Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nuJcdZBg7GY33yLC0gnesIf_X5g.roa
File: nuJcdZBg7GY33yLC0gnesIf_X5g.roa (raw, json)
Hash identifier: EoCpB8yRUtNmlxfHTxG1JLSTvIdDa92rERw7yhntfc8=
Subject key identifier: 9E:E2:5C:75:90:60:EC:66:37:DF:22:C2:D2:09:DE:B0:87:FF:5F:98
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10D3A874
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nuJcdZBg7GY33yLC0gnesIf_X5g.roa
Signing time: Sat 01 Jan 2022 09:05:39 +0000
ROA not before: Sat 01 Jan 2022 09:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211840
IP address blocks: 2a0e:97c0:1ba::/47 maxlen: 48
2a0e:97c0:1bd::/48 maxlen: 48
2a0e:97c0:1b0::/48 maxlen: 48
2a0e:b107:862::/48 maxlen: 48
2a0e:b107:86c::/48 maxlen: 48
2a0e:b107:861::/48 maxlen: 48
2a0e:97c0:1bc::/48 maxlen: 48
2a0e:97c0:1b2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282306676 (0x10d3a874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ee25c759060ec6637df22c2d209deb087ff5f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:99:ae:d7:b9:8e:39:80:1e:55:58:9f:23:ba:
af:e5:a9:f2:22:cc:a1:87:62:8c:a7:46:ab:71:92:
87:4f:85:76:59:c6:55:f1:e9:20:ec:75:ec:7d:50:
9f:f3:26:fa:ac:53:14:b3:fa:aa:6c:3d:e6:d2:23:
7f:ab:7b:9b:85:95:84:b5:7b:a3:27:0f:96:45:c9:
56:54:db:8d:87:66:af:11:d9:0a:49:6f:22:ca:67:
7a:48:9d:91:3e:7b:e7:2d:78:6b:36:06:f2:a1:31:
2a:6f:9d:bf:cd:57:af:0e:94:33:47:04:ad:09:36:
21:14:b5:d7:d8:94:e3:67:8b:42:8d:12:7e:14:d9:
c3:f7:95:6b:e2:a1:89:9e:7e:71:39:a8:d9:76:5c:
c5:2e:eb:9a:a3:17:6a:18:4e:68:b2:19:af:12:bf:
e9:69:f9:30:c5:bb:94:c7:66:fb:7d:1f:c3:16:b8:
1b:b8:6b:d6:4d:d4:89:dc:14:87:e7:5e:c1:13:70:
6a:d9:4b:b0:0c:fa:80:35:0d:da:72:43:f1:02:e7:
29:52:2a:0e:a0:27:70:0a:b6:25:dc:48:6b:95:01:
e8:4c:3e:7c:97:7d:d1:47:53:b7:6e:78:0a:a9:7e:
5f:b4:1d:a9:fe:c9:13:68:fe:f5:a9:16:3d:8c:bc:
18:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E2:5C:75:90:60:EC:66:37:DF:22:C2:D2:09:DE:B0:87:FF:5F:98
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nuJcdZBg7GY33yLC0gnesIf_X5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1b0::/48
2a0e:97c0:1b2::/48
2a0e:97c0:1ba::-2a0e:97c0:1bd:ffff:ffff:ffff:ffff:ffff
2a0e:b107:861::-2a0e:b107:862:ffff:ffff:ffff:ffff:ffff
2a0e:b107:86c::/48
Signature Algorithm: sha256WithRSAEncryption
62:77:25:2b:65:c0:3a:32:2a:6e:40:43:89:de:19:e7:8e:6b:
52:eb:59:ab:52:e7:53:98:80:1c:18:ca:87:f0:ca:f6:13:41:
5d:b2:ff:ab:0b:8d:42:8f:20:ea:e9:7a:3c:86:28:36:ab:5d:
c1:68:43:28:e9:23:ec:e5:0e:d5:78:52:e8:5a:f0:a0:00:47:
0e:e4:b0:e3:ae:b2:aa:7c:ad:8c:4b:c8:ac:a2:7c:18:e8:72:
33:a1:43:74:ec:6f:8d:d3:ac:ed:55:d5:54:cc:c4:54:92:e3:
19:4b:d3:cc:72:2a:c3:b6:a8:cc:34:93:96:59:3f:1a:6b:ea:
13:1a:57:64:94:53:b6:f6:79:91:34:f4:0f:d6:54:57:14:61:
98:5f:cc:21:f2:8e:83:2b:05:00:ff:10:ce:64:f9:52:84:33:
b3:e8:ef:0e:43:07:c1:78:87:f4:29:5f:f0:e3:c2:5e:30:b2:
1c:00:a8:d4:87:8a:3c:dc:66:1c:8a:5b:80:09:ea:5b:50:48:
42:18:e9:9c:bb:70:36:fc:cf:59:c6:54:05:84:53:8d:a4:3e:
5b:f1:08:f4:d7:c1:1c:00:d6:40:0c:1e:e7:3e:24:42:7d:bc:
84:43:5e:51:5e:50:fd:c2:3e:ab:23:fe:25:2a:9c:6d:d5:fb:
bd:3a:1e:95
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEENOodDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVlMjVjNzU5MDYw
ZWM2NjM3ZGYyMmMyZDIwOWRlYjA4N2ZmNWY5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+Zrte5jjmAHlVYnyO6r+Wp8iLMoYdijKdGq3GSh0+FdlnG
VfHpIOx17H1Qn/Mm+qxTFLP6qmw95tIjf6t7m4WVhLV7oycPlkXJVlTbjYdmrxHZ
CklvIspnekidkT575y14azYG8qExKm+dv81Xrw6UM0cErQk2IRS119iU42eLQo0S
fhTZw/eVa+KhiZ5+cTmo2XZcxS7rmqMXahhOaLIZrxK/6Wn5MMW7lMdm+30fwxa4
G7hr1k3UidwUh+dewRNwatlLsAz6gDUN2nJD8QLnKVIqDqAncAq2JdxIa5UB6Ew+
fJd90UdTt254Cql+X7Qdqf7JE2j+9akWPYy8GKsCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBSe4lx1kGDsZjffIsLSCd6wh/9fmDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L251SmNkWkJnN0dZMzN5TEMwZ25lc0lmX1g1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswSQQCAAIwQwMHACoOl8ABsAMHACoOl8ABsjASAwcB
Kg6XwAG6AwcBKg6XwAG8MBIDBwAqDrEHCGEDBwAqDrEHCGIDBwAqDrEHCGwwDQYJ
KoZIhvcNAQELBQADggEBAGJ3JStlwDoyKm5AQ4neGeeOa1LrWatS51OYgBwYyofw
yvYTQV2y/6sLjUKPIOrpejyGKDarXcFoQyjpI+zlDtV4Uuha8KAARw7ksOOusqp8
rYxLyKyifBjocjOhQ3Tsb43TrO1V1VTMxFSS4xlL08xyKsO2qMw0k5ZZPxpr6hMa
V2SUU7b2eZE09A/WVFcUYZhfzCHyjoMrBQD/EM5k+VKEM7Po7w5DB8F4h/QpX/Dj
wl4wshwAqNSHijzcZhyKW4AJ6ltQSEIY6Zy7cDb8z1nGVAWEU42kPlvxCPTXwRwA
1kAMHuc+JEJ9vIRDXlFeUP3CPqsj/iUqnG3V+706HpU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org