:64:5c:48:df:76:51:ca:83:82:42:
7e:81:73:98:fb:0f:e8:aa:53:f9:71:bd:86:db:21:07:2f:46:
fc:0a:55:24:e4:90:e9:21:9f:75:51:95:42:73:5f:32:fb:03:
0d:4f:68:05:c5:b7:4d:29:3b:d8:30:8e:c7:69:f5:f2:d0:26:
67:26:26:80:7b:60:5d:70:a0:a8:f1:e3:97:23:95:f4:2c:90:
6f:e5:0d:7e:e4:95:b6:d3:4f:e9:81:a5:f7:76:24:6f:68:cd:
7e:49:44:3e:4f:3e:b7:44:4e:1c:55:bd:f4:01:52:b4:b2:bd:
33:ed:dc:b9:77:ec:98:e5:2d:2a:29:90:38:e4:6e:05:dd:bf:
fd:63:da:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTnYd8SFcByfFIgNf7zvKUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA2MTIyMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWIwN2JlMmQwMTg5MzE0ZmFjNjYwNzRhM2UwNmQzNDJhZmExZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvh+5uM3g5pWQXqCifDRE8k2rBA6
kpaFUwz8qOkbNHwPJ/vRBlKnR2z8uPFvdC1xco/z0GBgmdO1667cfdlzGJLehtGd
vyAt6hR6jwvoj/RBLgJqO+JmImdm8WWZGQmneNV/MxKLvWfjtTzDJs8vYUR/2zc2
qnOlyWS19uM9m3PPd0wGkI1uwsBUOq/+NcIEkV8xvuEMIgPezzfh3AkDQmGDPU43
TcVPrcopO6qfeSFX46evTAYk4tnSnzvR2Bt/GF8QNMdFRDW74wm6gNTu79WYlEJv
3t6hyPmCpNZK//f8G14g58lV6VRutnb1wAeX3tghxQY7zFKhuZYWgBEyuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIWwe+LQGJMU+sZgdKPgbTQq+h2nMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGJCNzR0QVlreFQ2eG1CMG8tQnROQ3I2SGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx1A
MA0GCSqGSIb3DQEBCwUAA4IBAQBJDi2BzqIgr3zvRc2NoBzZ+TdjI5FdpePOVJzm
bMfqwpYkYC10crFJBXC2WkOxfkywJY/2p1IrXKN1mefU1lkjUPtTtFuYr5yOejz6
gOwCmdutYJ+fAVFWynGB8yPKVEla4gzPNB+a0cjr5ho7//MxQ9RkwmRcSN92UcqD
gkJ+gXOY+w/oqlP5cb2G2yEHL0b8ClUk5JDpIZ91UZVCc18y+wMNT2gFxbdNKTvY
MI7HafXy0CZnJiaAe2BdcKCo8eOXI5X0LJBv5Q1+5JW200/pgaX3diRvaM1+SUQ+
Tz63RE4cVb30AVK0sr0z7dy5d+yY5S0qKZA45G4F3b/9Y9oB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org