Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jQzGaUGp-6eJhKNOZkFgxirmPMI.roa
File: jQzGaUGp-6eJhKNOZkFgxirmPMI.roa (raw, json)
Hash identifier: DCQxTmQcHsDbukOc1GAvCLaL1KBS1iZlRQP+kYWtt3g=
Subject key identifier: 8D:0C:C6:69:41:A9:FB:A7:89:84:A3:4E:66:41:60:C6:2A:E6:3C:C2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10BE61A0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jQzGaUGp-6eJhKNOZkFgxirmPMI.roa
Signing time: Sat 01 Jan 2022 09:05:25 +0000
ROA not before: Sat 01 Jan 2022 09:05:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211168
IP address blocks: 2a0e:b107:13d6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280912288 (0x10be61a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d0cc66941a9fba78984a34e664160c62ae63cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4b:6d:73:9e:47:4f:93:fb:08:d6:ad:a5:63:
5f:68:e1:09:18:bd:08:df:30:f1:75:15:0c:12:68:
2b:97:6b:19:1e:af:19:53:e4:25:71:0f:e3:30:3e:
4f:ba:d5:fd:3d:d0:9d:86:8d:f8:d2:6a:d1:c1:0c:
b6:ee:3f:8c:78:22:74:5d:f7:2a:c7:19:3f:a2:17:
4c:56:f7:d3:21:ea:3a:15:73:2f:6d:a4:5e:c6:8b:
82:7b:8d:48:1e:0a:49:4d:14:34:58:61:c7:bf:9f:
0f:37:24:e7:1c:3e:54:4c:a6:b7:52:69:16:79:a0:
ba:56:55:bc:d0:72:5c:01:5f:8b:45:e0:3c:6b:34:
04:42:8b:51:d8:c7:48:cd:39:d2:16:3e:97:2d:3b:
fa:ca:d7:17:05:fe:db:2b:ea:f0:12:a8:e5:01:ab:
9b:65:2d:d7:e6:96:19:25:34:c4:e2:18:89:21:97:
f7:72:c1:e4:dd:ac:1e:61:1c:96:14:a8:a9:38:16:
93:07:90:51:56:81:03:96:23:17:c7:3e:40:57:eb:
6b:fd:43:3e:88:af:de:c2:64:98:5b:e3:78:b5:cc:
fe:c3:6c:fb:2d:b9:8a:08:24:8a:df:08:81:84:8c:
0b:d7:ac:bf:80:d7:a5:4f:9f:c4:c8:32:d2:ca:70:
41:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0C:C6:69:41:A9:FB:A7:89:84:A3:4E:66:41:60:C6:2A:E6:3C:C2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jQzGaUGp-6eJhKNOZkFgxirmPMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:13d6::/48
Signature Algorithm: sha256WithRSAEncryption
50:22:c1:c6:60:f4:86:7e:20:63:4b:d7:e3:c1:4e:82:a8:6d:
07:82:b3:c5:9a:80:1d:94:ca:55:f2:c3:04:d2:f3:0c:91:9d:
9c:a7:3c:d9:f7:b3:ee:d0:d5:1c:66:55:80:76:09:0a:e0:89:
e4:57:aa:76:91:9b:eb:27:ed:e0:0e:02:99:2a:cc:05:4d:63:
91:75:14:1e:28:7f:3c:c7:d6:f3:b7:18:75:41:54:cd:94:cb:
b1:ef:a3:a2:d0:9d:d1:3f:a4:5a:af:40:e3:79:64:25:e9:f4:
44:fb:ee:03:6b:95:a6:e3:8c:ea:ed:c8:64:d9:d3:da:5c:17:
be:64:96:e6:fa:e2:d8:09:47:df:9b:56:e3:73:42:29:65:9f:
78:a2:7b:cd:19:33:56:0a:47:02:3d:d4:79:a4:8a:65:23:b3:
bb:2f:59:5c:67:84:87:85:ed:45:98:9b:3f:e0:19:99:e8:34:
2f:a7:aa:ff:0c:98:0f:3f:86:62:d1:42:f3:03:f7:4e:33:48:
9b:1a:b0:b3:0a:e2:0f:34:a6:62:08:21:05:0e:54:d4:5b:24:
4e:b1:2b:13:06:ad:65:b0:28:b6:de:26:b4:92:58:d3:fa:69:
75:51:9a:f3:69:58:03:9c:eb:be:6b:36:10:44:9d:a1:1c:c0:
06:b3:c6:c5
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEL5hoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQwY2M2Njk0MWE5
ZmJhNzg5ODRhMzRlNjY0MTYwYzYyYWU2M2NjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBLbXOeR0+T+wjWraVjX2jhCRi9CN8w8XUVDBJoK5drGR6v
GVPkJXEP4zA+T7rV/T3QnYaN+NJq0cEMtu4/jHgidF33KscZP6IXTFb30yHqOhVz
L22kXsaLgnuNSB4KSU0UNFhhx7+fDzck5xw+VEymt1JpFnmgulZVvNByXAFfi0Xg
PGs0BEKLUdjHSM050hY+ly07+srXFwX+2yvq8BKo5QGrm2Ut1+aWGSU0xOIYiSGX
93LB5N2sHmEclhSoqTgWkweQUVaBA5YjF8c+QFfra/1DPoiv3sJkmFvjeLXM/sNs
+y25iggkit8IgYSMC9esv4DXpU+fxMgy0spwQSsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSNDMZpQan7p4mEo05mQWDGKuY8wjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2pRekdhVUdwLTZlSmhLTk9aa0ZneGlybVBNSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcT1jANBgkqhkiG9w0BAQsF
AAOCAQEAUCLBxmD0hn4gY0vX48FOgqhtB4KzxZqAHZTKVfLDBNLzDJGdnKc82fez
7tDVHGZVgHYJCuCJ5FeqdpGb6yft4A4CmSrMBU1jkXUUHih/PMfW87cYdUFUzZTL
se+jotCd0T+kWq9A43lkJen0RPvuA2uVpuOM6u3IZNnT2lwXvmSW5vri2AlH35tW
43NCKWWfeKJ7zRkzVgpHAj3UeaSKZSOzuy9ZXGeEh4XtRZibP+AZmeg0L6eq/wyY
Dz+GYtFC8wP3TjNImxqwswriDzSmYgghBQ5U1FskTrErEwatZbAott4mtJJY0/pp
dVGa82lYA5zrvms2EESdoRzABrPGxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org