Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j09aguDiKL4YIokAx9RUCJCtaDo.roa
File: j09aguDiKL4YIokAx9RUCJCtaDo.roa (raw, json)
Hash identifier: chI0ue77aguXAYR/L3boMJ536u1tY2U7ca0IqANMwzo=
Subject key identifier: 8F:4F:5A:82:E0:E2:28:BE:18:22:89:00:C7:D4:54:08:90:AD:68:3A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10AD1ECB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j09aguDiKL4YIokAx9RUCJCtaDo.roa
Signing time: Sat 01 Jan 2022 09:05:16 +0000
ROA not before: Sat 01 Jan 2022 09:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210617
IP address blocks: 2a0e:97c0:5a0::/48 maxlen: 48
2a0e:97c0:5a1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279781067 (0x10ad1ecb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f4f5a82e0e228be18228900c7d4540890ad683a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:07:73:ae:bf:63:64:a1:08:fa:fb:41:da:91:
d2:ee:65:5c:5c:d5:f6:f9:04:11:3c:76:26:12:64:
e0:d9:e5:01:49:09:86:a0:e6:eb:4e:18:a7:e8:ff:
3a:1f:76:0f:46:1c:65:d1:32:fe:ae:ea:9d:54:54:
23:e3:2c:94:eb:d9:9f:05:6a:10:ab:4e:47:07:0c:
e0:24:21:dd:c3:ba:1e:3a:6d:59:63:9a:b8:0a:33:
ee:da:09:6c:17:b5:e4:95:3c:a6:1d:8c:9d:b1:63:
0d:83:09:04:98:4b:84:b6:b5:de:b5:db:70:a6:7a:
85:0d:68:6c:2e:cc:e4:35:8d:52:fa:0b:f4:41:2c:
72:c8:4f:d6:39:f1:a9:76:28:50:d4:13:6f:5e:54:
c1:63:23:3e:22:fa:e8:03:a6:66:1c:ca:85:f0:7c:
1a:06:f7:5e:43:ee:b6:68:ff:b4:41:b7:b1:a0:14:
de:55:75:8c:f5:ae:cc:7b:eb:58:ce:53:79:68:0a:
17:1d:b2:01:a5:08:12:b5:ce:01:eb:21:be:43:ed:
a9:54:9a:18:53:f7:c6:89:09:c7:52:9f:d1:4c:12:
9f:8a:16:6e:c0:f4:37:c7:38:0c:5f:50:1c:4e:a8:
42:01:d8:6e:73:19:18:97:6f:77:1f:05:b2:9f:ce:
93:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4F:5A:82:E0:E2:28:BE:18:22:89:00:C7:D4:54:08:90:AD:68:3A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j09aguDiKL4YIokAx9RUCJCtaDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5a0::/47
Signature Algorithm: sha256WithRSAEncryption
b3:83:ce:52:78:64:8e:07:ad:c5:a5:34:e7:b5:35:38:3b:c5:
b0:ca:ca:bc:8f:80:8b:53:56:e1:71:6e:15:56:d3:5b:4b:94:
01:b8:e5:22:17:50:76:cc:18:2e:f5:b3:bb:44:95:61:96:47:
33:62:18:6b:32:53:64:1f:1a:78:68:8e:71:ab:45:d1:de:4e:
45:ff:66:93:9e:9a:44:2e:0c:4a:94:d7:75:15:52:ef:3b:63:
46:10:82:2d:93:fc:b2:5c:f8:b5:26:03:a7:94:a8:40:c4:49:
9e:dd:5b:65:98:be:33:09:dc:e6:df:15:4a:5e:eb:1e:8e:e1:
17:f2:9c:0d:19:19:d4:5f:60:0e:64:74:fe:7d:9f:4c:32:75:
21:68:9a:de:f0:1e:a4:f8:7e:72:6e:9a:46:b8:bd:9d:4d:e0:
d9:8e:04:34:70:10:27:38:6a:39:f6:68:74:2c:b6:76:f9:49:
fa:a9:cd:e4:5f:8a:6f:94:cd:59:4e:f2:92:0e:06:bd:1e:15:
b6:c9:cf:a7:98:55:c4:b1:da:56:31:a8:15:41:db:9a:d2:56:
68:00:f0:08:45:6d:6d:c9:a0:96:c3:ac:f5:18:de:ac:c4:78:
0e:78:98:3d:27:c4:58:3a:aa:c3:a5:91:40:05:1b:ac:ab:d1:
f2:3d:81:9c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEK0eyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY0ZjVhODJlMGUy
MjhiZTE4MjI4OTAwYzdkNDU0MDg5MGFkNjgzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIUHc66/Y2ShCPr7QdqR0u5lXFzV9vkEETx2JhJk4NnlAUkJ
hqDm604Yp+j/Oh92D0YcZdEy/q7qnVRUI+MslOvZnwVqEKtORwcM4CQh3cO6Hjpt
WWOauAoz7toJbBe15JU8ph2MnbFjDYMJBJhLhLa13rXbcKZ6hQ1obC7M5DWNUvoL
9EEscshP1jnxqXYoUNQTb15UwWMjPiL66AOmZhzKhfB8Ggb3XkPutmj/tEG3saAU
3lV1jPWuzHvrWM5TeWgKFx2yAaUIErXOAeshvkPtqVSaGFP3xokJx1Kf0UwSn4oW
bsD0N8c4DF9QHE6oQgHYbnMZGJdvdx8Fsp/Ok3ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSPT1qC4OIovhgiiQDH1FQIkK1oOjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2owOWFndURpS0w0WUlva0F4OVJVQ0pDdGFEby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoOl8AFoDANBgkqhkiG9w0BAQsF
AAOCAQEAs4POUnhkjgetxaU057U1ODvFsMrKvI+Ai1NW4XFuFVbTW0uUAbjlIhdQ
dswYLvWzu0SVYZZHM2IYazJTZB8aeGiOcatF0d5ORf9mk56aRC4MSpTXdRVS7ztj
RhCCLZP8slz4tSYDp5SoQMRJnt1bZZi+Mwnc5t8VSl7rHo7hF/KcDRkZ1F9gDmR0
/n2fTDJ1IWia3vAepPh+cm6aRri9nU3g2Y4ENHAQJzhqOfZodCy2dvlJ+qnN5F+K
b5TNWU7ykg4GvR4VtsnPp5hVxLHaVjGoFUHbmtJWaADwCEVtbcmglsOs9RjerMR4
DniYPSfEWDqqw6WRQAUbrKvR8j2BnA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org