Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mhDpijcGvopQ34B7XXr0nr1-RxQ.roa
File: mhDpijcGvopQ34B7XXr0nr1-RxQ.roa (raw, json)
Hash identifier: ZUMafriS6FWkkWLajd/gl3jIZAEoiOEzba0g3slQDXA=
Subject key identifier: 9A:10:E9:8A:37:06:BE:8A:50:DF:80:7B:5D:7A:F4:9E:BD:7E:47:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182C603DCBDB1972505B599CA327A62322B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mhDpijcGvopQ34B7XXr0nr1-RxQ.roa
Signing time: Mon 22 Aug 2022 14:45:17 +0000
ROA not before: Mon 22 Aug 2022 14:45:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139989
IP address blocks: 2a0e:97c0:371::/48 maxlen: 48
2a10:cc40:111::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:03:dc:bd:b1:97:25:05:b5:99:ca:32:7a:62:32:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 22 14:45:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a10e98a3706be8a50df807b5d7af49ebd7e4714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:2b:be:21:12:6e:46:51:77:0d:d3:0b:c5:
f1:c7:65:35:3a:17:cb:68:3a:cf:85:3d:e0:2f:00:
48:e4:64:6e:d2:eb:4a:79:ff:28:fa:03:97:4a:f2:
b2:02:32:51:76:f8:ca:3e:f4:2f:4d:57:77:82:1d:
cb:5c:dc:17:cd:e3:77:e1:33:b0:a3:34:8d:ae:59:
b1:25:8c:be:cb:3d:7a:17:2c:88:8a:ed:74:ae:10:
51:97:dc:3a:36:c4:7c:a4:15:0c:7e:e3:c1:89:c7:
c6:dd:79:9d:83:56:61:41:b0:a0:6b:34:31:90:36:
dd:dd:02:3d:4f:76:9d:c1:99:10:e4:c7:3b:ab:c8:
30:df:df:1a:24:5b:39:a7:c1:19:de:a2:be:73:2c:
7f:e9:bb:d4:58:88:24:1c:ae:6a:0b:15:31:66:01:
78:19:98:62:a1:f6:45:25:9d:c5:88:22:95:b4:e8:
8d:6c:17:af:a6:6d:d9:43:35:d0:d5:5e:2c:47:68:
8a:6e:6e:9e:f6:32:e1:c1:2e:00:0d:de:57:ae:5f:
12:81:70:66:06:85:a7:25:ae:52:1a:bf:f3:38:16:
c0:4c:34:71:63:16:80:57:e0:b1:48:9d:3e:57:55:
ef:a8:58:03:e8:8a:cd:e7:78:df:ba:9b:00:7b:92:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:10:E9:8A:37:06:BE:8A:50:DF:80:7B:5D:7A:F4:9E:BD:7E:47:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mhDpijcGvopQ34B7XXr0nr1-RxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:371::/48
2a10:cc40:111::/48
Signature Algorithm: sha256WithRSAEncryption
c0:0c:92:34:81:88:1c:95:cf:a6:a9:da:b6:18:73:66:31:3c:
dc:83:11:32:ac:42:22:ce:ad:bc:9d:40:ec:53:04:07:54:b7:
23:5a:cf:d8:06:ad:98:fe:1f:9e:0b:be:17:98:f5:14:ab:3f:
29:25:1f:3d:ca:b6:41:be:f7:4d:be:26:bc:47:2a:7a:94:03:
dc:78:c9:ec:73:ee:82:3d:12:31:65:07:c7:3a:ef:8a:f1:c1:
ed:1a:13:b6:f2:68:90:38:0a:f7:e3:c0:47:22:2a:0c:81:6d:
c0:d8:7d:a4:61:fe:46:d4:b5:fe:56:47:af:2c:bd:33:be:df:
8c:7a:32:db:d8:f6:e3:b3:39:a3:fc:5b:98:91:90:cf:80:e7:
14:85:52:ed:41:1a:f5:d7:1e:30:e9:aa:76:d8:9a:a5:9e:b5:
be:97:0d:a2:0c:96:d3:75:0a:35:9c:1c:dd:64:ad:05:6b:1a:
5c:07:47:8b:5b:11:f3:10:b9:e5:7c:37:32:35:dd:e6:23:d4:
51:a4:66:d6:74:55:aa:43:8f:95:d1:1f:56:94:fe:4f:6a:c8:
32:d2:00:fe:86:68:68:f7:f0:20:2e:72:fd:c3:36:62:04:a3:
49:bd:4a:a1:ca:6b:42:78:14:d0:c5:0e:59:a8:13:37:7c:4a:
ff:57:84:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLGA9y9sZclBbWZyjJ6YjIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODIyMTQ0NTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTEwZTk4YTM3MDZiZThhNTBkZjgwN2I1ZDdhZjQ5ZWJkN2U0NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZwrviESbkZRdw3TC8Xxx2U1OhfL
aDrPhT3gLwBI5GRu0utKef8o+gOXSvKyAjJRdvjKPvQvTVd3gh3LXNwXzeN34TOw
ozSNrlmxJYy+yz16FyyIiu10rhBRl9w6NsR8pBUMfuPBicfG3Xmdg1ZhQbCgazQx
kDbd3QI9T3adwZkQ5Mc7q8gw398aJFs5p8EZ3qK+cyx/6bvUWIgkHK5qCxUxZgF4
GZhiofZFJZ3FiCKVtOiNbBevpm3ZQzXQ1V4sR2iKbm6e9jLhwS4ADd5Xrl8SgXBm
BoWnJa5SGr/zOBbATDRxYxaAV+CxSJ0+V1XvqFgD6IrN53jfupsAe5IbFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJoQ6Yo3Br6KUN+Ae1169J69fkcUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWhEcGlqY0d2b3BRMzRCN1hYcjBucjEtUnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwANx
AwcAKhDMQAERMA0GCSqGSIb3DQEBCwUAA4IBAQDADJI0gYgclc+mqdq2GHNmMTzc
gxEyrEIizq28nUDsUwQHVLcjWs/YBq2Y/h+eC74XmPUUqz8pJR89yrZBvvdNvia8
Ryp6lAPceMnsc+6CPRIxZQfHOu+K8cHtGhO28miQOAr348BHIioMgW3A2H2kYf5G
1LX+VkevLL0zvt+MejLb2Pbjszmj/FuYkZDPgOcUhVLtQRr11x4w6ap22JqlnrW+
lw2iDJbTdQo1nBzdZK0FaxpcB0eLWxHzELnlfDcyNd3mI9RRpGbWdFWqQ4+V0R9W
lP5Pasgy0gD+hmho9/AgLnL9wzZiBKNJvUqhymtCeBTQxQ5ZqBM3fEr/V4Tp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org