Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmFQh52sPELxBjEieE3IdFLaK2c.roa
File: hmFQh52sPELxBjEieE3IdFLaK2c.roa (raw, json)
Hash identifier: d3kbM+wqhBa9Bw+tn4mulh2+fQAlfPgMT2vc0PoC3mU=
Subject key identifier: 86:61:50:87:9D:AC:3C:42:F1:06:31:22:78:4D:C8:74:52:DA:2B:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11E88C43
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmFQh52sPELxBjEieE3IdFLaK2c.roa
Signing time: Thu 10 Feb 2022 17:47:56 +0000
ROA not before: Thu 10 Feb 2022 17:47:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208690
IP address blocks: 2a0e:97c0:6d0::/44 maxlen: 48
2a0e:97c0:6d1::/48 maxlen: 48
2a0e:97c0:6d2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300452931 (0x11e88c43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 10 17:47:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=866150879dac3c42f1063122784dc87452da2b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:4b:df:ed:3b:9c:cb:5a:6d:d6:b3:4d:40:
3e:d1:1a:77:c9:07:b5:10:a4:43:b7:d3:69:52:3f:
7e:71:70:de:66:40:d6:bf:e1:00:91:a5:39:35:62:
03:ab:f1:ea:d2:df:8a:d3:c5:e1:ef:39:ed:39:de:
78:71:5e:66:0e:51:f1:40:24:f4:43:e1:c8:a7:de:
b2:09:e0:a5:e7:01:09:95:45:ff:78:fd:55:96:28:
cc:a6:81:9c:1e:56:f3:aa:cb:ed:4c:16:b8:de:cc:
de:e6:7f:b2:9e:d3:15:17:73:a2:41:86:7b:92:e3:
ae:b4:b2:11:26:45:a7:e0:83:dc:3e:94:74:2d:65:
2b:f7:6d:21:d3:66:c0:a3:ae:fb:fc:90:64:25:6f:
13:f9:77:4c:94:9e:be:be:b7:9b:88:c4:56:13:41:
10:8f:d9:fb:a5:01:ed:89:f7:af:37:f8:44:15:67:
f1:f2:2f:28:0c:44:7c:64:f2:a0:82:b5:f4:71:6d:
55:a2:0c:ab:2d:39:c2:bd:49:b9:05:ef:81:03:31:
d0:33:c4:94:1e:0c:c0:02:77:bc:3b:55:40:11:5a:
d0:89:3a:b8:ae:3c:d9:62:bc:d2:7c:26:a7:13:76:
d4:6f:05:9d:1f:c0:73:7a:b9:d5:77:44:59:5d:bf:
d6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:50:87:9D:AC:3C:42:F1:06:31:22:78:4D:C8:74:52:DA:2B:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmFQh52sPELxBjEieE3IdFLaK2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6d0::/44
Signature Algorithm: sha256WithRSAEncryption
16:e3:dd:2c:fc:44:77:24:59:f8:af:2d:95:3d:6c:51:be:4f:
ce:d5:d5:70:0e:14:ad:3c:6b:21:d9:10:6c:e6:9f:1b:9f:cc:
fe:af:48:22:6a:1f:c2:64:7d:c2:1e:56:cd:a2:b2:ac:79:c5:
9e:d6:27:63:00:5e:6d:e3:30:e6:49:f3:33:3f:38:58:ea:5f:
d2:a9:72:47:00:f1:79:9e:14:d1:fd:fb:80:42:52:b7:ff:10:
6f:24:dd:4b:09:ee:0a:18:28:42:60:de:0f:ac:35:99:99:9f:
e2:30:e5:8f:7b:6d:3e:52:c9:74:b6:f0:31:bf:14:12:68:7b:
de:20:80:8d:d1:86:3c:09:e9:5e:eb:ee:3f:3f:3f:1d:98:bb:
4c:d0:56:be:41:ec:be:94:ae:7e:43:63:f5:ab:b9:9d:20:b0:
34:e9:96:3d:17:8e:39:53:da:46:68:16:dc:15:a3:0c:fa:c6:
56:13:38:4f:19:1f:72:c3:ba:b3:c5:ad:21:1a:9c:b9:45:d2:
b3:8f:8a:ca:a8:8b:1a:3a:d7:c7:9b:70:0e:1b:50:61:4e:e9:
cc:ef:6e:2a:20:34:78:80:c7:9e:7a:dc:be:7f:c7:4e:53:16:
c9:58:50:b0:0d:8e:e7:0a:62:f7:3c:d9:c0:fb:63:9b:fe:37:
ca:cc:99:7d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEeiMQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MDE3NDc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY2MTUwODc5ZGFj
M2M0MmYxMDYzMTIyNzg0ZGM4NzQ1MmRhMmI2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpyS9/tO5zLWm3Ws01APtEad8kHtRCkQ7fTaVI/fnFw3mZA
1r/hAJGlOTViA6vx6tLfitPF4e857TneeHFeZg5R8UAk9EPhyKfesgngpecBCZVF
/3j9VZYozKaBnB5W86rL7UwWuN7M3uZ/sp7TFRdzokGGe5LjrrSyESZFp+CD3D6U
dC1lK/dtIdNmwKOu+/yQZCVvE/l3TJSevr63m4jEVhNBEI/Z+6UB7Yn3rzf4RBVn
8fIvKAxEfGTyoIK19HFtVaIMqy05wr1JuQXvgQMx0DPElB4MwAJ3vDtVQBFa0Ik6
uK482WK80nwmpxN21G8FnR/Ac3q51XdEWV2/1oMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSGYVCHnaw8QvEGMSJ4Tch0UtorZzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2htRlFoNTJzUEVMeEJqRWllRTNJZEZMYUsyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AG0DANBgkqhkiG9w0BAQsF
AAOCAQEAFuPdLPxEdyRZ+K8tlT1sUb5PztXVcA4UrTxrIdkQbOafG5/M/q9IImof
wmR9wh5WzaKyrHnFntYnYwBebeMw5knzMz84WOpf0qlyRwDxeZ4U0f37gEJSt/8Q
byTdSwnuChgoQmDeD6w1mZmf4jDlj3ttPlLJdLbwMb8UEmh73iCAjdGGPAnpXuvu
Pz8/HZi7TNBWvkHsvpSufkNj9au5nSCwNOmWPReOOVPaRmgW3BWjDPrGVhM4Txkf
csO6s8WtIRqcuUXSs4+KyqiLGjrXx5twDhtQYU7pzO9uKiA0eIDHnnrcvn/HTlMW
yVhQsA2O5wpi9zzZwPtjm/43ysyZfQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org