Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iObx979r7D5hHcrHqZq9LCJAIO8.roa
File: iObx979r7D5hHcrHqZq9LCJAIO8.roa (raw, json)
Hash identifier: 69x24NoazVJzoLfC8NH83KTMmydtfgFcAoMsEN+cJeE=
Subject key identifier: 88:E6:F1:F7:BF:6B:EC:3E:61:1D:CA:C7:A9:9A:BD:2C:22:40:20:EF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12C95E3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iObx979r7D5hHcrHqZq9LCJAIO8.roa
Signing time: Wed 09 Mar 2022 13:45:09 +0000
ROA not before: Wed 09 Mar 2022 13:45:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211350
IP address blocks: 2a0e:97c0:1c8::/48 maxlen: 48
2a0e:97c0:1c0::/45 maxlen: 48
2a0e:b107:1668::/45 maxlen: 48
2a0e:b107:1660::/45 maxlen: 48
2a0e:b107:1670::/45 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315186748 (0x12c95e3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 9 13:45:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88e6f1f7bf6bec3e611dcac7a99abd2c224020ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:94:66:22:8e:31:3b:cb:ab:d2:78:a4:8c:
87:a4:2b:dc:be:07:87:68:f1:25:c6:86:7e:74:96:
73:e8:da:fa:b5:d7:9c:db:28:67:29:0a:91:ee:ac:
64:b1:50:07:88:14:8e:d8:f1:8a:ec:6b:6e:9b:de:
09:86:5d:4f:87:65:aa:59:6f:d2:e3:83:28:72:7e:
73:29:b5:cc:47:bd:d3:5e:04:4a:68:c6:38:23:df:
35:72:20:24:8d:e4:4e:00:63:65:9c:7c:f0:68:06:
d4:52:45:f1:0c:d7:e5:ed:ee:74:82:63:ec:df:10:
8f:4e:de:ea:0c:e4:31:da:b1:ec:19:54:fc:a3:95:
33:cb:3a:06:81:9f:42:dc:54:cb:33:33:f4:30:c2:
1f:6c:ae:a6:3c:1f:4a:ab:18:64:34:4a:a3:fa:5e:
58:83:23:b1:cf:6f:0a:61:06:a4:1d:74:db:80:44:
5c:70:08:3d:a3:44:9e:5c:36:e2:7b:6d:a0:2c:15:
f5:a5:ff:9d:ec:aa:f4:4b:01:34:b8:d9:5e:d9:91:
59:ed:5a:8d:6b:cc:07:ed:87:4f:70:e8:89:d6:33:
ba:d4:be:53:c5:cc:99:da:c1:45:f0:14:17:62:c4:
07:96:73:52:df:7f:a1:48:b2:35:bd:6b:61:29:24:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:F1:F7:BF:6B:EC:3E:61:1D:CA:C7:A9:9A:BD:2C:22:40:20:EF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iObx979r7D5hHcrHqZq9LCJAIO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1c0::-2a0e:97c0:1c8:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1660::-2a0e:b107:1677:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:f4:17:d4:aa:b7:34:92:22:53:34:1a:31:56:76:14:64:e9:
af:7e:86:c7:10:ce:bc:70:99:76:c4:3b:0c:8a:95:7e:59:1c:
77:43:2f:c6:06:10:a0:f4:af:30:4e:18:4c:1d:48:1f:b6:b0:
f6:e5:8e:9e:89:0c:35:42:b1:11:ac:df:ab:e5:50:4d:27:cb:
0e:ed:04:86:b1:71:f7:73:d6:d6:79:e2:89:1a:b3:84:f7:02:
55:bc:86:d4:1f:94:2d:ee:23:19:8a:07:a2:09:4c:5b:01:0e:
43:15:94:de:2b:ac:ae:9d:bf:75:44:46:b7:7c:8d:8a:94:d0:
14:17:88:4b:15:9f:90:87:e5:9b:a7:d8:45:03:ef:5c:08:38:
eb:88:d3:67:a5:b9:f1:bf:a6:ba:70:4e:bd:c6:61:bc:7b:7b:
eb:f8:0f:16:d5:d7:ae:7d:8f:2a:df:37:ff:a3:75:a0:fd:c6:
d3:bb:a8:77:0a:be:3c:9f:03:f6:c8:6e:ea:45:8b:d3:a3:73:
fe:d0:ab:2c:d1:c2:21:0d:fc:ab:b6:6b:9c:4d:2f:f4:fa:52:
55:de:d8:a6:95:80:8b:df:54:d0:89:32:74:a6:da:be:b8:1c:
fe:98:7b:18:f9:49:63:aa:31:7c:c4:4b:81:76:1e:f1:c2:f6:
43:7f:b9:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEEslePDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
OTEzNDUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhlNmYxZjdiZjZi
ZWMzZTYxMWRjYWM3YTk5YWJkMmMyMjQwMjBlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8RlGYijjE7y6vSeKSMh6Qr3L4Hh2jxJcaGfnSWc+ja+rXX
nNsoZykKke6sZLFQB4gUjtjxiuxrbpveCYZdT4dlqllv0uODKHJ+cym1zEe9014E
SmjGOCPfNXIgJI3kTgBjZZx88GgG1FJF8QzX5e3udIJj7N8Qj07e6gzkMdqx7BlU
/KOVM8s6BoGfQtxUyzMz9DDCH2yupjwfSqsYZDRKo/peWIMjsc9vCmEGpB1024BE
XHAIPaNEnlw24nttoCwV9aX/neyq9EsBNLjZXtmRWe1ajWvMB+2HT3DoidYzutS+
U8XMmdrBRfAUF2LEB5ZzUt9/oUiyNb1rYSkk2/MCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSI5vH3v2vsPmEdysepmr0sIkAg7zAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2lPYng5NzlyN0Q1aEhjckhxWnE5TENKQUlPOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAIwKDASAwcGKg6XwAHAAwcAKg6XwAHIMBID
BwUqDrEHFmADBwMqDrEHFnAwDQYJKoZIhvcNAQELBQADggEBAAf0F9SqtzSSIlM0
GjFWdhRk6a9+hscQzrxwmXbEOwyKlX5ZHHdDL8YGEKD0rzBOGEwdSB+2sPbljp6J
DDVCsRGs36vlUE0nyw7tBIaxcfdz1tZ54okas4T3AlW8htQflC3uIxmKB6IJTFsB
DkMVlN4rrK6dv3VERrd8jYqU0BQXiEsVn5CH5Zun2EUD71wIOOuI02elufG/prpw
Tr3GYbx7e+v4DxbV1659jyrfN/+jdaD9xtO7qHcKvjyfA/bIbupFi9Ojc/7QqyzR
wiEN/Ku2a5xNL/T6UlXe2KaVgIvfVNCJMnSm2r64HP6Yexj5SWOqMXzES4F2HvHC
9kN/uaQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org