Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mKQCS7ucZ2UpAlkQxiPYioYeZeA.roa
File: mKQCS7ucZ2UpAlkQxiPYioYeZeA.roa (raw, json)
Hash identifier: xo3+1d/8HV3zACv9zxqIqkA7hovHUV2NwLYMfx+nghc=
Subject key identifier: 98:A4:02:4B:BB:9C:67:65:29:02:59:10:C6:23:D8:8A:86:1E:65:E0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13694461
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mKQCS7ucZ2UpAlkQxiPYioYeZeA.roa
Signing time: Sat 02 Apr 2022 13:06:16 +0000
ROA not before: Sat 02 Apr 2022 13:06:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206981
IP address blocks: 2a0e:97c0:6a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325665889 (0x13694461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 2 13:06:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98a4024bbb9c676529025910c623d88a861e65e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a6:bc:14:85:87:31:61:69:5f:52:9d:0b:19:
10:de:27:60:f7:b3:53:24:ff:9e:b7:3d:e4:f8:3b:
d3:e7:da:d2:4e:77:fe:c2:90:ba:01:e6:be:36:03:
18:46:17:3d:6a:af:5f:3d:23:8a:2b:6d:e5:db:3a:
29:91:b8:c0:2d:b8:ed:b8:3c:96:d0:09:5f:47:9d:
e4:fd:a0:9f:aa:b3:13:a6:ad:7a:3b:b8:a6:69:c1:
4d:a5:33:c1:68:f2:98:d8:e2:b0:e6:4e:bc:13:da:
8c:9e:c9:ef:cc:b2:f3:db:4e:e9:d4:c0:2f:46:48:
0d:c1:fe:2f:f2:17:ec:79:ae:a5:25:83:cc:a8:4b:
b7:b5:4e:95:ba:fe:08:16:11:b7:00:ad:ab:15:e2:
e2:58:9d:5f:2c:99:7e:15:7b:8a:35:23:18:e9:7b:
a2:3c:d7:b4:c7:3b:59:5a:67:72:a5:b2:6f:f3:a4:
42:c7:b4:df:66:81:86:af:69:31:a7:5f:21:f1:2b:
c6:4d:7e:b5:54:e9:8c:a7:92:66:63:4c:26:59:da:
88:a7:ac:ce:37:98:da:6d:d9:ae:ce:e5:9a:ad:66:
7b:40:67:3f:76:af:73:ee:75:74:11:14:1e:34:61:
09:48:62:a5:d3:42:55:0f:1f:73:03:94:fe:43:6b:
4c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A4:02:4B:BB:9C:67:65:29:02:59:10:C6:23:D8:8A:86:1E:65:E0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mKQCS7ucZ2UpAlkQxiPYioYeZeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6a0::/48
Signature Algorithm: sha256WithRSAEncryption
57:96:4a:85:5c:e9:89:99:54:1f:62:85:46:c8:f4:c6:91:3f:
19:0c:7f:ae:12:58:89:f8:18:bb:70:ef:aa:3d:77:15:16:88:
04:05:b9:72:aa:52:71:70:e8:b8:e2:4f:22:98:24:e9:dd:a7:
4a:8d:1e:41:dd:59:2b:32:7a:1b:03:bc:ce:2e:a4:0b:5b:11:
ec:a0:de:f5:b4:80:55:e7:4e:13:b4:fb:a4:ad:ce:6d:ae:60:
07:7f:47:bd:c4:37:c4:aa:f5:34:c8:93:4b:1c:e4:43:02:52:
98:53:26:6e:9a:98:f0:b0:93:01:79:14:75:55:98:22:6f:df:
c8:d8:0c:29:43:e9:ac:20:f2:14:e4:20:34:29:d8:66:e3:d4:
c8:ac:26:a3:0d:3c:bc:b6:07:4b:3c:ab:1e:2f:8a:3d:48:6b:
7d:dc:29:69:c5:8f:83:3e:01:0c:6d:bf:e2:41:75:b2:ec:b7:
12:49:a0:f6:23:2a:77:d1:6e:ee:fc:a6:9a:5a:5d:8b:fe:4e:
79:77:ed:4c:9f:cc:9e:ea:5c:9e:7a:f4:b2:9f:38:b2:c5:7e:
ba:d0:d8:d9:35:3a:50:79:5b:0c:06:7f:c8:99:0e:9f:b1:fb:
91:f6:cc:94:a3:20:74:41:50:82:7a:06:79:c8:85:8a:1a:a0:
4a:36:b4:58
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE2lEYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
MjEzMDYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThhNDAyNGJiYjlj
Njc2NTI5MDI1OTEwYzYyM2Q4OGE4NjFlNjVlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqmvBSFhzFhaV9SnQsZEN4nYPezUyT/nrc95Pg70+fa0k53
/sKQugHmvjYDGEYXPWqvXz0jiitt5ds6KZG4wC247bg8ltAJX0ed5P2gn6qzE6at
eju4pmnBTaUzwWjymNjisOZOvBPajJ7J78yy89tO6dTAL0ZIDcH+L/IX7HmupSWD
zKhLt7VOlbr+CBYRtwCtqxXi4lidXyyZfhV7ijUjGOl7ojzXtMc7WVpncqWyb/Ok
Qse032aBhq9pMadfIfErxk1+tVTpjKeSZmNMJlnaiKeszjeY2m3Zrs7lmq1me0Bn
P3avc+51dBEUHjRhCUhipdNCVQ8fcwOU/kNrTPUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSYpAJLu5xnZSkCWRDGI9iKhh5l4DAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L21LUUNTN3VjWjJVcEFsa1F4aVBZaW9ZZVplQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOl8AGoDANBgkqhkiG9w0BAQsF
AAOCAQEAV5ZKhVzpiZlUH2KFRsj0xpE/GQx/rhJYifgYu3Dvqj13FRaIBAW5cqpS
cXDouOJPIpgk6d2nSo0eQd1ZKzJ6GwO8zi6kC1sR7KDe9bSAVedOE7T7pK3Oba5g
B39HvcQ3xKr1NMiTSxzkQwJSmFMmbpqY8LCTAXkUdVWYIm/fyNgMKUPprCDyFOQg
NCnYZuPUyKwmow08vLYHSzyrHi+KPUhrfdwpacWPgz4BDG2/4kF1suy3Ekmg9iMq
d9Fu7vymmlpdi/5OeXftTJ/Mnupcnnr0sp84ssV+utDY2TU6UHlbDAZ/yJkOn7H7
kfbMlKMgdEFQgnoGeciFihqgSja0WA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org