Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kX6dovHymFK1RNZjRv0F9P2w4UU.roa
File: kX6dovHymFK1RNZjRv0F9P2w4UU.roa (raw, json)
Hash identifier: /gJ5TG1qvI/dxW61y1O1wDO71QlAezLW9F/mT+hzcyM=
Subject key identifier: 91:7E:9D:A2:F1:F2:98:52:B5:44:D6:63:46:FD:05:F4:FD:B0:E1:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12DAF673
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kX6dovHymFK1RNZjRv0F9P2w4UU.roa
Signing time: Sat 12 Mar 2022 14:53:16 +0000
ROA not before: Sat 12 Mar 2022 14:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210633
IP address blocks: 2a0e:b107:1880::/44 maxlen: 48
2a0e:b107:1960::/44 maxlen: 48
2a0e:b107:1888::/45 maxlen: 48
2a0e:b107:1880::/45 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316339827 (0x12daf673)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 12 14:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=917e9da2f1f29852b544d66346fd05f4fdb0e145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ba:2f:e1:fb:ff:3b:22:00:18:92:ec:36:1e:
c5:df:63:31:88:d8:74:67:97:87:cb:b4:60:e8:d9:
fc:a2:31:93:b9:5a:ad:48:0e:a3:ee:a3:15:51:2a:
b7:b0:67:bd:e1:b5:3a:51:20:bf:65:31:47:21:4c:
f6:96:66:bd:3f:34:77:3c:ad:25:99:eb:cb:6b:43:
ee:6e:26:07:ad:07:de:d4:b7:03:ef:ca:4d:bf:31:
26:7f:4c:18:89:5d:95:b1:43:7b:3a:06:de:60:78:
da:90:50:46:83:5c:a8:33:29:53:b7:16:b1:cd:74:
00:6d:f8:cd:d7:3a:1e:27:45:d6:ec:d7:ed:a5:f3:
4c:fd:86:8d:41:af:2e:94:c5:82:c9:c7:1e:c8:20:
04:d6:3f:f6:1c:ba:31:4f:4b:3d:f2:cb:24:09:61:
23:5e:d1:7c:45:04:e4:42:a5:f1:33:98:dd:2e:99:
27:f9:92:36:35:ad:65:a8:37:0d:a9:ee:8c:74:74:
fc:ea:37:7a:5b:a2:8a:34:44:c4:7f:c2:56:c5:d2:
4d:db:b7:0f:6e:cc:6d:76:92:86:f5:2b:35:93:c1:
7d:6a:a3:39:a5:06:3e:d4:89:b6:35:69:40:1b:10:
3e:d8:cb:2f:96:60:99:44:8a:a4:03:c9:fd:01:42:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7E:9D:A2:F1:F2:98:52:B5:44:D6:63:46:FD:05:F4:FD:B0:E1:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kX6dovHymFK1RNZjRv0F9P2w4UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1880::/44
2a0e:b107:1960::/44
Signature Algorithm: sha256WithRSAEncryption
0e:87:19:e0:ab:33:41:79:43:97:c0:8d:4a:c5:29:94:3c:03:
f9:46:ee:24:95:61:05:84:88:c6:18:b8:e5:a4:16:fa:16:42:
b0:ad:a2:6b:b2:e5:be:b7:23:95:09:bb:ca:99:3e:45:7e:ca:
f7:c7:65:98:9f:ba:51:5c:5d:3b:ce:16:b6:6d:2e:74:01:da:
da:5d:82:3b:8a:17:78:65:e1:6f:3f:d2:27:41:7e:15:7d:ca:
b7:f9:11:68:8d:bf:b6:7e:99:18:2c:c2:49:65:69:fd:c6:60:
e1:d8:fd:19:2c:40:0e:25:94:3c:11:98:e4:8e:ab:68:ca:85:
80:21:2a:1a:4a:ff:31:d1:8a:71:87:ab:cb:f0:16:49:1a:a3:
eb:74:17:7b:cb:2c:85:77:39:d5:81:9b:c1:75:7a:c0:f3:2b:
fe:e0:34:37:8e:85:4a:e0:aa:37:d4:90:a0:bd:f4:2e:3e:e0:
31:1c:04:f3:06:cc:87:19:a8:f4:9b:25:42:0c:ff:31:69:34:
2a:54:bc:4f:d3:60:b1:16:b3:28:29:4b:7b:a3:e2:98:63:66:
24:34:d0:36:a9:67:9b:5b:76:41:65:80:75:96:f9:4f:af:18:
a9:6b:b7:83:fd:9d:e6:ce:95:9a:92:39:10:76:3b:64:2a:7f:
ba:83:44:99
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEtr2czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMx
MjE0NTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE3ZTlkYTJmMWYy
OTg1MmI1NDRkNjYzNDZmZDA1ZjRmZGIwZTE0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN66L+H7/zsiABiS7DYexd9jMYjYdGeXh8u0YOjZ/KIxk7la
rUgOo+6jFVEqt7BnveG1OlEgv2UxRyFM9pZmvT80dzytJZnry2tD7m4mB60H3tS3
A+/KTb8xJn9MGIldlbFDezoG3mB42pBQRoNcqDMpU7cWsc10AG34zdc6HidF1uzX
7aXzTP2GjUGvLpTFgsnHHsggBNY/9hy6MU9LPfLLJAlhI17RfEUE5EKl8TOY3S6Z
J/mSNjWtZag3DanujHR0/Oo3eluiijRExH/CVsXSTdu3D27MbXaShvUrNZPBfWqj
OaUGPtSJtjVpQBsQPtjLL5ZgmUSKpAPJ/QFCAX8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSRfp2i8fKYUrVE1mNG/QX0/bDhRTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2tYNmRvdkh5bUZLMVJOWmpSdjBGOVAydzRVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOsQcYgAMHBCoOsQcZYDANBgkq
hkiG9w0BAQsFAAOCAQEADocZ4KszQXlDl8CNSsUplDwD+UbuJJVhBYSIxhi45aQW
+hZCsK2ia7LlvrcjlQm7ypk+RX7K98dlmJ+6UVxdO84Wtm0udAHa2l2CO4oXeGXh
bz/SJ0F+FX3Kt/kRaI2/tn6ZGCzCSWVp/cZg4dj9GSxADiWUPBGY5I6raMqFgCEq
Gkr/MdGKcYery/AWSRqj63QXe8sshXc51YGbwXV6wPMr/uA0N46FSuCqN9SQoL30
Lj7gMRwE8wbMhxmo9JslQgz/MWk0KlS8T9NgsRazKClLe6PimGNmJDTQNqlnm1t2
QWWAdZb5T68YqWu3g/2d5s6VmpI5EHY7ZCp/uoNEmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org