Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pPrXI4aAgcydWFa0nfsty8Q-kfY.roa
File: pPrXI4aAgcydWFa0nfsty8Q-kfY.roa (raw, json)
Hash identifier: YbsbwrHtaep/SWngFS5DUg5GeoW8EOFvKcUTXh8dJ1w=
Subject key identifier: A4:FA:D7:23:86:80:81:CC:9D:58:56:B4:9D:FB:2D:CB:C4:3E:91:F6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01850859B3272549C2411137EBE1ABB310E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pPrXI4aAgcydWFa0nfsty8Q-kfY.roa
Signing time: Mon 12 Dec 2022 21:59:34 +0000
ROA not before: Mon 12 Dec 2022 21:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210864
IP address blocks: 2a0e:b107:19f0::/48 maxlen: 48
2a0e:b107:19f5::/48 maxlen: 48
2a0e:b107:19fa::/48 maxlen: 48
2a0e:b107:19ff::/48 maxlen: 48
2a0e:b107:1a04::/48 maxlen: 48
2a0e:b107:1a09::/48 maxlen: 48
2a0e:b107:19f3::/48 maxlen: 48
2a0e:b107:19f8::/48 maxlen: 48
2a0e:b107:19fd::/48 maxlen: 48
2a0e:b107:1a02::/48 maxlen: 48
2a0e:b107:1a07::/48 maxlen: 48
2a0e:b107:1a0c::/48 maxlen: 48
2a0e:b107:19f1::/48 maxlen: 48
2a0e:b107:19f6::/48 maxlen: 48
2a0e:b107:19fb::/48 maxlen: 48
2a0e:b107:1a00::/48 maxlen: 48
2a0e:97c0:610::/44 maxlen: 48
2a0e:b107:1a05::/48 maxlen: 48
2a0e:b107:1a0a::/48 maxlen: 48
2a0e:b107:19f4::/48 maxlen: 48
2a0e:b107:19f9::/48 maxlen: 48
2a0e:b107:19fe::/48 maxlen: 48
2a0e:b107:1a03::/48 maxlen: 48
2a0e:b107:1a08::/48 maxlen: 48
2a0e:b107:19f7::/48 maxlen: 48
2a0e:b107:19fc::/48 maxlen: 48
2a0e:b107:1a01::/48 maxlen: 48
2a0e:b107:1a06::/48 maxlen: 48
2a0e:b107:1a0b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:59:b3:27:25:49:c2:41:11:37:eb:e1:ab:b3:10:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 12 21:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4fad723868081cc9d5856b49dfb2dcbc43e91f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:40:3c:a0:19:48:e5:89:aa:b2:e5:3b:42:
17:92:6d:4f:49:83:4d:71:ac:a0:4e:00:b3:10:40:
df:0a:6e:93:99:b9:0e:93:e5:b7:9b:2e:23:6b:ed:
08:00:97:14:ec:0d:17:5d:a5:0c:cb:74:51:1d:71:
b3:01:90:9f:97:56:33:cd:ed:e7:d7:54:95:4f:b2:
40:7a:66:b1:ca:b5:0c:25:fe:f0:35:11:75:d4:b3:
be:b5:00:e4:e9:56:fb:57:76:f6:1f:0f:6d:b9:fa:
ed:24:b1:3b:93:e8:9b:0b:03:f5:a2:4f:b1:57:33:
0a:45:af:66:63:85:77:3a:3c:25:55:85:93:ed:35:
6a:be:c9:08:2c:6e:15:98:f9:8b:81:b0:cf:3c:32:
37:80:50:8d:2f:fe:74:00:0b:71:5d:b6:77:58:9e:
81:39:64:5b:f9:20:4a:6d:03:35:2a:b4:c8:f9:4d:
df:bf:4e:27:91:d0:af:67:b9:53:9e:c2:66:63:99:
b2:ac:f2:27:6e:47:e7:72:fe:7f:9f:55:75:42:08:
55:60:da:f0:b9:0e:8e:35:ea:0b:81:97:48:42:7d:
57:da:ce:c4:34:1c:e6:fb:61:5b:3b:c7:20:3a:86:
