Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/huYi9ws99eItcMhupgtXRWIPTeA.roa
File: huYi9ws99eItcMhupgtXRWIPTeA.roa (raw, json)
Hash identifier: 6nL3w4wzcCubFP47UJiELjan0qZFz/LcQTxYOd8ft1c=
Subject key identifier: 86:E6:22:F7:0B:3D:F5:E2:2D:70:C8:6E:A6:0B:57:45:62:0F:4D:E0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183B88058317A2964EEECD75840778374C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/huYi9ws99eItcMhupgtXRWIPTeA.roa
Signing time: Sat 08 Oct 2022 16:49:22 +0000
ROA not before: Sat 08 Oct 2022 16:49:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211946
IP address blocks: 2a0e:97c0:145::/48 maxlen: 48
2a0e:b107:1c32::/48 maxlen: 48
2a0e:97c0:143::/48 maxlen: 48
2a0e:97c0:141::/48 maxlen: 48
2a0e:b107:1c31::/48 maxlen: 48
2a0e:97c0:144::/48 maxlen: 48
2a0e:97c0:142::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b8:80:58:31:7a:29:64:ee:ec:d7:58:40:77:83:74:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 8 16:49:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86e622f70b3df5e22d70c86ea60b5745620f4de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4a:5d:b1:3d:12:88:67:52:bb:bc:be:fa:f7:
a1:64:6d:35:4f:1a:91:db:3a:04:6e:02:42:b1:c1:
fd:49:a5:54:0a:1e:fe:7a:ab:22:ef:4b:e6:1e:22:
dc:f7:ab:74:b6:41:54:05:2d:db:e5:6f:67:58:9c:
48:a0:d6:38:6f:00:9e:eb:c1:81:f2:f4:2a:23:47:
19:bd:c6:2f:6b:16:4e:df:79:a6:c5:85:0d:53:05:
31:96:10:0c:48:20:44:b7:d9:14:b7:99:9b:8e:4e:
c3:62:38:31:9b:b7:81:85:cd:4e:85:08:df:1f:85:
3f:99:12:37:b4:96:40:7d:9c:55:fb:05:cd:6c:ab:
ba:2c:74:fb:45:29:c7:97:22:ce:ee:4f:8a:74:26:
e5:87:12:49:22:bf:e2:9e:b6:21:45:6b:12:54:a7:
e6:53:93:cf:be:dd:e7:eb:ce:aa:46:67:e2:8c:a6:
54:ae:28:be:8e:9f:d9:3f:17:60:ba:1b:ad:d4:5e:
8a:c9:7b:61:fd:d3:28:d4:5e:89:ef:d3:ef:1d:1a:
5f:99:d6:00:b9:5b:e6:50:6c:d9:1e:93:4e:90:58:
75:9c:fd:9c:74:f8:81:39:24:bd:14:21:40:16:0e:
11:46:39:c7:7a:56:e3:d8:fc:86:fd:b7:5d:94:fc:
40:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E6:22:F7:0B:3D:F5:E2:2D:70:C8:6E:A6:0B:57:45:62:0F:4D:E0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/huYi9ws99eItcMhupgtXRWIPTeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:141::-2a0e:97c0:145:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1c31::-2a0e:b107:1c32:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:d3:8d:e2:55:f1:66:f6:19:97:e2:a4:dd:95:7b:ed:bb:16:
83:f7:f5:f0:9c:8f:18:8d:7e:e6:46:8a:9d:49:da:13:f4:8c:
4a:3c:b2:76:23:1d:b0:16:24:5b:f2:f1:e9:34:8e:2c:da:19:
0c:57:ca:31:2d:05:14:a8:3e:50:06:42:f3:b1:42:06:cf:ea:
1f:cd:db:31:9a:f5:a3:84:c6:06:19:3e:92:6f:f8:e4:00:d3:
23:36:09:e5:cd:6c:2e:9a:0a:f1:0d:50:f6:8e:77:58:bb:48:
98:5e:62:74:bd:a6:e2:bb:ac:f6:24:a5:1e:c2:68:b3:53:03:
56:82:b5:54:b4:77:5c:ec:1e:1f:02:b0:4c:34:20:b4:77:9f:
5b:b8:cf:63:88:d1:24:ff:fe:9a:00:9f:63:13:97:49:fe:ec:
77:0f:18:5c:ea:6d:8d:bd:d9:95:00:79:17:50:88:71:df:50:
89:07:1f:1b:91:dc:43:17:b9:a3:ec:ee:d2:97:d2:d2:ea:14:
67:0b:14:31:1b:67:31:73:f0:18:36:38:ea:f0:14:a5:65:61:
fc:46:3c:d0:c3:ad:0f:e2:3c:ec:cb:b8:e5:6b:67:11:a2:6e:
80:5d:37:dc:26:71:c0:9e:ec:5d:b8:85:7d:6a:4b:1c:7f:a0:
41:fa:44:6a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYO4gFgxeilk7uzXWEB3g3TAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDA4MTY0OTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU2MjJmNzBiM2RmNWUyMmQ3MGM4NmVhNjBiNTc0NTYyMGY0ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEpdsT0SiGdSu7y++vehZG01TxqR
2zoEbgJCscH9SaVUCh7+eqsi70vmHiLc96t0tkFUBS3b5W9nWJxIoNY4bwCe68GB
8vQqI0cZvcYvaxZO33mmxYUNUwUxlhAMSCBEt9kUt5mbjk7DYjgxm7eBhc1OhQjf
H4U/mRI3tJZAfZxV+wXNbKu6LHT7RSnHlyLO7k+KdCblhxJJIr/inrYhRWsSVKfm
U5PPvt3n686qRmfijKZUrii+jp/ZPxdguhut1F6KyXth/dMo1F6J79PvHRpfmdYA
uVvmUGzZHpNOkFh1nP2cdPiBOSS9FCFAFg4RRjnHelbj2PyG/bddlPxA3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIbmIvcLPfXiLXDIbqYLV0ViD03gMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaHVZaTl3czk5ZUl0Y01odXBndFhSV0lQVGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwAqDpfA
AUEDBwEqDpfAAUQwEgMHACoOsQccMQMHACoOsQccMjANBgkqhkiG9w0BAQsFAAOC
AQEATNON4lXxZvYZl+Kk3ZV77bsWg/f18JyPGI1+5kaKnUnaE/SMSjyydiMdsBYk
W/Lx6TSOLNoZDFfKMS0FFKg+UAZC87FCBs/qH83bMZr1o4TGBhk+km/45ADTIzYJ
5c1sLpoK8Q1Q9o53WLtImF5idL2m4rus9iSlHsJos1MDVoK1VLR3XOweHwKwTDQg
tHefW7jPY4jRJP/+mgCfYxOXSf7sdw8YXOptjb3ZlQB5F1CIcd9QiQcfG5HcQxe5
o+zu0pfS0uoUZwsUMRtnMXPwGDY46vAUpWVh/EY80MOtD+I87Mu45WtnEaJugF03
3CZxwJ7sXbiFfWpLHH+gQfpEag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org