Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jyHaWFRDLUQpiGHcV-5VnX04t_U.roa
File: jyHaWFRDLUQpiGHcV-5VnX04t_U.roa (raw, json)
Hash identifier: KfzGVHZhNq8aPo0sws7vIwwprnDZlFEMtrl3uZpvZVs=
Subject key identifier: 8F:21:DA:58:54:43:2D:44:29:88:61:DC:57:EE:55:9D:7D:38:B7:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 1399B704
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jyHaWFRDLUQpiGHcV-5VnX04t_U.roa
Signing time: Fri 08 Apr 2022 14:11:51 +0000
ROA not before: Fri 08 Apr 2022 14:11:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211305
IP address blocks: 2a0e:97c0:380::/48 maxlen: 48
2a0e:97c0:383::/48 maxlen: 48
2a0e:97c0:381::/48 maxlen: 48
2a0e:97c0:384::/48 maxlen: 48
2a0e:97c0:382::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328840964 (0x1399b704)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 8 14:11:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f21da5854432d44298861dc57ee559d7d38b7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:37:69:31:3e:0f:fb:a0:4f:f3:ca:c8:7e:
2a:9d:01:cb:9c:8d:ff:43:a5:ca:75:56:4c:3a:4e:
8c:a5:22:ce:15:0c:82:c3:a8:48:c6:d4:ba:7e:26:
74:d4:0f:b7:75:19:e2:63:c9:13:10:e5:50:1f:d2:
d1:c5:9e:1a:2d:4e:82:14:70:bd:5a:f4:a6:f8:21:
fc:d0:42:45:d9:47:f4:63:12:eb:1e:fc:db:78:e7:
a7:ee:78:d8:f5:ae:d4:9b:4e:d1:fe:e1:a6:7a:f9:
e4:26:5a:f1:51:f9:9c:58:d3:5a:77:c9:cc:75:e7:
fe:20:6d:a2:07:c5:46:31:d8:fa:a6:36:b1:98:a7:
56:01:57:33:36:b1:77:b5:f1:f4:3a:e1:9b:f7:3e:
13:6e:7b:d4:b6:ee:52:2f:e2:90:8d:3c:c9:b7:3d:
b4:f8:20:6f:09:c6:38:52:45:f7:58:8f:32:0b:19:
fa:9d:b4:dd:0d:6d:fd:68:0c:ce:52:97:b1:d6:1d:
04:23:fd:f8:94:dd:85:b0:21:29:f4:f3:79:fe:4e:
5e:02:86:98:0e:30:94:42:68:9a:d0:57:4d:a2:14:
94:93:aa:b3:b8:6b:bf:80:21:ad:12:48:43:06:a0:
f7:d5:d6:a5:e8:14:bc:35:3f:41:95:dd:da:7f:40:
06:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:21:DA:58:54:43:2D:44:29:88:61:DC:57:EE:55:9D:7D:38:B7:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jyHaWFRDLUQpiGHcV-5VnX04t_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:380::-2a0e:97c0:384:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:50:19:6b:1d:4a:e9:f0:f6:fc:3b:84:2b:e7:dd:b0:97:2a:
d7:07:a1:28:8a:19:fc:bd:8d:ed:a7:db:36:48:89:41:17:10:
15:bc:83:35:3d:ad:be:1f:28:46:26:30:da:6d:d2:94:67:a1:
12:db:e8:94:5b:07:22:5e:2d:29:20:e0:e7:41:f4:00:54:0e:
b9:52:c1:58:48:08:fd:90:36:3c:37:69:c6:eb:06:ff:15:a8:
a0:bc:f7:86:64:77:6a:92:3c:3c:76:93:6f:6d:4e:e9:02:5c:
ff:54:2e:57:4b:20:25:00:66:cf:ca:f0:bb:69:3b:0c:43:22:
4e:bb:f8:1c:c1:03:7a:af:cb:4e:c8:dd:41:a7:f0:e4:c1:82:
e7:f1:9d:85:a4:dd:02:75:16:9e:79:77:79:04:45:8b:b2:fc:
2a:8e:d3:b6:fe:3d:a3:c2:d6:18:fb:6e:f9:54:24:b7:20:46:
a0:16:0a:ff:0b:45:d5:e1:20:12:07:85:20:f4:96:39:5f:6a:
9d:ec:15:15:ac:de:39:aa:8e:d6:85:cc:eb:90:c2:98:66:b0:
5a:8e:a2:1f:a9:92:37:30:79:fd:17:f4:c3:24:26:5d:6c:58:
2a:36:cf:1d:93:a6:bc:c7:09:ef:99:ce:b8:f9:41:2e:42:13:
4f:9b:4e:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEE5m3BDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
ODE0MTE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYyMWRhNTg1NDQz
MmQ0NDI5ODg2MWRjNTdlZTU1OWQ3ZDM4YjdmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWlN2kxPg/7oE/zysh+Kp0By5yN/0OlynVWTDpOjKUizhUM
gsOoSMbUun4mdNQPt3UZ4mPJExDlUB/S0cWeGi1OghRwvVr0pvgh/NBCRdlH9GMS
6x7823jnp+542PWu1JtO0f7hpnr55CZa8VH5nFjTWnfJzHXn/iBtogfFRjHY+qY2
sZinVgFXMzaxd7Xx9Drhm/c+E2571LbuUi/ikI08ybc9tPggbwnGOFJF91iPMgsZ
+p203Q1t/WgMzlKXsdYdBCP9+JTdhbAhKfTzef5OXgKGmA4wlEJomtBXTaIUlJOq
s7hrv4AhrRJIQwag99XWpegUvDU/QZXd2n9ABt8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSPIdpYVEMtRCmIYdxX7lWdfTi39TAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2p5SGFXRlJETFVRcGlHSGNWLTVWblgwNHRfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcHKg6XwAOAAwcAKg6XwAOEMA0G
CSqGSIb3DQEBCwUAA4IBAQCOUBlrHUrp8Pb8O4Qr592wlyrXB6Eoihn8vY3tp9s2
SIlBFxAVvIM1Pa2+HyhGJjDabdKUZ6ES2+iUWwciXi0pIODnQfQAVA65UsFYSAj9
kDY8N2nG6wb/FaigvPeGZHdqkjw8dpNvbU7pAlz/VC5XSyAlAGbPyvC7aTsMQyJO
u/gcwQN6r8tOyN1Bp/DkwYLn8Z2FpN0CdRaeeXd5BEWLsvwqjtO2/j2jwtYY+275
VCS3IEagFgr/C0XV4SASB4Ug9JY5X2qd7BUVrN45qo7WhczrkMKYZrBajqIfqZI3
MHn9F/TDJCZdbFgqNs8dk6a8xwnvmc64+UEuQhNPm044
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org