Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nRGEl3aMlKOPsJum1HNdbr1DNw8.roa
File: nRGEl3aMlKOPsJum1HNdbr1DNw8.roa (raw, json)
Hash identifier: tMHEy5DqysnRnfM3EnI7VOO/0mdWSYsKrEj/aCbiJXs=
Subject key identifier: 9D:11:84:97:76:8C:94:A3:8F:B0:9B:A6:D4:73:5D:6E:BD:43:37:0F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184F04D3130A27F820B3473C60E0D91C497
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nRGEl3aMlKOPsJum1HNdbr1DNw8.roa
Signing time: Thu 08 Dec 2022 05:55:01 +0000
ROA not before: Thu 08 Dec 2022 05:55:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d20::/48 maxlen: 48
2a0e:b107:1d21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f0:4d:31:30:a2:7f:82:0b:34:73:c6:0e:0d:91:c4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 8 05:55:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d118497768c94a38fb09ba6d4735d6ebd43370f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c8:30:37:41:d2:d1:59:7d:32:e0:d2:07:82:
e5:57:e4:01:0f:89:76:14:b9:8a:3d:51:47:c8:3d:
a8:a9:26:3b:3f:c7:a6:14:6b:64:53:ba:ce:f9:8b:
7b:86:36:37:30:b9:fe:38:9d:d7:97:74:3d:07:87:
b4:c4:82:4f:8a:4d:d5:32:f4:1b:ef:13:b5:0a:a1:
cb:6b:e7:83:e8:1e:60:8b:c0:f4:a8:6d:9c:03:af:
75:79:c4:78:72:eb:03:8e:53:e7:d3:41:e7:95:13:
9c:38:f9:2b:81:24:2c:9a:e4:07:64:67:0e:81:31:
50:12:c6:f6:0d:cc:31:06:f8:d3:65:7a:3a:20:fd:
3f:56:b3:8f:10:25:08:56:d8:f5:9d:16:70:92:a5:
d6:b2:5a:2f:5a:dd:0d:8b:ec:91:b4:1e:91:cb:d4:
e8:de:fb:76:87:21:a9:34:2b:c9:23:7f:05:3e:46:
dd:ec:d9:a5:31:4c:b1:82:9e:53:bc:90:a3:06:ef:
08:d3:1f:d5:0e:91:53:bd:3d:0f:a6:09:85:5d:93:
81:18:4f:2a:ad:01:a6:c9:4d:f7:8f:54:ea:5c:a7:
f2:03:35:87:44:68:c0:c0:ff:4b:a2:d0:b4:8b:d8:
47:2a:d2:9e:36:06:c3:a3:40:49:2e:46:de:b0:9a:
d7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:11:84:97:76:8C:94:A3:8F:B0:9B:A6:D4:73:5D:6E:BD:43:37:0F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nRGEl3aMlKOPsJum1HNdbr1DNw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d20::/47
Signature Algorithm: sha256WithRSAEncryption
24:cc:cc:7c:7c:3c:2e:46:ab:ef:2b:d4:19:83:a6:7f:5b:08:
29:c9:b2:e2:9a:8f:b9:a7:a3:45:31:c1:30:2c:34:8e:0b:7c:
3c:5a:6d:0e:c3:42:ef:0a:e2:5d:61:c8:82:dd:53:04:b1:b4:
b7:c4:59:07:12:1a:ff:c9:3d:18:60:24:4e:19:f9:5d:f7:e6:
59:e2:c8:2c:c9:d5:82:0b:8d:db:61:10:38:20:f1:b3:18:2c:
c3:db:4c:88:7b:87:fb:0f:22:5b:4c:b6:b3:c0:cc:c7:d0:1f:
f0:d7:f1:7b:fa:7b:3a:81:6d:b8:ef:36:ea:77:57:d1:93:b0:
4a:c0:9d:64:b7:d9:93:a0:04:ff:32:da:6f:11:9d:0c:6f:d0:
54:05:d6:62:cb:c4:49:53:ae:ce:12:f3:1b:00:72:48:b7:55:
83:cf:f2:62:0a:90:10:ca:46:af:43:cb:ea:c9:7d:03:5e:d7:
68:1c:cd:7f:4e:03:0d:05:b7:ef:d0:48:5f:76:6a:48:a8:34:
0a:d3:6a:0e:1e:6b:55:bc:c9:49:77:70:09:b2:db:26:cc:99:
2f:d2:fa:8a:95:d9:10:76:df:22:47:03:75:67:6d:a2:6a:6a:
50:ee:3d:d4:0a:5b:6f:bf:83:d8:16:26:89:ed:e9:23:20:d1:
fd:7f:f5:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTwTTEwon+CCzRzxg4NkcSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA4MDU1NTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDExODQ5Nzc2OGM5NGEzOGZiMDliYTZkNDczNWQ2ZWJkNDMzNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMgwN0HS0Vl9MuDSB4LlV+QBD4l2
FLmKPVFHyD2oqSY7P8emFGtkU7rO+Yt7hjY3MLn+OJ3Xl3Q9B4e0xIJPik3VMvQb
7xO1CqHLa+eD6B5gi8D0qG2cA691ecR4cusDjlPn00HnlROcOPkrgSQsmuQHZGcO
gTFQEsb2DcwxBvjTZXo6IP0/VrOPECUIVtj1nRZwkqXWslovWt0Ni+yRtB6Ry9To
3vt2hyGpNCvJI38FPkbd7NmlMUyxgp5TvJCjBu8I0x/VDpFTvT0PpgmFXZOBGE8q
rQGmyU33j1TqXKfyAzWHRGjAwP9LotC0i9hHKtKeNgbDo0BJLkbesJrXFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ0RhJd2jJSjj7CbptRzXW69QzcPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvblJHRWwzYU1sS09Qc0p1bTFITmRicjFETnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBx0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAkzMx8fDwuRqvvK9QZg6Z/WwgpybLimo+5p6NF
McEwLDSOC3w8Wm0Ow0LvCuJdYciC3VMEsbS3xFkHEhr/yT0YYCROGfld9+ZZ4sgs
ydWCC43bYRA4IPGzGCzD20yIe4f7DyJbTLazwMzH0B/w1/F7+ns6gW247zbqd1fR
k7BKwJ1kt9mToAT/MtpvEZ0Mb9BUBdZiy8RJU67OEvMbAHJIt1WDz/JiCpAQykav
Q8vqyX0DXtdoHM1/TgMNBbfv0EhfdmpIqDQK02oOHmtVvMlJd3AJstsmzJkv0vqK
ldkQdt8iRwN1Z22iampQ7j3UCltvv4PYFiaJ7ekjINH9f/Wn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org