Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mCMOivZMa0Fj4zWNMM776o3czTY.roa
File: mCMOivZMa0Fj4zWNMM776o3czTY.roa (raw, json)
Hash identifier: GEmp1MKZo9/8qGJE3n6qLsySkg4NgBvqDB/7ZYXUe3o=
Subject key identifier: 98:23:0E:8A:F6:4C:6B:41:63:E3:35:8D:30:CE:FB:EA:8D:DC:CD:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018565EC99432F7B6D3721D8B21E637A2CB9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mCMOivZMa0Fj4zWNMM776o3czTY.roa
Signing time: Sat 31 Dec 2022 02:04:42 +0000
ROA not before: Sat 31 Dec 2022 02:04:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:65:ec:99:43:2f:7b:6d:37:21:d8:b2:1e:63:7a:2c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 31 02:04:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98230e8af64c6b4163e3358d30cefbea8ddccd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:f0:50:3a:70:ae:f4:0a:56:75:25:fd:42:
fe:fb:77:9d:12:f8:2f:32:44:8f:f0:b5:60:e5:8e:
b9:69:79:4e:0a:91:d6:f2:34:06:82:1d:68:7d:f5:
8f:f5:24:c7:68:ae:0e:e3:05:68:e8:3c:d3:da:e6:
65:6c:d2:cf:69:e1:8f:1c:27:56:9b:49:21:a5:36:
99:68:26:1a:5b:cb:ab:58:ee:03:26:36:6c:99:79:
b6:af:02:8c:af:03:b1:c0:41:18:e3:68:fe:62:75:
48:8c:c5:c9:df:19:f4:ea:6d:e9:90:db:fb:1e:93:
72:67:5d:d2:3b:45:13:c1:99:00:64:19:28:8d:55:
63:1d:9d:6c:2d:52:2a:73:7f:ee:c2:7a:1c:46:9a:
31:68:07:8b:e0:cb:dc:bc:ca:68:f8:16:53:74:a1:
ec:3a:1a:56:85:00:a0:22:fe:b0:51:96:b0:f3:0e:
4b:74:ab:57:eb:c7:fd:81:8d:f8:22:b9:4a:60:71:
bf:09:78:df:ca:21:0d:6a:91:60:28:15:02:5e:cc:
98:28:ac:cf:f5:fd:fb:d6:68:8d:89:71:4a:68:dc:
f8:10:12:b1:b7:3a:5f:a8:a0:a8:c6:b4:c8:8a:cc:
c9:6d:20:63:04:a0:35:a0:00:56:ef:cb:3e:e8:2b:
98:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:23:0E:8A:F6:4C:6B:41:63:E3:35:8D:30:CE:FB:EA:8D:DC:CD:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mCMOivZMa0Fj4zWNMM776o3czTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
a5:64:49:62:cb:6a:77:84:cd:c4:ce:6c:ee:34:32:d6:a2:7e:
fd:97:29:3c:e7:90:c5:d8:67:2b:43:16:54:c4:ab:12:fd:a0:
f7:cb:af:35:79:90:e0:26:a8:f6:33:ff:4f:9e:b4:88:b9:41:
86:86:51:c1:7a:0d:cf:e1:4e:63:cc:02:3c:78:cd:1e:f0:5e:
69:d3:54:40:d1:3e:60:35:40:d5:9d:3c:a1:b1:27:db:33:3f:
b9:c7:f2:2a:70:f7:14:3c:67:e4:b1:08:8f:a3:ff:cc:3f:cd:
9f:7e:95:86:5f:bf:38:67:3e:f6:bf:7b:94:35:46:88:d1:3e:
73:c2:b9:2a:dd:0a:aa:88:55:dd:74:01:c2:68:7f:11:c7:58:
31:bd:36:b4:58:d6:5e:5a:2f:9f:45:28:de:3a:bc:5f:d0:18:
d4:8d:fd:62:b6:29:e0:60:46:c5:65:7b:dd:8a:5c:6c:d7:a1:
d2:58:fc:87:04:3d:57:d3:44:05:9c:39:d2:48:6b:be:2b:83:
3a:eb:c6:af:27:15:cc:cc:f2:26:59:fc:04:bf:6c:69:42:50:
45:6d:59:e9:ce:f1:1c:26:3e:40:98:95:b6:d2:29:7f:b2:7b:
a2:03:9a:1d:9a:c0:b0:bd:dd:49:01:03:aa:54:6b:47:04:5e:
cb:32:eb:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVl7JlDL3ttNyHYsh5jeiy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjMxMDIwNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIzMGU4YWY2NGM2YjQxNjNlMzM1OGQzMGNlZmJlYThkZGNjZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnufwUDpwrvQKVnUl/UL++3edEvgv
MkSP8LVg5Y65aXlOCpHW8jQGgh1offWP9STHaK4O4wVo6DzT2uZlbNLPaeGPHCdW
m0khpTaZaCYaW8urWO4DJjZsmXm2rwKMrwOxwEEY42j+YnVIjMXJ3xn06m3pkNv7
HpNyZ13SO0UTwZkAZBkojVVjHZ1sLVIqc3/uwnocRpoxaAeL4MvcvMpo+BZTdKHs
OhpWhQCgIv6wUZaw8w5LdKtX68f9gY34IrlKYHG/CXjfyiENapFgKBUCXsyYKKzP
9f371miNiXFKaNz4EBKxtzpfqKCoxrTIiszJbSBjBKA1oABW78s+6CuYyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJgjDor2TGtBY+M1jTDO++qN3M02MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbUNNT2l2Wk1hMEZqNHpXTk1NNzc2bzNjelRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQClZEliy2p3hM3EzmzuNDLWon79lyk855DF2Gcr
QxZUxKsS/aD3y681eZDgJqj2M/9PnrSIuUGGhlHBeg3P4U5jzAI8eM0e8F5p01RA
0T5gNUDVnTyhsSfbMz+5x/IqcPcUPGfksQiPo//MP82ffpWGX784Zz72v3uUNUaI
0T5zwrkq3QqqiFXddAHCaH8Rx1gxvTa0WNZeWi+fRSjeOrxf0BjUjf1itingYEbF
ZXvdilxs16HSWPyHBD1X00QFnDnSSGu+K4M668avJxXMzPImWfwEv2xpQlBFbVnp
zvEcJj5AmJW20il/snuiA5odmsCwvd1JAQOqVGtHBF7LMutT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org