Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hrU8WXhQC9Gs3Gk3cpPJUnUhE2A.roa
File: hrU8WXhQC9Gs3Gk3cpPJUnUhE2A.roa (raw, json)
Hash identifier: yUB70c3S7zhIu7uJ1ocLtROPzRPSppGQoQJe2t2G2O4=
Subject key identifier: 86:B5:3C:59:78:50:0B:D1:AC:DC:69:37:72:93:C9:52:75:21:13:60
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01852A4A3EA6A9FE4ADCCD8370BCEF1F8457
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hrU8WXhQC9Gs3Gk3cpPJUnUhE2A.roa
Signing time: Mon 19 Dec 2022 12:09:46 +0000
ROA not before: Mon 19 Dec 2022 12:09:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211665
IP address blocks: 2a0e:b107:13b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:4a:3e:a6:a9:fe:4a:dc:cd:83:70:bc:ef:1f:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 19 12:09:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86b53c5978500bd1acdc69377293c95275211360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:14:26:3a:38:65:1a:cc:ac:ae:f3:f7:e2:e3:
28:f4:ff:29:8b:26:67:5c:01:68:63:c8:8d:f5:ea:
44:04:c2:7d:44:44:9f:92:ef:e6:3a:0c:36:41:bc:
76:ca:7a:ed:25:38:af:58:b3:aa:0e:bc:37:99:f4:
0f:4f:70:85:dc:1d:7a:72:dc:ef:cc:e8:57:18:13:
55:3c:3b:77:45:d5:3e:1d:69:2d:9e:0e:2d:ef:68:
f0:3d:59:97:69:4f:ae:5b:96:ec:0d:24:6f:dc:52:
73:10:f3:0b:71:5f:f0:b7:ca:0f:ef:c2:8f:6b:9e:
06:bc:b9:cb:a3:72:96:68:31:ec:35:b8:47:2a:7d:
23:fd:26:a1:50:12:f5:97:eb:71:07:08:2c:d8:8f:
2b:54:db:f9:b2:b9:c4:c3:3a:f6:2f:e7:d9:95:69:
9d:f3:40:ee:cb:66:82:fb:ec:34:8a:35:37:be:d5:
eb:25:3c:d6:f9:09:f1:81:fb:3e:05:81:9d:e1:74:
66:d2:5c:49:1d:c8:e2:a9:04:11:2c:a7:d5:0a:cc:
ed:8b:77:f2:3b:57:b1:3a:57:da:0b:dd:1a:3b:1f:
55:39:1e:fa:dc:54:39:6a:d7:b4:2c:af:2e:af:8b:
b1:91:2d:61:d3:f5:29:2b:d1:15:e3:51:fe:71:02:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B5:3C:59:78:50:0B:D1:AC:DC:69:37:72:93:C9:52:75:21:13:60
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hrU8WXhQC9Gs3Gk3cpPJUnUhE2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:13b::/48
Signature Algorithm: sha256WithRSAEncryption
5f:cd:f9:e8:c9:3c:f2:d6:2f:fb:1f:65:9c:4f:7c:5d:69:f3:
11:b4:55:8e:8f:ab:b5:c5:d3:08:16:ad:6b:18:11:77:fc:a2:
82:18:6f:a1:a0:8a:5c:02:f6:32:01:96:51:77:b5:94:21:42:
ba:e1:36:09:b7:12:1d:29:f5:68:a5:f3:f7:90:c8:f4:23:ee:
27:54:39:c0:8c:91:57:b7:6e:c8:17:1d:19:b1:4f:37:c0:b3:
b6:43:7d:60:27:f3:12:a3:e1:05:5f:2a:69:48:65:6e:77:b3:
8c:26:69:76:6a:e1:f4:e3:59:05:52:7d:d2:4e:3a:bb:96:a8:
ec:4d:aa:9e:ed:ef:39:4f:76:45:43:9a:bd:b0:8e:8a:54:7c:
2b:bf:e4:17:01:25:25:4c:59:7c:01:42:57:c3:60:67:c5:8f:
a5:88:56:78:92:4c:ee:8f:85:c1:4e:d1:d0:eb:41:f1:55:9d:
15:d4:84:a4:f0:cc:0b:dd:2c:6d:04:19:94:98:0f:f2:db:5d:
9c:b2:8a:8f:4c:06:f5:1c:cd:45:75:30:01:f5:92:85:be:d5:
26:77:34:c7:90:e0:5a:bc:36:b9:cb:ee:69:bf:82:54:48:ec:
ef:38:d2:c2:16:35:96:c9:bb:15:10:22:9d:8d:81:b0:d5:be:
6a:9e:53:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUqSj6mqf5K3M2DcLzvH4RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjE5MTIwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI1M2M1OTc4NTAwYmQxYWNkYzY5Mzc3MjkzYzk1Mjc1MjExMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphQmOjhlGsysrvP34uMo9P8piyZn
XAFoY8iN9epEBMJ9RESfku/mOgw2Qbx2ynrtJTivWLOqDrw3mfQPT3CF3B16ctzv
zOhXGBNVPDt3RdU+HWktng4t72jwPVmXaU+uW5bsDSRv3FJzEPMLcV/wt8oP78KP
a54GvLnLo3KWaDHsNbhHKn0j/SahUBL1l+txBwgs2I8rVNv5srnEwzr2L+fZlWmd
80Duy2aC++w0ijU3vtXrJTzW+Qnxgfs+BYGd4XRm0lxJHcjiqQQRLKfVCszti3fy
O1exOlfaC90aOx9VOR763FQ5ate0LK8ur4uxkS1h0/UpK9EV41H+cQKYQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIa1PFl4UAvRrNxpN3KTyVJ1IRNgMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaHJVOFdYaFFDOUdzM0drM2NwUEpVblVoRTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwE7
MA0GCSqGSIb3DQEBCwUAA4IBAQBfzfnoyTzy1i/7H2WcT3xdafMRtFWOj6u1xdMI
Fq1rGBF3/KKCGG+hoIpcAvYyAZZRd7WUIUK64TYJtxIdKfVopfP3kMj0I+4nVDnA
jJFXt27IFx0ZsU83wLO2Q31gJ/MSo+EFXyppSGVud7OMJml2auH041kFUn3STjq7
lqjsTaqe7e85T3ZFQ5q9sI6KVHwrv+QXASUlTFl8AUJXw2BnxY+liFZ4kkzuj4XB
TtHQ60HxVZ0V1ISk8MwL3SxtBBmUmA/y212csoqPTAb1HM1FdTAB9ZKFvtUmdzTH
kOBavDa5y+5pv4JUSOzvONLCFjWWybsVECKdjYGw1b5qnlOZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org