Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa
File: kqFPuwdxLEiyKtiFafRZT1ummms.roa (raw, json)
Hash identifier: 6Aen5Ey1XuKoQj5qfN5L/vaq5kvrrLws1CUYHA5AJlU=
Subject key identifier: 92:A1:4F:BB:07:71:2C:48:B2:2A:D8:85:69:F4:59:4F:5B:A6:9A:6B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018506BF88E4EDA27842D2CC491ED8E04828
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa
Signing time: Mon 12 Dec 2022 14:31:33 +0000
ROA not before: Mon 12 Dec 2022 14:31:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200625
IP address blocks: 2a0e:97c0:61d::/48 maxlen: 48
2a0e:97c0:610::/44 maxlen: 48
2a0e:97c0:618::/48 maxlen: 48
2a0e:97c0:613::/48 maxlen: 48
2a0e:97c0:61e::/48 maxlen: 48
2a0e:97c0:611::/48 maxlen: 48
2a0e:97c0:61c::/48 maxlen: 48
2a0e:97c0:617::/48 maxlen: 48
2a0e:97c0:612::/48 maxlen: 48
2a0e:97c0:615::/48 maxlen: 48
2a0e:97c0:610::/48 maxlen: 48
2a0e:97c0:61b::/48 maxlen: 48
2a0e:97c0:616::/48 maxlen: 48
2a0e:97c0:619::/48 maxlen: 48
2a0e:97c0:614::/48 maxlen: 48
2a0e:97c0:61f::/48 maxlen: 48
2a0e:97c0:61a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:bf:88:e4:ed:a2:78:42:d2:cc:49:1e:d8:e0:48:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 12 14:31:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92a14fbb07712c48b22ad88569f4594f5ba69a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ce:9c:0c:50:6d:e4:27:58:69:fe:6f:ce:1f:
b9:ee:e9:a4:20:b6:4e:07:13:9a:12:15:ce:61:82:
74:e0:6f:78:c7:37:25:4d:6c:11:1d:c3:10:bd:21:
a7:10:60:c7:35:3b:16:1a:be:4d:96:7b:b3:73:e4:
04:b8:39:13:74:ce:4e:a0:e0:0e:05:fd:c8:18:31:
18:7f:eb:4a:13:47:ff:5f:cb:f1:4c:52:21:40:76:
06:66:50:7a:1c:0a:ca:ca:e9:15:d7:1b:57:49:b9:
2d:33:7b:c5:e7:73:6f:0c:20:b7:60:fd:99:c6:a7:
2a:36:34:3f:a8:fd:91:1a:4a:34:f7:5a:37:a6:a5:
c4:68:a3:75:65:04:1b:31:53:67:ea:da:86:9b:4b:
3b:bb:13:09:5f:21:11:84:7f:4b:78:9c:fd:22:03:
31:b5:ac:ba:70:c4:0e:c3:40:49:7e:54:28:6b:2a:
c8:63:12:33:01:b4:0a:40:b7:32:60:3e:f8:d9:c8:
6e:86:c0:73:9f:72:96:94:f3:9a:d3:e7:1c:61:2e:
fb:69:55:59:d6:07:a9:41:56:00:d2:6d:b1:b5:90:
43:a9:4e:ce:69:c5:37:20:70:be:e4:6e:77:7b:8c:
d9:bb:62:d5:ba:c7:d4:61:28:88:ec:22:d1:b2:4f:
a0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A1:4F:BB:07:71:2C:48:B2:2A:D8:85:69:F4:59:4F:5B:A6:9A:6B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:610::/44
Signature Algorithm: sha256WithRSAEncryption
59:4d:46:0d:99:4d:ce:c9:76:bd:92:54:3a:e3:34:19:b1:50:
df:3b:23:04:9c:b7:f8:9d:f7:9d:2f:b7:fb:43:4f:ee:ce:8e:
a3:8f:4c:10:9e:b1:f2:ab:a7:26:c2:08:11:ed:1d:df:80:0b:
ae:9e:2a:e7:40:0a:ea:09:fb:d9:a9:d5:59:8a:5e:c9:c2:36:
d7:73:b5:f7:91:0b:22:b6:e4:23:a6:c0:76:c4:18:45:dc:bd:
b8:38:d0:2b:6b:a9:00:16:18:a9:58:12:51:63:04:1c:1c:16:
59:a7:16:ed:ae:b1:0a:35:e5:fb:8c:81:00:f9:34:eb:00:d7:
b0:de:2b:1a:53:e7:18:64:c7:49:7e:93:04:b0:13:cc:23:0d:
32:96:fd:31:35:01:e1:5a:8a:49:99:e5:11:14:08:b2:25:44:
af:74:11:d9:fc:0b:4f:86:a6:ee:69:6f:36:0d:cd:cb:07:ab:
6c:3f:58:79:0a:fb:fa:8c:1a:e8:85:4c:a4:bd:84:a7:cd:0c:
6b:7e:8c:84:58:f7:d1:2f:2f:d2:6f:a4:e7:8a:53:07:8b:70:
03:8b:ad:16:15:7a:23:89:58:e8:89:e2:65:d2:88:ff:32:f6:
d9:04:93:a1:24:67:78:3a:8f:67:a9:c8:06:88:6b:af:bc:cc:
01:aa:16:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUGv4jk7aJ4QtLMSR7Y4EgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEyMTQzMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmExNGZiYjA3NzEyYzQ4YjIyYWQ4ODU2OWY0NTk0ZjViYTY5YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA986cDFBt5CdYaf5vzh+57umkILZO
BxOaEhXOYYJ04G94xzclTWwRHcMQvSGnEGDHNTsWGr5Nlnuzc+QEuDkTdM5OoOAO
Bf3IGDEYf+tKE0f/X8vxTFIhQHYGZlB6HArKyukV1xtXSbktM3vF53NvDCC3YP2Z
xqcqNjQ/qP2RGko091o3pqXEaKN1ZQQbMVNn6tqGm0s7uxMJXyERhH9LeJz9IgMx
tay6cMQOw0BJflQoayrIYxIzAbQKQLcyYD742chuhsBzn3KWlPOa0+ccYS77aVVZ
1gepQVYA0m2xtZBDqU7OacU3IHC+5G53e4zZu2LVusfUYSiI7CLRsk+gBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKhT7sHcSxIsirYhWn0WU9bppprMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva3FGUHV3ZHhMRWl5S3RpRmFmUlpUMXVtbW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZTUYNmU3OyXa9klQ64zQZsVDfOyMEnLf4nfed
L7f7Q0/uzo6jj0wQnrHyq6cmwggR7R3fgAuunirnQArqCfvZqdVZil7JwjbXc7X3
kQsituQjpsB2xBhF3L24ONAra6kAFhipWBJRYwQcHBZZpxbtrrEKNeX7jIEA+TTr
ANew3isaU+cYZMdJfpMEsBPMIw0ylv0xNQHhWopJmeURFAiyJUSvdBHZ/AtPhqbu
aW82Dc3LB6tsP1h5Cvv6jBrohUykvYSnzQxrfoyEWPfRLy/Sb6TnilMHi3ADi60W
FXojiVjoieJl0oj/MvbZBJOhJGd4Oo9nqcgGiGuvvMwBqhaE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org