Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mdB7wy7qQuqAsJx5fwhxWuriCXg.roa
File: mdB7wy7qQuqAsJx5fwhxWuriCXg.roa (raw, json)
Hash identifier: Ezb1OaVU946LBw1XJCMWUtwrwbFpCVhJbVjvouVX1Jc=
Subject key identifier: 99:D0:7B:C3:2E:EA:42:EA:80:B0:9C:79:7F:08:71:5A:EA:E2:09:78
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184012F12A4A76EF5AA20D5778D88A2B125
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mdB7wy7qQuqAsJx5fwhxWuriCXg.roa
Signing time: Sat 22 Oct 2022 19:32:52 +0000
ROA not before: Sat 22 Oct 2022 19:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207556
IP address blocks: 2a0e:b100:100::/48 maxlen: 48
2a10:2f00:181::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:01:2f:12:a4:a7:6e:f5:aa:20:d5:77:8d:88:a2:b1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 22 19:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99d07bc32eea42ea80b09c797f08715aeae20978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:18:af:01:cc:d4:35:70:f4:11:db:c1:cc:
a5:81:6a:d8:9e:6e:b9:0d:fd:68:4c:60:59:da:91:
c3:a4:04:db:c2:09:af:86:dc:d5:f5:b4:d8:a2:e2:
8f:97:3f:6f:31:43:c5:1a:41:ab:85:d9:93:22:82:
72:92:7d:68:24:80:e2:b9:86:f2:d8:b2:98:59:54:
fd:2f:c8:be:25:14:17:23:d7:7c:8b:de:c8:60:96:
0f:e3:ab:a9:12:44:12:34:6b:cf:8d:4e:02:93:1f:
f9:67:b7:32:11:cb:46:28:0c:43:f3:e2:8a:bc:e3:
26:40:c6:90:e4:8d:2f:e5:d3:a5:2b:5b:b6:a3:9b:
36:94:70:ad:d4:c5:df:16:39:d3:bb:7c:81:e2:af:
ec:d7:e1:75:a2:27:9c:30:58:53:35:60:7a:ec:24:
c5:be:9c:bc:31:2c:7a:e4:88:94:c7:87:32:37:72:
7b:56:95:28:34:e9:33:57:22:71:0a:27:f5:a3:06:
a9:df:26:f7:31:ec:f3:8c:85:a4:7c:e0:fb:d2:5f:
d2:06:f8:b5:d8:37:e3:f0:c6:d9:6f:13:1c:2b:7c:
be:4b:55:c5:a4:c7:c6:9a:ef:b2:ca:9f:3e:f0:56:
0e:e5:b8:89:d8:99:9a:7a:60:4a:d9:ad:f9:e0:b5:
ea:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D0:7B:C3:2E:EA:42:EA:80:B0:9C:79:7F:08:71:5A:EA:E2:09:78
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mdB7wy7qQuqAsJx5fwhxWuriCXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b100:100::/48
2a10:2f00:181::/48
Signature Algorithm: sha256WithRSAEncryption
94:e2:5f:bb:be:cb:34:83:a3:99:8e:78:75:c4:3f:e3:c8:11:
29:77:fd:8f:2f:2b:1a:e7:44:2f:11:bf:96:74:3a:bf:f1:d4:
c7:cf:5e:6d:3d:c4:62:71:ad:8f:45:28:0f:10:91:10:b0:d6:
7e:98:aa:cb:95:4d:0b:3a:b5:f8:a2:ea:60:0f:3e:97:4c:e2:
d2:0e:80:cc:cf:dd:1e:da:b1:8d:d1:0a:9b:ae:0d:3c:3d:8f:
24:6f:83:e1:a1:56:01:28:a8:10:c7:26:0c:1f:ca:c1:47:34:
b4:80:b7:04:d4:d5:aa:56:dc:3f:55:61:a2:51:3f:60:94:a9:
7c:fc:f9:7a:44:e9:0a:d4:5e:51:92:b5:3b:31:3a:f5:32:50:
e2:f4:9e:54:8f:73:0d:40:ba:16:13:25:af:a1:b2:0f:63:cf:
15:62:f0:3a:e2:a0:79:e2:cc:5a:7a:ca:ea:49:1c:6f:a4:11:
0a:7f:80:42:2f:7b:07:ed:56:98:e1:e0:86:19:30:62:c9:63:
57:53:4a:80:e9:17:f9:46:97:38:55:55:6e:31:5f:dd:65:b2:
f6:fa:50:b9:3a:5b:5c:2e:d2:86:b4:c5:c4:f5:f7:64:2e:3e:
2c:25:fd:17:08:80:fc:89:8e:c2:72:45:cf:45:a4:61:34:c9:
45:d6:a8:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQBLxKkp271qiDVd42IorElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIyMTkzMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQwN2JjMzJlZWE0MmVhODBiMDljNzk3ZjA4NzE1YWVhZTIwOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjcYrwHM1DVw9BHbwcylgWrYnm65
Df1oTGBZ2pHDpATbwgmvhtzV9bTYouKPlz9vMUPFGkGrhdmTIoJykn1oJIDiuYby
2LKYWVT9L8i+JRQXI9d8i97IYJYP46upEkQSNGvPjU4Ckx/5Z7cyEctGKAxD8+KK
vOMmQMaQ5I0v5dOlK1u2o5s2lHCt1MXfFjnTu3yB4q/s1+F1oiecMFhTNWB67CTF
vpy8MSx65IiUx4cyN3J7VpUoNOkzVyJxCif1owap3yb3MezzjIWkfOD70l/SBvi1
2Dfj8MbZbxMcK3y+S1XFpMfGmu+yyp8+8FYO5biJ2JmaemBK2a354LXqQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJnQe8Mu6kLqgLCceX8IcVrq4gl4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWRCN3d5N3FRdXFBc0p4NWZ3aHhXdXJpQ1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xAAEA
AwcAKhAvAAGBMA0GCSqGSIb3DQEBCwUAA4IBAQCU4l+7vss0g6OZjnh1xD/jyBEp
d/2PLysa50QvEb+WdDq/8dTHz15tPcRica2PRSgPEJEQsNZ+mKrLlU0LOrX4oupg
Dz6XTOLSDoDMz90e2rGN0Qqbrg08PY8kb4PhoVYBKKgQxyYMH8rBRzS0gLcE1NWq
Vtw/VWGiUT9glKl8/Pl6ROkK1F5RkrU7MTr1MlDi9J5Uj3MNQLoWEyWvobIPY88V
YvA64qB54sxaesrqSRxvpBEKf4BCL3sH7VaY4eCGGTBiyWNXU0qA6Rf5Rpc4VVVu
MV/dZbL2+lC5OltcLtKGtMXE9fdkLj4sJf0XCID8iY7CckXPRaRhNMlF1qiK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org