Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mzYHtfXPZU2m-GWzFwhlqPEzud8.roa
File: mzYHtfXPZU2m-GWzFwhlqPEzud8.roa (raw, json)
Hash identifier: GiA61Jrbv05DsZaPhqonV1pr3XWJ+lzjFI7pjggysbc=
Subject key identifier: 9B:36:07:B5:F5:CF:65:4D:A6:F8:65:B3:17:08:65:A8:F1:33:B9:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01843D763F908D5848FD84D3EC602B997853
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mzYHtfXPZU2m-GWzFwhlqPEzud8.roa
Signing time: Thu 03 Nov 2022 12:27:50 +0000
ROA not before: Thu 03 Nov 2022 12:27:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210969
IP address blocks: 2a0e:97c0:500::/48 maxlen: 48
2a0e:97c0:503::/48 maxlen: 48
2a0e:97c0:501::/48 maxlen: 48
2a0e:97c0:502::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:76:3f:90:8d:58:48:fd:84:d3:ec:60:2b:99:78:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 3 12:27:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b3607b5f5cf654da6f865b3170865a8f133b9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:61:99:a1:86:5d:3e:08:2c:8c:31:2d:18:22:
04:4c:07:de:e5:f3:f2:c9:13:22:e1:c3:72:07:cc:
64:22:a1:f8:0c:26:2b:dc:91:d2:e6:73:a1:a6:f5:
ba:ee:e7:5f:5d:13:03:0d:16:9f:44:c3:9b:f9:98:
9a:05:12:3b:64:35:cf:ea:c7:b4:2b:97:e1:2f:96:
33:ec:e4:79:f3:ee:97:41:3d:25:e5:b5:10:e1:c8:
d5:8c:1b:44:cd:5d:6d:a8:f6:f0:b0:4c:49:db:cc:
67:13:5d:50:92:0a:37:e9:fc:7a:76:5f:91:87:9e:
c6:c9:22:39:20:93:1f:f1:8c:6c:fc:91:d7:47:b4:
04:e4:c8:16:24:d4:1a:a6:ac:db:d4:6b:8b:06:85:
26:63:5f:3a:85:80:5d:e6:16:a3:6f:0c:f9:71:d9:
ce:72:41:55:a7:ec:98:92:ac:68:0b:1c:1a:2f:fb:
c0:53:98:17:f6:93:d6:13:82:07:48:88:45:ec:86:
04:7c:1b:4f:44:70:8b:c0:dc:3c:9c:6d:a3:12:79:
a7:1c:89:3f:c1:e0:8e:dc:d2:c5:18:33:e6:ad:3c:
fa:7a:d3:4a:33:cd:94:1d:46:95:98:b9:e8:36:f9:
cf:49:a6:c9:c5:63:e4:98:4d:5c:89:c8:40:8a:1e:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:36:07:B5:F5:CF:65:4D:A6:F8:65:B3:17:08:65:A8:F1:33:B9:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mzYHtfXPZU2m-GWzFwhlqPEzud8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:500::/46
Signature Algorithm: sha256WithRSAEncryption
68:7a:29:7c:6c:88:7d:a0:df:1a:32:e9:82:70:6e:35:ed:74:
26:41:54:9d:f1:fb:b0:80:89:74:1f:bf:1b:a9:9d:5b:e4:94:
b2:a7:f6:c5:ee:ab:a0:5a:ea:6b:7e:b7:ec:d7:d1:e8:eb:bc:
c7:b9:1c:8d:e3:68:bc:66:34:03:5c:ca:74:bd:7d:72:ed:ff:
06:df:67:ed:30:67:3b:3b:88:a7:21:22:73:6a:d3:1d:5b:98:
a7:fb:bb:84:d0:8d:d7:e6:1a:13:9f:e4:cb:d4:ab:6c:14:10:
f2:0a:c4:9f:69:90:e7:92:7c:0e:aa:0b:b1:b1:83:a7:af:a0:
19:20:ae:c8:fb:d1:79:b8:62:66:bc:ab:42:a5:29:ce:cf:6d:
92:a5:b5:de:c4:8f:2e:0c:a9:26:5a:f5:5a:db:75:23:ed:59:
f3:c8:d5:f9:64:0e:41:dd:a1:de:8a:cf:a3:e3:92:9f:13:e6:
db:c4:6d:61:fd:66:8f:53:1a:df:71:58:31:ab:4b:f8:92:10:
5d:dd:a1:bb:0e:61:f1:7d:6c:24:48:22:7d:ed:b8:9b:92:9c:
8a:eb:a1:0a:7e:e0:50:5c:49:29:a9:2e:06:16:be:3c:85:85:
3c:87:72:c8:30:2e:7b:bb:88:c5:d8:ee:91:10:cf:b6:76:ff:
be:20:3f:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQ9dj+QjVhI/YTT7GArmXhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTAzMTIyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM2MDdiNWY1Y2Y2NTRkYTZmODY1YjMxNzA4NjVhOGYxMzNiOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWGZoYZdPggsjDEtGCIETAfe5fPy
yRMi4cNyB8xkIqH4DCYr3JHS5nOhpvW67udfXRMDDRafRMOb+ZiaBRI7ZDXP6se0
K5fhL5Yz7OR58+6XQT0l5bUQ4cjVjBtEzV1tqPbwsExJ28xnE11Qkgo36fx6dl+R
h57GySI5IJMf8Yxs/JHXR7QE5MgWJNQapqzb1GuLBoUmY186hYBd5hajbwz5cdnO
ckFVp+yYkqxoCxwaL/vAU5gX9pPWE4IHSIhF7IYEfBtPRHCLwNw8nG2jEnmnHIk/
weCO3NLFGDPmrTz6etNKM82UHUaVmLnoNvnPSabJxWPkmE1cichAih41AwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJs2B7X1z2VNpvhlsxcIZajxM7nfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbXpZSHRmWFBaVTJtLUdXekZ3aGxxUEV6dWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XwAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBoeil8bIh9oN8aMumCcG417XQmQVSd8fuwgIl0
H78bqZ1b5JSyp/bF7qugWuprfrfs19Ho67zHuRyN42i8ZjQDXMp0vX1y7f8G32ft
MGc7O4inISJzatMdW5in+7uE0I3X5hoTn+TL1KtsFBDyCsSfaZDnknwOqguxsYOn
r6AZIK7I+9F5uGJmvKtCpSnOz22SpbXexI8uDKkmWvVa23Uj7VnzyNX5ZA5B3aHe
is+j45KfE+bbxG1h/WaPUxrfcVgxq0v4khBd3aG7DmHxfWwkSCJ97bibkpyK66EK
fuBQXEkpqS4GFr48hYU8h3LIMC57u4jF2O6REM+2dv++ID/A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org