Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nENCgI8wVa1P_iOTILAnDuLNK9s.roa
File: nENCgI8wVa1P_iOTILAnDuLNK9s.roa (raw, json)
Hash identifier: qKUtxuiz+J9f98oKzX3HGYI8jRzufXf44IxvvURaxQQ=
Subject key identifier: 9C:43:42:80:8F:30:55:AD:4F:FE:23:93:20:B0:27:0E:E2:CD:2B:DB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01833D00F8141E6BEC06768D56E8EA0F7BF5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nENCgI8wVa1P_iOTILAnDuLNK9s.roa
Signing time: Wed 14 Sep 2022 17:16:57 +0000
ROA not before: Wed 14 Sep 2022 17:16:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211946
IP address blocks: 2a0e:97c0:145::/48 maxlen: 48
2a0e:b107:1c32::/48 maxlen: 48
2a0e:97c0:143::/48 maxlen: 48
2a0e:97c0:141::/48 maxlen: 48
2a0e:b107:1c31::/48 maxlen: 48
2a0e:97c0:144::/48 maxlen: 48
2a0e:b107:1c36::/48 maxlen: 48
2a0e:b107:1c33::/48 maxlen: 48
2a0e:97c0:142::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3d:00:f8:14:1e:6b:ec:06:76:8d:56:e8:ea:0f:7b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 14 17:16:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c4342808f3055ad4ffe239320b0270ee2cd2bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:24:da:79:20:cb:17:c0:3a:e4:84:34:6e:ce:
e1:3c:7a:ac:5e:1e:f5:6b:be:af:bc:e8:68:b2:35:
04:0a:9a:6c:36:30:4b:c5:b0:e4:7e:ee:5a:44:d4:
a5:4e:ea:80:a6:43:51:98:3a:b1:fe:ba:8c:84:66:
5e:ca:24:90:1c:74:bc:05:90:0e:b2:a5:3c:39:11:
81:68:87:bd:cf:7b:80:0d:e0:29:32:67:8a:b3:29:
ab:b1:f1:40:e1:b8:0f:76:78:7f:ec:c3:21:cc:6a:
4d:59:ab:27:cf:76:c9:d8:d0:81:5c:b5:6a:87:8a:
8a:10:14:6e:ec:d1:0a:b2:db:2c:26:3d:c6:3b:dd:
bf:cb:9a:c1:6f:71:72:85:f0:4f:a9:f8:d7:74:bd:
aa:c5:ca:4f:2c:63:09:a2:e7:c4:9e:08:c1:04:2a:
fe:63:63:a8:5b:e9:27:1d:5a:6c:d8:f4:e1:e5:7b:
ab:0c:7e:c2:c1:a3:3f:5c:51:fd:6c:ad:a5:24:bb:
af:a0:03:21:0c:3d:2c:c5:39:4e:0b:1c:e1:f1:e6:
b2:6d:d1:d4:db:42:a7:18:15:d7:5a:40:7c:66:ce:
17:89:97:bf:65:1b:b4:af:ab:71:cf:5a:c0:23:5b:
e3:68:1d:60:41:ac:63:ed:8c:28:73:65:02:e1:9c:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:43:42:80:8F:30:55:AD:4F:FE:23:93:20:B0:27:0E:E2:CD:2B:DB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nENCgI8wVa1P_iOTILAnDuLNK9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:141::-2a0e:97c0:145:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1c31::-2a0e:b107:1c33:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1c36::/48
Signature Algorithm: sha256WithRSAEncryption
91:ed:18:84:51:e0:34:e9:28:c4:9f:9c:2a:1d:6c:da:d6:11:
b1:21:a4:44:bb:58:9f:c7:7a:c6:04:aa:22:db:67:ce:82:63:
61:7b:5a:e8:9b:21:9e:fe:85:7f:15:fa:cf:79:ad:4a:88:8c:
16:b0:34:82:ba:77:1f:2f:4f:09:86:43:c9:90:ce:4c:bd:6a:
ff:49:8c:f4:a7:99:7b:a6:bc:f1:1d:44:8e:61:f4:54:30:81:
8b:64:8d:f0:79:6d:c0:39:71:ee:bd:44:6d:0b:c8:6a:46:3d:
cb:ab:14:9d:50:1d:1c:6f:6e:6e:3f:c5:8c:1d:49:75:23:11:
37:65:b2:41:db:39:db:cd:0e:53:2d:0a:7a:42:ba:bb:dd:96:
fe:51:a6:82:24:6b:4f:b8:3f:bc:b4:73:9c:8d:83:c1:3c:37:
f1:11:31:1d:23:49:4f:59:7d:ec:5a:b8:09:28:4a:1e:7e:bd:
cc:01:5d:90:eb:bd:2d:fe:b4:6e:cd:26:2b:a7:d0:80:23:9a:
9f:c1:ae:f2:02:44:98:ac:f3:1b:2b:c6:95:a0:50:c2:9b:44:
cf:b2:2d:50:9e:1a:6b:8a:87:12:37:5b:db:83:f5:db:29:b9:
db:df:fe:8f:0e:26:3d:73:ff:31:0e:43:e8:ea:79:ef:04:5a:
58:0d:ef:33
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYM9APgUHmvsBnaNVujqD3v1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTE0MTcxNjU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQzNDI4MDhmMzA1NWFkNGZmZTIzOTMyMGIwMjcwZWUyY2QyYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCTaeSDLF8A65IQ0bs7hPHqsXh71
a76vvOhosjUECppsNjBLxbDkfu5aRNSlTuqApkNRmDqx/rqMhGZeyiSQHHS8BZAO
sqU8ORGBaIe9z3uADeApMmeKsymrsfFA4bgPdnh/7MMhzGpNWasnz3bJ2NCBXLVq
h4qKEBRu7NEKstssJj3GO92/y5rBb3FyhfBPqfjXdL2qxcpPLGMJoufEngjBBCr+
Y2OoW+knHVps2PTh5XurDH7CwaM/XFH9bK2lJLuvoAMhDD0sxTlOCxzh8eaybdHU
20KnGBXXWkB8Zs4XiZe/ZRu0r6txz1rAI1vjaB1gQaxj7Ywoc2UC4ZzgXwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFJxDQoCPMFWtT/4jkyCwJw7izSvbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbkVOQ2dJOHdWYTFQX2lPVElMQW5EdUxOSzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwAqDpfA
AUEDBwEqDpfAAUQwEgMHACoOsQccMQMHAioOsQccMAMHACoOsQccNjANBgkqhkiG
9w0BAQsFAAOCAQEAke0YhFHgNOkoxJ+cKh1s2tYRsSGkRLtYn8d6xgSqIttnzoJj
YXta6Jshnv6FfxX6z3mtSoiMFrA0grp3Hy9PCYZDyZDOTL1q/0mM9KeZe6a88R1E
jmH0VDCBi2SN8HltwDlx7r1EbQvIakY9y6sUnVAdHG9ubj/FjB1JdSMRN2WyQds5
280OUy0KekK6u92W/lGmgiRrT7g/vLRznI2DwTw38RExHSNJT1l97Fq4CShKHn69
zAFdkOu9Lf60bs0mK6fQgCOan8Gu8gJEmKzzGyvGlaBQwptEz7ItUJ4aa4qHEjdb
24P12ym529/+jw4mPXP/MQ5D6Op57wRaWA3vMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org