Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i5tYcS6t2W7PqzCGZARHqx5zwnM.roa
File: i5tYcS6t2W7PqzCGZARHqx5zwnM.roa (raw, json)
Hash identifier: bpMVbRrP46PTbNGdWfuBailHMtU5MI/nOFWwpIFszGQ=
Subject key identifier: 8B:9B:58:71:2E:AD:D9:6E:CF:AB:30:86:64:04:47:AB:1E:73:C2:73
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13F44768
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i5tYcS6t2W7PqzCGZARHqx5zwnM.roa
Signing time: Fri 22 Apr 2022 11:45:40 +0000
ROA not before: Fri 22 Apr 2022 11:45:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205740
IP address blocks: 2a0e:97c0:a60::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334776168 (0x13f44768)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 22 11:45:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b9b58712eadd96ecfab3086640447ab1e73c273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a1:c5:19:75:f8:29:55:36:f5:ab:15:39:db:
b9:dd:20:c9:1e:3b:d3:0e:56:12:1a:f8:af:54:20:
3d:81:bd:2b:c7:50:8c:71:f8:23:25:a1:78:a0:57:
73:e6:2c:b5:e5:7d:ee:1c:9f:32:1c:9f:12:13:e2:
fd:4c:d7:c0:37:8b:79:ef:d3:73:f4:17:a5:cd:1f:
3d:3c:58:3a:23:3f:72:09:92:8b:40:d1:3f:ba:8e:
06:1d:ae:8c:de:c1:1d:49:8c:04:48:17:55:cb:bb:
4f:05:00:1b:8a:0d:03:d4:d5:0d:d5:ac:92:71:3c:
4a:35:92:09:1f:2e:3b:26:f6:cb:8b:71:20:bd:ca:
74:65:ce:a5:a3:5f:5a:78:9b:38:57:d8:d2:cc:34:
cb:2d:2c:fd:8a:b9:e2:31:fa:31:d8:4d:39:c9:f6:
f9:31:0f:76:a5:c0:a1:8e:f6:be:67:ae:f1:91:97:
20:3b:25:b3:dd:01:49:f0:12:e4:d9:47:b9:cc:cb:
7d:f1:e8:3f:fa:b7:e7:88:0d:bc:62:e9:62:7f:73:
e5:b4:f1:9f:9e:62:b0:53:62:e6:b3:fc:5d:32:79:
a1:db:d9:14:c2:3c:a7:cc:ef:ce:8d:e4:d7:2e:d5:
da:ca:8e:9d:39:89:0f:f6:c3:14:70:c0:dd:7b:2a:
c6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9B:58:71:2E:AD:D9:6E:CF:AB:30:86:64:04:47:AB:1E:73:C2:73
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i5tYcS6t2W7PqzCGZARHqx5zwnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a60::/44
Signature Algorithm: sha256WithRSAEncryption
b1:f4:cf:f7:32:0e:99:ce:32:cf:ee:7e:72:3d:31:75:6a:1d:
1a:5e:c0:a9:87:e3:59:77:d6:2d:a7:88:dc:1f:f5:a5:36:26:
38:10:75:ac:33:c9:54:c9:cd:24:eb:ef:44:65:13:a3:74:3f:
5f:6b:ea:d0:f2:58:d0:68:be:b5:a9:b6:72:bf:bd:60:56:50:
ee:49:ec:0f:fd:32:7f:ab:a2:66:fe:8e:ee:58:cb:23:b9:ba:
b2:1c:5a:ff:9f:54:d4:a2:59:1c:d4:57:a8:55:8c:2e:8f:14:
4d:9d:74:78:f3:c3:37:1b:19:0d:50:28:d8:97:66:58:5f:ec:
b0:51:f5:6a:de:19:3c:59:9c:d5:0c:c1:e2:88:e8:f1:cb:cd:
50:9c:64:87:6b:40:ab:1e:cd:49:58:39:0e:4c:22:09:e7:d0:
b9:5b:6b:c7:61:27:87:cf:c0:8a:d2:74:75:ba:ff:f4:3c:4c:
4b:01:0b:76:98:d3:9a:11:aa:f8:62:8b:62:9c:f8:e4:bd:8e:
f8:03:61:9f:3c:d6:fe:77:b9:8e:ff:35:79:19:36:64:fb:ce:
ab:96:d7:46:d4:cb:f2:1c:ce:0f:61:11:a4:a0:2b:c1:f0:26:
5d:5a:87:d6:b8:ff:80:c6:d3:b5:9c:81:6e:c9:7b:18:8f:72:
82:ac:9f:09
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE/RHaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQy
MjExNDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI5YjU4NzEyZWFk
ZDk2ZWNmYWIzMDg2NjQwNDQ3YWIxZTczYzI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWhxRl1+ClVNvWrFTnbud0gyR470w5WEhr4r1QgPYG9K8dQ
jHH4IyWheKBXc+YsteV97hyfMhyfEhPi/UzXwDeLee/Tc/QXpc0fPTxYOiM/cgmS
i0DRP7qOBh2ujN7BHUmMBEgXVcu7TwUAG4oNA9TVDdWsknE8SjWSCR8uOyb2y4tx
IL3KdGXOpaNfWnibOFfY0sw0yy0s/Yq54jH6MdhNOcn2+TEPdqXAoY72vmeu8ZGX
IDsls90BSfAS5NlHuczLffHoP/q354gNvGLpYn9z5bTxn55isFNi5rP8XTJ5odvZ
FMI8p8zvzo3k1y7V2sqOnTmJD/bDFHDA3XsqxocCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSLm1hxLq3Zbs+rMIZkBEerHnPCczAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2k1dFljUzZ0Mlc3UHF6Q0daQVJIcXg1enduTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AKYDANBgkqhkiG9w0BAQsF
AAOCAQEAsfTP9zIOmc4yz+5+cj0xdWodGl7AqYfjWXfWLaeI3B/1pTYmOBB1rDPJ
VMnNJOvvRGUTo3Q/X2vq0PJY0Gi+tam2cr+9YFZQ7knsD/0yf6uiZv6O7ljLI7m6
shxa/59U1KJZHNRXqFWMLo8UTZ10ePPDNxsZDVAo2JdmWF/ssFH1at4ZPFmc1QzB
4ojo8cvNUJxkh2tAqx7NSVg5DkwiCefQuVtrx2Enh8/AitJ0dbr/9DxMSwELdpjT
mhGq+GKLYpz45L2O+ANhnzzW/ne5jv81eRk2ZPvOq5bXRtTL8hzOD2ERpKArwfAm
XVqH1rj/gMbTtZyBbsl7GI9ygqyfCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org