Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGmrfziURYMU4v76Tr7rvluJiIM.roa
File: pGmrfziURYMU4v76Tr7rvluJiIM.roa (raw, json)
Hash identifier: XNBKcRD7f6nZDl6+quHqu7wDlSLb/q7HxwxRquNDclg=
Subject key identifier: A4:69:AB:7F:38:94:45:83:14:E2:FE:FA:4E:BE:EB:BE:5B:89:88:83
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10EED206
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGmrfziURYMU4v76Tr7rvluJiIM.roa
Signing time: Sat 01 Jan 2022 09:05:55 +0000
ROA not before: Sat 01 Jan 2022 09:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212996
IP address blocks: 2a0e:b105:100::/44 maxlen: 48
2a10:2f01:290::/44 maxlen: 48
2a10:2f00:13f::/48 maxlen: 48
2a0e:97c7:130::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284086790 (0x10eed206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a469ab7f3894458314e2fefa4ebeebbe5b898883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:a5:23:cf:3f:02:4e:20:73:b2:b2:cd:3a:
34:50:67:03:22:23:23:7b:e6:80:42:89:ec:ef:e0:
a3:f5:71:2a:eb:29:d2:e1:2a:3a:73:4a:75:85:a6:
34:d6:2a:30:f3:5e:85:e8:d2:1f:01:41:d4:84:c7:
c8:b1:d9:73:c9:e6:d6:74:1c:53:b0:18:bc:b4:da:
a7:05:37:d9:e1:ba:40:3e:4a:28:8e:2f:8e:b3:89:
84:90:5e:07:1b:41:4a:f4:31:b5:03:61:8f:65:45:
7d:35:08:36:e0:7e:25:35:1b:c2:29:ae:59:88:23:
94:45:ac:81:bc:00:94:61:4d:74:98:8c:6a:18:27:
91:9b:d1:21:94:c7:b0:82:e2:e0:25:7f:ff:e2:bb:
33:e2:4a:da:51:a2:d3:e9:f9:c4:eb:69:0a:89:4b:
35:db:c0:9f:35:95:cc:df:25:b5:bb:69:f2:64:8a:
de:35:d3:43:cf:7e:29:1f:65:4e:96:67:5c:11:83:
c4:2d:ad:fb:99:fb:07:80:7a:9b:56:68:e4:19:58:
90:c6:0f:01:3f:be:86:30:64:56:56:04:64:e2:5b:
f0:e3:0a:d0:63:56:9f:fa:0c:9a:ba:3c:c1:8d:f7:
6a:35:71:06:c3:33:89:f4:95:22:51:db:40:8f:2a:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:69:AB:7F:38:94:45:83:14:E2:FE:FA:4E:BE:EB:BE:5B:89:88:83
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGmrfziURYMU4v76Tr7rvluJiIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c7:130::/44
2a0e:b105:100::/44
2a10:2f00:13f::/48
2a10:2f01:290::/44
Signature Algorithm: sha256WithRSAEncryption
94:48:cf:bf:02:c4:3b:7a:a2:3a:ce:c5:c0:f8:d8:ef:42:b5:
36:62:69:c6:e5:28:92:8c:fe:03:c9:f4:81:18:f8:25:66:65:
c6:c6:68:10:10:a8:ec:15:f3:f4:65:01:7b:32:58:0e:5b:83:
25:24:3c:7b:7b:2d:7b:e8:13:a7:5e:a5:30:1b:5d:b0:07:1d:
33:83:a6:99:07:1e:59:f9:60:93:32:59:ce:82:47:9a:ed:af:
ad:76:d4:b7:51:6b:0b:cb:a5:cf:4a:a9:d7:9e:fb:4a:0a:6b:
12:2f:5a:12:3a:22:2f:6a:d4:eb:c2:8d:57:dd:e5:05:01:c9:
41:f8:3b:95:ad:8c:25:3f:77:4f:9a:a4:13:ff:dd:67:cb:0c:
42:bd:1f:d5:01:00:b8:71:22:83:d8:43:2e:6f:1a:96:2f:aa:
42:22:b8:ce:18:a2:a6:74:99:11:e6:9f:c6:5d:21:21:11:a0:
b7:91:26:fa:b1:88:24:f4:7a:c4:ee:8d:b6:e7:5f:c4:bd:59:
09:5e:44:df:2f:ca:b6:f5:f9:b3:3f:b2:89:88:d4:af:d6:f6:
67:3c:3d:2f:a3:c4:ee:98:a3:25:c6:ac:97:78:c3:f1:25:63:
2f:67:c4:4c:6f:bc:de:ce:d8:6e:a9:76:2d:31:cf:90:b1:36:
43:73:10:4b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEEO7SBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ2OWFiN2YzODk0
NDU4MzE0ZTJmZWZhNGViZWViYmU1Yjg5ODg4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSmpSPPPwJOIHOyss06NFBnAyIjI3vmgEKJ7O/go/VxKusp
0uEqOnNKdYWmNNYqMPNehejSHwFB1ITHyLHZc8nm1nQcU7AYvLTapwU32eG6QD5K
KI4vjrOJhJBeBxtBSvQxtQNhj2VFfTUINuB+JTUbwimuWYgjlEWsgbwAlGFNdJiM
ahgnkZvRIZTHsILi4CV//+K7M+JK2lGi0+n5xOtpColLNdvAnzWVzN8ltbtp8mSK
3jXTQ89+KR9lTpZnXBGDxC2t+5n7B4B6m1Zo5BlYkMYPAT++hjBkVlYEZOJb8OMK
0GNWn/oMmro8wY33ajVxBsMzifSVIlHbQI8qyKECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSkaat/OJRFgxTi/vpOvuu+W4mIgzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3BHbXJmemlVUllNVTR2NzZUcjdydmx1SmlJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHBCoOl8cBMAMHBCoOsQUBAAMHACoQ
LwABPwMHBCoQLwECkDANBgkqhkiG9w0BAQsFAAOCAQEAlEjPvwLEO3qiOs7FwPjY
70K1NmJpxuUokoz+A8n0gRj4JWZlxsZoEBCo7BXz9GUBezJYDluDJSQ8e3ste+gT
p16lMBtdsAcdM4OmmQceWflgkzJZzoJHmu2vrXbUt1FrC8ulz0qp1577SgprEi9a
EjoiL2rU68KNV93lBQHJQfg7la2MJT93T5qkE//dZ8sMQr0f1QEAuHEig9hDLm8a
li+qQiK4zhiipnSZEeafxl0hIRGgt5Em+rGIJPR6xO6NtudfxL1ZCV5E3y/KtvX5
sz+yiYjUr9b2Zzw9L6PE7pijJcasl3jD8SVjL2fETG+83s7Ybql2LTHPkLE2Q3MQ
Sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org