Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPiKwCEOA_zrXWP3sqxVIt7aP-M.roa
File: iPiKwCEOA_zrXWP3sqxVIt7aP-M.roa (raw, json)
Hash identifier: DgdJ7L6Wbe5ag8J0myNilcViWVuge+981g16bUlw8Mw=
Subject key identifier: 88:F8:8A:C0:21:0E:03:FC:EB:5D:63:F7:B2:AC:55:22:DE:DA:3F:E3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10BE588E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPiKwCEOA_zrXWP3sqxVIt7aP-M.roa
Signing time: Sat 01 Jan 2022 09:05:25 +0000
ROA not before: Sat 01 Jan 2022 09:05:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211044
IP address blocks: 2a0e:97c0:490::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280909966 (0x10be588e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88f88ac0210e03fceb5d63f7b2ac5522deda3fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:1b:54:32:26:3a:02:45:1e:6b:2f:15:6f:
11:7a:d1:4e:ad:3a:b8:56:a1:d4:25:4b:aa:2c:60:
b5:09:fb:6d:00:96:05:ed:23:d3:a5:f9:ad:8e:14:
8e:68:04:a3:0f:6b:e3:17:be:3d:73:58:e6:f5:10:
c2:c9:6c:30:bb:00:c5:59:23:bb:b6:d4:e3:10:c6:
af:58:22:18:2a:8e:7d:8d:ea:cf:6f:39:5d:54:cf:
6b:e0:0e:05:e6:32:37:10:5a:42:ed:5c:66:d8:38:
d9:19:1e:08:80:e9:d0:c0:e9:83:95:3f:48:40:1c:
58:08:04:eb:e4:77:d2:49:ae:77:e9:66:e2:8d:0e:
cb:8d:ab:73:61:fa:13:a2:30:de:5a:08:44:c3:6a:
98:01:5b:44:9f:40:e6:fe:55:fe:55:89:69:f3:cb:
d3:6d:9e:b0:4e:a5:a1:b4:c9:12:49:1d:72:80:83:
92:e0:a3:34:8f:b2:ed:2d:18:4b:aa:7b:63:56:a8:
62:79:fe:4d:3c:84:78:b0:a5:eb:72:8c:1a:fc:22:
a6:33:ea:83:1b:8c:3e:bf:4d:3b:83:40:4d:34:ab:
5a:eb:c2:9d:6c:7d:28:3f:21:ec:a2:fa:cc:a8:ea:
6f:fd:3d:6a:7d:6f:16:91:92:19:e7:2d:60:d4:70:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F8:8A:C0:21:0E:03:FC:EB:5D:63:F7:B2:AC:55:22:DE:DA:3F:E3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPiKwCEOA_zrXWP3sqxVIt7aP-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:490::/44
Signature Algorithm: sha256WithRSAEncryption
8a:fd:c7:39:6b:30:07:cf:cf:13:3e:e5:62:12:21:e5:f7:ed:
42:65:54:61:17:c6:33:04:2a:39:21:dc:0a:82:04:fe:c8:e1:
f2:16:aa:8b:bb:5b:81:07:ab:54:a0:9e:70:60:c8:75:58:62:
68:65:90:b6:62:35:81:ad:50:e5:0a:f7:0d:1a:12:3a:5c:4b:
95:58:f1:f5:ee:f6:52:8d:a8:f0:aa:32:0c:d4:96:99:93:cd:
6a:5f:aa:29:1a:a3:d6:ee:f2:aa:6f:30:d0:63:97:ec:cb:9b:
62:30:7d:0b:86:e1:80:49:fa:10:60:a3:56:c9:3e:46:0b:cb:
04:28:05:87:8b:32:79:28:24:9e:cd:65:b7:31:4b:61:c5:88:
1a:46:2a:9a:2f:18:ca:f3:83:b9:6c:03:c2:1e:8b:e0:12:1e:
93:db:15:31:38:63:ff:89:a1:80:ab:fb:d3:e0:9e:31:a4:81:
ce:ef:00:d8:16:04:7b:59:d6:d8:bc:5d:23:83:d0:5b:5a:f5:
9b:c4:9e:d9:9e:0c:28:ad:f6:24:4e:69:d4:b3:22:9e:7c:b1:
23:bd:36:54:8f:38:2c:41:7c:0f:4c:4e:54:26:94:2d:3c:2b:
e4:c5:d3:96:25:f5:99:e5:86:12:ba:dc:66:f5:11:cc:34:4a:
20:73:bc:96
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEL5YjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhmODhhYzAyMTBl
MDNmY2ViNWQ2M2Y3YjJhYzU1MjJkZWRhM2ZlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoQG1QyJjoCRR5rLxVvEXrRTq06uFah1CVLqixgtQn7bQCW
Be0j06X5rY4UjmgEow9r4xe+PXNY5vUQwslsMLsAxVkju7bU4xDGr1giGCqOfY3q
z285XVTPa+AOBeYyNxBaQu1cZtg42RkeCIDp0MDpg5U/SEAcWAgE6+R30kmud+lm
4o0Oy42rc2H6E6Iw3loIRMNqmAFbRJ9A5v5V/lWJafPL022esE6lobTJEkkdcoCD
kuCjNI+y7S0YS6p7Y1aoYnn+TTyEeLCl63KMGvwipjPqgxuMPr9NO4NATTSrWuvC
nWx9KD8h7KL6zKjqb/09an1vFpGSGectYNRwIl8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSI+IrAIQ4D/OtdY/eyrFUi3to/4zAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2lQaUt3Q0VPQV96clhXUDNzcXhWSXQ3YVAtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AEkDANBgkqhkiG9w0BAQsF
AAOCAQEAiv3HOWswB8/PEz7lYhIh5fftQmVUYRfGMwQqOSHcCoIE/sjh8haqi7tb
gQerVKCecGDIdVhiaGWQtmI1ga1Q5Qr3DRoSOlxLlVjx9e72Uo2o8KoyDNSWmZPN
al+qKRqj1u7yqm8w0GOX7MubYjB9C4bhgEn6EGCjVsk+RgvLBCgFh4syeSgkns1l
tzFLYcWIGkYqmi8YyvODuWwDwh6L4BIek9sVMThj/4mhgKv70+CeMaSBzu8A2BYE
e1nW2LxdI4PQW1r1m8Se2Z4MKK32JE5p1LMinnyxI702VI84LEF8D0xOVCaULTwr
5MXTliX1meWGErrcZvURzDRKIHO8lg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org