Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o4nc9KwjKdrqrxyczGsSl1GMcw8.roa
File: o4nc9KwjKdrqrxyczGsSl1GMcw8.roa (raw, json)
Hash identifier: gAfIbG+3ihXsXZPMaDv4ljUt2qqxt0BTw6f0xw8VOUI=
Subject key identifier: A3:89:DC:F4:AC:23:29:DA:EA:AF:1C:9C:CC:6B:12:97:51:8C:73:0F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 134D7A82
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o4nc9KwjKdrqrxyczGsSl1GMcw8.roa
Signing time: Tue 29 Mar 2022 15:34:22 +0000
ROA not before: Tue 29 Mar 2022 15:34:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211139
IP address blocks: 2a0e:b107:1910::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323844738 (0x134d7a82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 29 15:34:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a389dcf4ac2329daeaaf1c9ccc6b1297518c730f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:6a:6b:7d:9b:fd:ee:b1:ee:8d:0c:de:e3:
e6:bf:6f:2a:59:78:3c:09:bc:98:2d:94:0b:3b:72:
92:7d:3f:93:8b:05:b7:0d:07:a9:c3:9c:89:50:68:
a6:c4:72:c4:43:21:74:51:50:ec:05:bb:4f:de:37:
9c:b0:b3:c0:d4:96:7c:5a:33:a9:ee:34:2c:c7:f2:
e6:a7:f8:5d:4f:6b:ea:c3:10:82:c4:d6:45:73:5b:
b2:b6:ba:31:8e:32:81:00:2c:0a:f5:e5:aa:8a:09:
b6:76:e1:c6:3b:a9:0f:62:49:26:56:c3:89:8c:85:
dd:62:de:3b:47:26:d8:30:a0:65:14:61:2d:60:cf:
a4:6c:45:4d:11:79:16:82:fc:a5:1c:20:25:4a:39:
a8:8a:28:e1:8c:6e:c3:39:3e:6b:88:20:f2:6a:3a:
d2:79:f6:be:b7:d4:85:6a:06:e4:94:d3:fb:a9:30:
dc:54:10:42:42:24:dd:78:cd:cd:b2:c9:a5:99:f2:
34:aa:2c:1a:5b:12:68:5c:4b:af:b0:ae:40:61:9e:
01:ec:95:36:0a:06:07:cf:09:e8:30:75:80:c2:df:
86:50:42:c2:3b:e3:74:9b:09:45:d4:07:0b:da:e0:
3c:65:a6:fe:a8:1a:59:36:55:25:bc:60:8d:08:a9:
2d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:89:DC:F4:AC:23:29:DA:EA:AF:1C:9C:CC:6B:12:97:51:8C:73:0F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o4nc9KwjKdrqrxyczGsSl1GMcw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1910::/44
Signature Algorithm: sha256WithRSAEncryption
78:49:89:e0:8d:d8:0d:26:2e:bf:23:61:de:da:11:a1:e1:ad:
ca:67:05:b6:f5:64:f6:4b:99:3e:b8:82:9b:49:11:e9:fd:46:
3f:98:51:de:76:5a:d4:f4:25:a3:06:f1:ff:2c:f9:a4:52:53:
41:f8:41:e3:7c:9d:08:0a:2a:a0:e3:95:d9:5e:c3:b8:15:e9:
71:e6:8a:21:3a:d1:c1:3f:47:b2:20:3f:43:b1:65:66:29:75:
96:e1:d2:80:1b:56:78:40:1b:5c:e4:ab:12:58:0d:0e:6d:53:
4c:84:4e:2c:ce:2d:7f:e5:4c:68:60:fa:77:9d:b2:e5:39:5f:
57:5d:f5:4a:09:83:46:f4:d4:85:31:13:67:07:1e:99:f1:bb:
07:34:32:dd:3f:71:92:20:c6:18:2d:d3:0f:e7:63:0d:42:73:
b6:b4:3a:1b:7d:b9:2b:37:16:08:5f:4a:4d:dd:f5:68:ec:c1:
9b:7e:34:e8:bb:f3:fc:a6:3c:be:e3:fa:f5:10:e6:2d:40:8b:
62:6f:75:17:5c:d5:91:4f:77:62:29:8d:f3:46:c5:2e:46:b7:
f9:8b:59:1a:1a:bd:1e:dd:b4:a3:04:d2:d3:79:5a:e0:8d:5c:
a5:96:68:b8:41:23:0d:08:90:2a:1d:55:b7:d8:bc:a4:67:3f:
64:d1:71:bb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE016gjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
OTE1MzQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM4OWRjZjRhYzIz
MjlkYWVhYWYxYzljY2M2YjEyOTc1MThjNzMwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLQamt9m/3use6NDN7j5r9vKll4PAm8mC2UCztykn0/k4sF
tw0HqcOciVBopsRyxEMhdFFQ7AW7T943nLCzwNSWfFozqe40LMfy5qf4XU9r6sMQ
gsTWRXNbsra6MY4ygQAsCvXlqooJtnbhxjupD2JJJlbDiYyF3WLeO0cm2DCgZRRh
LWDPpGxFTRF5FoL8pRwgJUo5qIoo4Yxuwzk+a4gg8mo60nn2vrfUhWoG5JTT+6kw
3FQQQkIk3XjNzbLJpZnyNKosGlsSaFxLr7CuQGGeAeyVNgoGB88J6DB1gMLfhlBC
wjvjdJsJRdQHC9rgPGWm/qgaWTZVJbxgjQipLQ0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSjidz0rCMp2uqvHJzMaxKXUYxzDzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L280bmM5S3dqS2RycXJ4eWN6R3NTbDFHTWN3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcZEDANBgkqhkiG9w0BAQsF
AAOCAQEAeEmJ4I3YDSYuvyNh3toRoeGtymcFtvVk9kuZPriCm0kR6f1GP5hR3nZa
1PQlowbx/yz5pFJTQfhB43ydCAoqoOOV2V7DuBXpceaKITrRwT9HsiA/Q7FlZil1
luHSgBtWeEAbXOSrElgNDm1TTIROLM4tf+VMaGD6d52y5TlfV131SgmDRvTUhTET
ZwcemfG7BzQy3T9xkiDGGC3TD+djDUJztrQ6G325KzcWCF9KTd31aOzBm3406Lvz
/KY8vuP69RDmLUCLYm91F1zVkU93YimN80bFLka3+YtZGhq9Ht20owTS03la4I1c
pZZouEEjDQiQKh1Vt9i8pGc/ZNFxuw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org