Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pUcSjWD6dMWuMEoJ-6Du4YxXk_8.roa
File: pUcSjWD6dMWuMEoJ-6Du4YxXk_8.roa (raw, json)
Hash identifier: jbhpcXpK8owYsqEJnK2uQpW0e2JTc+mQJtB3usF8Xzg=
Subject key identifier: A5:47:12:8D:60:FA:74:C5:AE:30:4A:09:FB:A0:EE:E1:8C:57:93:FF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183AE5C6511FEE50AC2D62FAB06B9F121D5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pUcSjWD6dMWuMEoJ-6Du4YxXk_8.roa
Signing time: Thu 06 Oct 2022 17:33:54 +0000
ROA not before: Thu 06 Oct 2022 17:33:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211024
IP address blocks: 2a0e:97c0:4d0::/48 maxlen: 48
2a0e:97c0:4df::/48 maxlen: 48
2a0e:97c0:4d2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ae:5c:65:11:fe:e5:0a:c2:d6:2f:ab:06:b9:f1:21:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 6 17:33:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a547128d60fa74c5ae304a09fba0eee18c5793ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9a:f4:a6:51:77:32:f9:e2:61:ce:d2:31:c0:
b0:cf:3d:56:bf:39:c2:45:05:7b:6a:38:57:57:34:
e3:d1:be:7b:75:b2:90:34:b4:2f:4d:d0:99:92:3a:
5f:5c:62:7b:95:34:01:da:ff:1b:bb:84:08:92:fd:
50:c0:59:78:cd:46:7a:1a:78:a9:8b:f5:05:c1:78:
f2:86:f8:99:43:83:1e:b4:3f:f5:33:44:7b:c2:74:
94:8a:12:cf:de:9d:7c:04:31:16:e3:44:04:ba:6f:
52:85:22:37:f5:7f:22:70:65:03:99:cd:01:be:97:
8a:e3:45:c6:89:9c:80:32:da:bc:a8:a0:b0:df:4e:
6f:d3:14:1d:a1:d8:1f:56:47:18:15:34:b9:24:a5:
b6:93:8d:82:96:4f:54:f0:aa:eb:e1:b4:8c:d4:bb:
04:9e:e4:a3:8e:d5:9d:67:a5:f2:a0:c3:f8:6f:40:
95:cf:14:0c:e8:cc:39:4f:e6:3a:5e:c1:76:c1:ad:
68:26:2e:7c:9b:95:69:d5:81:9b:43:5d:6b:2a:60:
20:08:84:da:52:49:2a:39:f7:6a:b3:e6:20:35:86:
e2:38:f6:e8:a7:46:bc:30:2e:5b:cc:91:5e:27:8e:
e5:19:ce:62:4b:4a:68:1c:17:ab:2e:d8:39:83:35:
da:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:47:12:8D:60:FA:74:C5:AE:30:4A:09:FB:A0:EE:E1:8C:57:93:FF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pUcSjWD6dMWuMEoJ-6Du4YxXk_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:4d0::/48
2a0e:97c0:4d2::/48
2a0e:97c0:4df::/48
Signature Algorithm: sha256WithRSAEncryption
8b:1a:c0:20:52:4f:2e:d1:0c:84:a9:5b:65:d1:6e:59:e7:85:
eb:98:f7:9a:fc:3d:92:4c:14:19:30:a4:60:85:5b:55:56:13:
1b:ed:90:79:74:4c:d3:b4:2f:67:ab:3b:ca:36:cc:ab:73:79:
79:67:62:11:cd:b5:fa:76:1f:44:94:3b:83:fc:c8:07:25:5d:
7e:5f:e0:cf:45:f7:7f:3b:a2:d9:09:9e:8b:98:5e:57:28:65:
82:00:ac:89:87:fd:3d:64:ce:3f:9d:ba:3e:5d:99:44:31:c3:
b4:54:25:65:a6:26:0f:2d:04:8a:dc:c6:98:2f:ad:5f:d0:63:
6d:d5:f1:e7:67:1c:85:90:b0:aa:0d:6b:51:41:1c:86:2a:6e:
eb:48:01:dc:b2:9c:56:f3:14:ce:2f:49:de:61:e9:30:76:b3:
60:c3:34:97:4d:ea:bb:24:47:24:66:94:95:56:1d:1a:c0:38:
b8:5f:aa:09:2e:dd:b7:6f:01:e6:73:59:a6:86:35:53:7c:cf:
54:60:57:c1:c5:9a:3d:3d:d1:23:08:cf:9a:0d:92:66:e3:3e:
ff:01:ce:5a:32:05:78:bb:7d:73:49:24:bc:bc:48:cf:74:c1:
4f:6c:b8:30:f8:5a:30:e8:70:14:81:6b:f3:fb:b3:28:aa:36:
ab:79:1e:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYOuXGUR/uUKwtYvqwa58SHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDA2MTczMzU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ3MTI4ZDYwZmE3NGM1YWUzMDRhMDlmYmEwZWVlMThjNTc5M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipr0plF3MvniYc7SMcCwzz1WvznC
RQV7ajhXVzTj0b57dbKQNLQvTdCZkjpfXGJ7lTQB2v8bu4QIkv1QwFl4zUZ6Gnip
i/UFwXjyhviZQ4MetD/1M0R7wnSUihLP3p18BDEW40QEum9ShSI39X8icGUDmc0B
vpeK40XGiZyAMtq8qKCw305v0xQdodgfVkcYFTS5JKW2k42Clk9U8Krr4bSM1LsE
nuSjjtWdZ6XyoMP4b0CVzxQM6Mw5T+Y6XsF2wa1oJi58m5Vp1YGbQ11rKmAgCITa
UkkqOfdqs+YgNYbiOPbop0a8MC5bzJFeJ47lGc5iS0poHBerLtg5gzXadQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKVHEo1g+nTFrjBKCfug7uGMV5P/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcFVjU2pXRDZkTVd1TUVvSi02RHU0WXhYa184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwATQ
AwcAKg6XwATSAwcAKg6XwATfMA0GCSqGSIb3DQEBCwUAA4IBAQCLGsAgUk8u0QyE
qVtl0W5Z54XrmPea/D2STBQZMKRghVtVVhMb7ZB5dEzTtC9nqzvKNsyrc3l5Z2IR
zbX6dh9ElDuD/MgHJV1+X+DPRfd/O6LZCZ6LmF5XKGWCAKyJh/09ZM4/nbo+XZlE
McO0VCVlpiYPLQSK3MaYL61f0GNt1fHnZxyFkLCqDWtRQRyGKm7rSAHcspxW8xTO
L0neYekwdrNgwzSXTeq7JEckZpSVVh0awDi4X6oJLt23bwHmc1mmhjVTfM9UYFfB
xZo9PdEjCM+aDZJm4z7/Ac5aMgV4u31zSSS8vEjPdMFPbLgw+Fow6HAUgWvz+7Mo
qjareR6t
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org