Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nT5TGhQ7E3pzU29I5o6cfghkEew.roa
File: nT5TGhQ7E3pzU29I5o6cfghkEew.roa (raw, json)
Hash identifier: PcbZZSLaHf0HBht5ZVRngdQFxKBj5sjSkWOH68wscaU=
Subject key identifier: 9D:3E:53:1A:14:3B:13:7A:73:53:6F:48:E6:8E:9C:7E:08:64:11:EC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182EE3EB693E3318B5FFC4381D57548C683
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nT5TGhQ7E3pzU29I5o6cfghkEew.roa
Signing time: Tue 30 Aug 2022 10:14:23 +0000
ROA not before: Tue 30 Aug 2022 10:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210619
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:800::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:3e:b6:93:e3:31:8b:5f:fc:43:81:d5:75:48:c6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 30 10:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d3e531a143b137a73536f48e68e9c7e086411ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:11:df:f6:50:bf:29:3c:7e:d7:6a:e4:02:
6c:38:d1:13:07:7b:46:8a:b9:fc:06:07:4f:ca:88:
15:63:22:aa:99:cf:1a:73:9c:91:4a:66:1c:ca:20:
77:c2:d9:b8:8b:98:1e:63:c7:9a:a7:39:df:75:06:
97:8a:37:63:2d:8f:56:8c:12:d3:58:3c:a5:4c:a6:
dd:02:55:d5:18:d5:19:0a:3c:0f:72:b9:f1:aa:89:
7a:b0:45:62:e4:ba:4f:fd:56:30:d1:fc:a7:ff:ae:
dd:24:cd:16:d0:6d:63:cc:a1:84:be:db:d6:67:fc:
c3:e6:af:41:9f:04:12:26:58:6d:11:30:e1:b5:74:
02:3a:27:c0:17:92:3d:51:18:5c:82:3d:56:0a:ee:
c0:60:f7:14:54:b4:ea:b2:83:05:6f:83:47:f4:77:
e7:ea:10:97:c5:5c:1a:f4:2b:27:36:3b:17:fe:49:
8b:df:91:17:a6:83:40:e3:51:b6:bc:38:7f:aa:d5:
7b:da:37:37:40:ee:85:bc:20:c1:e4:94:a6:59:a4:
e2:e8:4e:7c:6d:72:70:83:d0:19:41:93:93:87:c0:
cc:fb:22:4e:b0:3e:be:00:27:5a:e7:d8:16:00:35:
1b:fa:67:0f:cb:5a:60:7d:fd:b5:ac:c3:78:37:28:
1a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3E:53:1A:14:3B:13:7A:73:53:6F:48:E6:8E:9C:7E:08:64:11:EC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nT5TGhQ7E3pzU29I5o6cfghkEew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
2a0e:97c0:800::/39
Signature Algorithm: sha256WithRSAEncryption
52:07:71:5c:0e:8d:03:ad:e1:5c:f4:ac:62:de:18:bd:f3:b3:
89:c5:f0:11:4a:b8:65:8d:0f:ed:ee:8c:b9:44:4c:de:38:c5:
19:de:82:b4:d8:82:0b:be:34:e3:53:e3:1b:13:56:90:5b:df:
a8:96:b0:f9:f1:7a:46:dd:3a:80:48:f3:9c:85:88:fa:89:c1:
06:7b:39:00:fb:42:90:58:72:b2:cf:16:a7:06:c5:3f:15:14:
0a:b2:37:98:43:65:b5:ad:93:e9:db:c1:30:a8:1f:6a:53:f8:
c2:e9:9e:14:80:e3:47:aa:50:59:90:98:26:87:01:d8:25:b5:
5a:1e:18:fb:1a:f1:cd:62:53:b6:8b:d7:7c:e3:8c:b9:e9:30:
a0:43:be:d8:dd:c2:ab:54:89:a1:fe:07:df:a1:57:0b:9e:3e:
aa:4f:85:d6:99:8c:a2:12:c2:a1:96:58:0f:5e:01:af:5b:18:
e7:24:9e:b6:82:21:b1:ae:f0:f4:7a:65:7a:3f:60:ef:fb:5e:
9b:fb:49:49:2f:10:6b:0d:4c:41:c9:fb:d5:7c:f8:7a:e8:ce:
92:2c:67:71:00:b1:18:7e:cb:05:9b:e5:8a:49:d2:e7:a8:96:
39:3e:4d:8c:f3:cb:74:0d:93:18:92:16:a7:3b:22:b7:9f:b5:
59:d8:ea:a4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYLuPraT4zGLX/xDgdV1SMaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODMwMTAxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNlNTMxYTE0M2IxMzdhNzM1MzZmNDhlNjhlOWM3ZTA4NjQxMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfQR3/ZQvyk8ftdq5AJsONETB3tG
irn8BgdPyogVYyKqmc8ac5yRSmYcyiB3wtm4i5geY8eapznfdQaXijdjLY9WjBLT
WDylTKbdAlXVGNUZCjwPcrnxqol6sEVi5LpP/VYw0fyn/67dJM0W0G1jzKGEvtvW
Z/zD5q9BnwQSJlhtETDhtXQCOifAF5I9URhcgj1WCu7AYPcUVLTqsoMFb4NH9Hfn
6hCXxVwa9CsnNjsX/kmL35EXpoNA41G2vDh/qtV72jc3QO6FvCDB5JSmWaTi6E58
bXJwg9AZQZOTh8DM+yJOsD6+ACda59gWADUb+mcPy1pgff21rMN4NygaTwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFJ0+UxoUOxN6c1NvSOaOnH4IZBHsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvblQ1VEdoUTdFM3B6VTI5STVvNmNmZ2hrRWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKg6XwAXA
AwYBKg6XwAgwDQYJKoZIhvcNAQELBQADggEBAFIHcVwOjQOt4Vz0rGLeGL3zs4nF
8BFKuGWND+3ujLlETN44xRnegrTYggu+NONT4xsTVpBb36iWsPnxekbdOoBI85yF
iPqJwQZ7OQD7QpBYcrLPFqcGxT8VFAqyN5hDZbWtk+nbwTCoH2pT+MLpnhSA40eq
UFmQmCaHAdgltVoeGPsa8c1iU7aL13zjjLnpMKBDvtjdwqtUiaH+B9+hVwuePqpP
hdaZjKISwqGWWA9eAa9bGOcknraCIbGu8PR6ZXo/YO/7Xpv7SUkvEGsNTEHJ+9V8
+HrozpIsZ3EAsRh+ywWb5YpJ0ueoljk+TYzzy3QNkxiSFqc7IreftVnY6qQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org