Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oj4Q6rvFFGVdcmaGsTh9No5aaEM.roa
File: oj4Q6rvFFGVdcmaGsTh9No5aaEM.roa (raw, json)
Hash identifier: F2JA52ieoPsN+HkDzW+/kJjEmVNSQQ6pBA5QTuoh5/Q=
Subject key identifier: A2:3E:10:EA:BB:C5:14:65:5D:72:66:86:B1:38:7D:36:8E:5A:68:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 1095DD45
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oj4Q6rvFFGVdcmaGsTh9No5aaEM.roa
Signing time: Sat 01 Jan 2022 09:05:03 +0000
ROA not before: Sat 01 Jan 2022 09:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205642
IP address blocks: 2a09:4c2:31::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278256965 (0x1095dd45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a23e10eabbc514655d726686b1387d368e5a6843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:b6:80:3a:22:eb:33:40:58:96:df:f8:bf:
31:a8:eb:63:c0:ff:ba:7c:d6:a4:f6:cd:81:bd:4d:
6d:2a:0e:1e:3f:bf:56:48:74:10:ef:f9:84:18:5a:
ca:38:8f:c8:e9:19:f1:6e:64:23:35:98:31:5a:30:
9b:5a:7e:6f:bd:7a:b6:46:15:e7:e6:a9:50:61:05:
a6:d2:0c:e4:e3:be:a5:8d:db:22:8c:79:42:c7:64:
48:0d:03:de:50:88:d0:02:e5:8d:08:10:a0:16:bb:
db:3c:21:23:13:b6:5b:3c:68:99:c6:4a:8f:3c:c1:
26:0c:9b:09:02:71:0c:2b:a6:72:cd:59:51:a8:7a:
a5:e8:b1:85:f6:70:c4:2a:1e:f6:a1:fa:dc:fe:06:
d0:2e:97:c0:77:7c:88:3f:fc:f7:41:84:97:31:ec:
59:65:64:cf:07:c0:1b:63:6a:01:0d:9e:e8:bc:78:
eb:fe:7b:4b:cf:b1:e2:be:89:67:c8:cf:92:a1:12:
7d:f6:a6:8d:4f:c1:32:48:a4:50:85:6c:20:a0:8e:
54:b6:ad:5a:ce:6c:af:1e:8a:62:ab:3e:58:d0:7e:
e4:d2:eb:29:34:79:16:33:d6:8f:91:bc:53:d3:5f:
3a:84:00:bb:a1:30:a9:1d:f7:e2:c4:d1:31:80:d9:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3E:10:EA:BB:C5:14:65:5D:72:66:86:B1:38:7D:36:8E:5A:68:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oj4Q6rvFFGVdcmaGsTh9No5aaEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4c2:31::/48
Signature Algorithm: sha256WithRSAEncryption
2e:fc:4b:32:4d:7b:da:27:a8:94:76:8d:50:84:c8:0c:f7:2c:
2d:23:e6:44:e5:4d:69:69:7d:1a:30:c1:31:20:ad:dd:a4:9c:
57:36:f3:1c:73:80:f2:40:0f:7f:62:a3:57:78:40:c5:49:1e:
c9:ae:84:30:9b:df:34:d0:ef:89:6c:e2:72:09:3e:f2:27:65:
1c:4c:bf:f3:e3:0f:5c:b7:93:78:de:83:2b:fd:a4:fb:38:14:
8b:85:0c:34:43:b9:0d:49:33:8f:01:a9:f5:93:82:44:26:e6:
77:56:e1:da:b0:6d:af:ee:1c:37:c6:4f:4d:50:d6:d6:63:c0:
42:ba:43:29:da:91:fb:89:17:3c:08:df:b5:44:06:9e:45:40:
22:5a:de:c3:35:2c:7f:45:bb:4a:7e:37:c5:c1:1a:28:a1:5a:
19:7c:5e:0a:9d:e8:9c:62:79:be:e3:6a:fa:8f:0e:29:fe:e7:
5f:09:be:8f:a0:d4:72:93:2d:b9:8f:64:80:d5:3a:14:20:41:
6e:20:de:48:8f:2b:29:18:9a:8f:c8:74:44:b6:2f:b1:7c:23:
27:66:bc:8a:1b:10:ef:cb:90:04:d3:1f:d3:39:91:33:be:5a:
e9:62:bc:2b:ca:7c:7b:f3:19:04:ef:3a:19:5e:c4:99:b4:57:
69:ac:b8:c8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJXdRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIzZTEwZWFiYmM1
MTQ2NTVkNzI2Njg2YjEzODdkMzY4ZTVhNjg0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoBtoA6IuszQFiW3/i/MajrY8D/unzWpPbNgb1NbSoOHj+/
Vkh0EO/5hBhayjiPyOkZ8W5kIzWYMVowm1p+b716tkYV5+apUGEFptIM5OO+pY3b
Iox5QsdkSA0D3lCI0ALljQgQoBa72zwhIxO2WzxomcZKjzzBJgybCQJxDCumcs1Z
Uah6peixhfZwxCoe9qH63P4G0C6XwHd8iD/890GElzHsWWVkzwfAG2NqAQ2e6Lx4
6/57S8+x4r6JZ8jPkqESffamjU/BMkikUIVsIKCOVLatWs5srx6KYqs+WNB+5NLr
KTR5FjPWj5G8U9NfOoQAu6EwqR334sTRMYDZg1MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSiPhDqu8UUZV1yZoaxOH02jlpoQzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L29qNFE2cnZGRkdWZGNtYUdzVGg5Tm81YWFFTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJBMIAMTANBgkqhkiG9w0BAQsF
AAOCAQEALvxLMk172ieolHaNUITIDPcsLSPmROVNaWl9GjDBMSCt3aScVzbzHHOA
8kAPf2KjV3hAxUkeya6EMJvfNNDviWzicgk+8idlHEy/8+MPXLeTeN6DK/2k+zgU
i4UMNEO5DUkzjwGp9ZOCRCbmd1bh2rBtr+4cN8ZPTVDW1mPAQrpDKdqR+4kXPAjf
tUQGnkVAIlrewzUsf0W7Sn43xcEaKKFaGXxeCp3onGJ5vuNq+o8OKf7nXwm+j6DU
cpMtuY9kgNU6FCBBbiDeSI8rKRiaj8h0RLYvsXwjJ2a8ihsQ78uQBNMf0zmRM75a
6WK8K8p8e/MZBO86GV7EmbRXaay4yA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org