Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jSTqCF3axJjz8yBX24SW8nqvZN4.roa
File: jSTqCF3axJjz8yBX24SW8nqvZN4.roa (raw, json)
Hash identifier: QGLNM9zEe68Z7e/rTTZCD5CvudeWNFyl+AEQtuotX/E=
Subject key identifier: 8D:24:EA:08:5D:DA:C4:98:F3:F3:20:57:DB:84:96:F2:7A:AF:64:DE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14C040A5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jSTqCF3axJjz8yBX24SW8nqvZN4.roa
Signing time: Fri 20 May 2022 14:55:30 +0000
ROA not before: Fri 20 May 2022 14:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205092
IP address blocks: 2a0e:97c0:b00::/48 maxlen: 48
2a0e:97c0:b01::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348143781 (0x14c040a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 20 14:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d24ea085ddac498f3f32057db8496f27aaf64de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:65:80:8a:ed:c8:58:3c:20:ad:d8:e4:15:d0:
03:1c:ee:8b:bd:f8:9c:b5:bf:6b:4e:03:fc:c8:4e:
af:19:92:82:bf:3a:61:7d:37:a9:2e:83:f2:21:4f:
34:54:d4:3d:ee:a1:42:13:c8:4d:69:87:d4:b4:b0:
f7:ca:27:af:1f:4c:63:10:60:76:8f:64:6f:08:03:
18:d1:18:7b:ca:6c:d1:03:0e:aa:89:7e:f7:81:35:
3c:11:09:fe:aa:99:28:46:95:4b:77:bf:13:0e:1a:
66:fe:3f:3e:c6:27:79:d2:8c:4a:ce:3b:8f:e1:c1:
03:32:01:e9:0f:2e:45:d1:fd:4a:08:64:e7:6a:ff:
6e:de:0c:40:49:c0:b8:66:c1:31:ec:b1:2d:aa:cf:
75:67:c3:7b:e5:53:b0:79:51:6d:88:f2:87:33:cf:
7a:a4:78:6d:a9:59:d8:63:04:72:db:1b:09:50:3c:
80:a3:b3:d7:9c:c0:7d:67:ae:cc:85:e9:6c:48:49:
eb:03:0a:65:94:14:03:0c:3a:ba:91:bb:67:f6:1b:
00:25:57:a9:1b:f1:e7:4a:9c:7b:1a:e1:fe:31:c9:
00:08:7f:39:09:e7:81:67:31:3e:15:3c:ed:68:64:
ae:fc:60:58:8e:7c:19:20:69:73:1f:11:e1:9d:94:
47:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:24:EA:08:5D:DA:C4:98:F3:F3:20:57:DB:84:96:F2:7A:AF:64:DE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jSTqCF3axJjz8yBX24SW8nqvZN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b00::/47
Signature Algorithm: sha256WithRSAEncryption
57:26:32:5a:16:f4:98:01:04:04:93:ca:b0:37:54:e5:a9:ab:
76:e0:58:71:4c:06:74:3c:39:95:2b:0d:11:bd:6b:c3:3e:ec:
d3:24:8e:2c:79:fc:f8:66:45:9d:89:d6:8a:92:78:27:52:e7:
3e:da:74:77:d9:a9:f2:8b:1a:8c:00:0a:79:8a:c8:fd:5d:2c:
8d:30:e4:81:02:3f:c7:fe:b7:3d:b9:62:45:cb:b8:b5:fd:76:
ed:69:e1:1e:e5:45:3b:20:b5:8f:0b:27:3f:31:5c:98:7e:40:
76:79:be:ff:ca:03:8f:4f:c6:af:62:f0:47:d8:c9:53:b8:b1:
7c:82:fb:0f:77:92:43:50:19:ce:51:1e:b3:db:5d:03:c2:85:
ad:75:75:e7:80:ae:88:7c:9d:c9:30:60:3c:33:c9:03:07:54:
e3:17:a6:3c:40:37:a9:71:8d:6d:1a:6e:0d:b2:3b:a5:7d:2d:
7e:f9:81:7e:29:d9:c8:60:16:2d:b2:f1:2b:bf:ce:e6:2f:92:
82:71:90:98:1b:9d:2a:9c:4b:d1:9b:cc:19:72:0f:ff:c1:4c:
4d:54:e5:c3:1f:6f:c8:e1:07:49:06:cc:81:17:1c:60:2f:14:
63:48:77:4a:d9:9e:46:f2:84:b3:8c:7b:ce:8f:d3:73:b3:3d:
8d:b7:e4:9e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFMBApTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUy
MDE0NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQyNGVhMDg1ZGRh
YzQ5OGYzZjMyMDU3ZGI4NDk2ZjI3YWFmNjRkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBlgIrtyFg8IK3Y5BXQAxzui734nLW/a04D/MhOrxmSgr86
YX03qS6D8iFPNFTUPe6hQhPITWmH1LSw98onrx9MYxBgdo9kbwgDGNEYe8ps0QMO
qol+94E1PBEJ/qqZKEaVS3e/Ew4aZv4/PsYnedKMSs47j+HBAzIB6Q8uRdH9Sghk
52r/bt4MQEnAuGbBMeyxLarPdWfDe+VTsHlRbYjyhzPPeqR4balZ2GMEctsbCVA8
gKOz15zAfWeuzIXpbEhJ6wMKZZQUAww6upG7Z/YbACVXqRvx50qcexrh/jHJAAh/
OQnngWcxPhU87WhkrvxgWI58GSBpcx8R4Z2URzsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSNJOoIXdrEmPPzIFfbhJbyeq9k3jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2pTVHFDRjNheEpqejh5QlgyNFNXOG5xdlpONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoOl8ALADANBgkqhkiG9w0BAQsF
AAOCAQEAVyYyWhb0mAEEBJPKsDdU5amrduBYcUwGdDw5lSsNEb1rwz7s0ySOLHn8
+GZFnYnWipJ4J1LnPtp0d9mp8osajAAKeYrI/V0sjTDkgQI/x/63PbliRcu4tf12
7WnhHuVFOyC1jwsnPzFcmH5Adnm+/8oDj0/Gr2LwR9jJU7ixfIL7D3eSQ1AZzlEe
s9tdA8KFrXV154CuiHydyTBgPDPJAwdU4xemPEA3qXGNbRpuDbI7pX0tfvmBfinZ
yGAWLbLxK7/O5i+SgnGQmBudKpxL0ZvMGXIP/8FMTVTlwx9vyOEHSQbMgRccYC8U
Y0h3StmeRvKEs4x7zo/Tc7M9jbfkng==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org