5f:e2:0d:a1:17:b9:a3:8d:e7:15:c8:aa:10:dc:00:
b4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FA:D7:23:86:80:81:CC:9D:58:56:B4:9D:FB:2D:CB:C4:3E:91:F6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pPrXI4aAgcydWFa0nfsty8Q-kfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:610::/44
2a0e:b107:19f0::/47
2a0e:b107:19f3::-2a0e:b107:1a0c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:73:73:7f:6e:19:22:5f:d3:7a:bb:72:28:bf:4c:4d:46:69:
18:e7:7e:a6:a1:51:2a:9c:c8:2c:cb:ee:95:fa:b4:9d:9c:03:
7d:38:08:c1:1d:4d:af:a4:fd:fb:d8:b1:fd:d0:1c:14:e5:80:
aa:e0:29:c0:d6:99:b9:a0:00:77:76:6e:be:ec:a5:42:bc:9d:
5f:2b:7d:2d:f1:32:51:d3:c6:43:fb:52:80:08:56:87:fa:d0:
e3:3f:be:5f:c2:28:d8:78:c3:1b:59:37:85:ad:c4:c0:dd:09:
43:e3:fd:99:9d:9a:2b:2d:91:da:a2:a8:bb:f4:d8:e2:ef:33:
04:3d:cf:ba:65:0d:6c:2e:61:e2:bb:68:41:2a:e7:d6:1f:82:
b5:4a:84:80:e2:d2:15:5f:26:fd:e0:66:43:50:b9:51:86:79:
98:ee:f0:c2:c6:b3:87:d0:91:1c:7e:9e:d1:c9:f1:c3:6a:c2:
1e:f5:bc:a2:c3:d0:cf:3a:dd:80:f2:9e:ff:4f:e5:c9:ba:8d:
67:6a:69:6a:45:f2:d1:69:98:9c:d9:ef:86:4b:6b:86:bf:56:
32:f2:a7:64:45:5b:24:cc:e0:b5:40:a2:bc:48:ac:f3:5b:f5:
b7:9c:ac:ec:59:02:4c:cb:9c:e3:66:2d:7a:b4:68:c5:b7:53:
69:29:1d:b8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYUIWbMnJUnCQRE36+GrsxDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEyMjE1OTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGZhZDcyMzg2ODA4MWNjOWQ1ODU2YjQ5ZGZiMmRjYmM0M2U5MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSpAPKAZSOWJqrLlO0IXkm1PSYNN
caygTgCzEEDfCm6TmbkOk+W3my4ja+0IAJcU7A0XXaUMy3RRHXGzAZCfl1Yzze3n
11SVT7JAemaxyrUMJf7wNRF11LO+tQDk6Vb7V3b2Hw9tufrtJLE7k+ibCwP1ok+x
VzMKRa9mY4V3OjwlVYWT7TVqvskILG4VmPmLgbDPPDI3gFCNL/50AAtxXbZ3WJ6B
OWRb+SBKbQM1KrTI+U3fv04nkdCvZ7lTnsJmY5myrPInbkfncv5/n1V1QghVYNrw
uQ6ONeoLgZdIQn1X2s7ENBzm+2FbO8cgOoZf4g2hF7mjjecVyKoQ3AC0kwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKT61yOGgIHMnVhWtJ37LcvEPpH2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcFByWEk0YUFnY3lkV0ZhMG5mc3R5OFEta2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcEKg6XwAYQ
AwcBKg6xBxnwMBIDBwAqDrEHGfMDBwAqDrEHGgwwDQYJKoZIhvcNAQELBQADggEB
AJhzc39uGSJf03q7cii/TE1GaRjnfqahUSqcyCzL7pX6tJ2cA304CMEdTa+k/fvY
sf3QHBTlgKrgKcDWmbmgAHd2br7spUK8nV8rfS3xMlHTxkP7UoAIVof60OM/vl/C
KNh4wxtZN4WtxMDdCUPj/ZmdmistkdqiqLv02OLvMwQ9z7plDWwuYeK7aEEq59Yf
grVKhIDi0hVfJv3gZkNQuVGGeZju8MLGs4fQkRx+ntHJ8cNqwh71vKLD0M863YDy
nv9P5cm6jWdqaWpF8tFpmJzZ74ZLa4a/VjLyp2RFWyTM4LVAorxIrPNb9becrOxZ
AkzLnONmLXq0aMW3U2kpHbg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org