Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pdNh8SnzG1KEm5IEETmzmX5W0kM.roa
File: pdNh8SnzG1KEm5IEETmzmX5W0kM.roa (raw, json)
Hash identifier: 2Q2aen8z/ZzR+/p7NImnu7cUR6Z0FHoKKSvNE7T1e3I=
Subject key identifier: A5:D3:61:F1:29:F3:1B:52:84:9B:92:04:11:39:B3:99:7E:56:D2:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 109BBA09
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pdNh8SnzG1KEm5IEETmzmX5W0kM.roa
Signing time: Sat 01 Jan 2022 09:05:07 +0000
ROA not before: Sat 01 Jan 2022 09:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207740
IP address blocks: 2a0e:b107:198::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278641161 (0x109bba09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5d361f129f31b52849b92041139b3997e56d243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:f8:10:73:39:5a:bc:73:02:4d:cf:11:c7:
d0:a2:53:2a:2f:b5:4f:63:e5:f4:2d:9b:d3:99:d4:
c7:2f:ca:3f:e2:b5:47:16:eb:4a:86:32:ee:b5:86:
97:df:83:04:b5:6f:52:3a:35:65:92:87:a5:ac:bc:
8d:bc:89:b4:f2:5f:fc:a5:39:f9:53:82:9d:06:e1:
17:6e:2a:93:07:88:29:56:ed:a2:c3:7d:c7:5f:f7:
23:8b:9c:1c:4b:4f:15:bd:a3:c7:ce:01:0a:b0:b3:
6e:3c:8d:0d:36:0a:6a:2f:36:fd:23:84:a5:87:ae:
67:ce:f2:b5:ef:9f:4f:f4:a8:76:0b:5c:ef:11:36:
5b:95:8f:7c:b8:06:78:da:af:92:fb:2e:4d:dd:0f:
f6:3b:fb:59:5b:75:65:02:08:8f:6a:86:82:b0:d1:
8e:c4:5d:3c:c8:d2:4e:cf:fe:7d:79:fb:34:12:b9:
ec:70:58:99:80:e3:b6:6e:03:6b:d5:e3:f9:cc:6f:
01:7c:a3:08:b7:ea:80:5f:5d:70:01:6d:0c:a8:b4:
15:81:b7:0d:3a:96:b3:ca:e7:d0:79:aa:51:7b:0b:
56:04:6c:a7:2a:6b:e7:e0:e8:d3:57:a8:e7:94:22:
b6:f0:17:55:8b:9a:54:e0:c1:01:5b:d7:0e:c0:5b:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D3:61:F1:29:F3:1B:52:84:9B:92:04:11:39:B3:99:7E:56:D2:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pdNh8SnzG1KEm5IEETmzmX5W0kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:198::/48
Signature Algorithm: sha256WithRSAEncryption
4b:96:5e:1b:9e:e8:f3:c2:7f:c1:93:4a:4c:a8:23:17:42:e3:
ce:9c:ef:7a:39:d3:a3:71:28:f7:bb:85:6e:59:46:c4:4e:93:
4e:6a:c1:34:4b:15:f9:de:db:0f:c0:77:5e:54:03:5e:77:34:
ae:a3:00:de:fd:0e:51:47:2d:b2:ef:6a:78:78:ca:49:9f:16:
85:c4:ee:a1:d5:49:9b:a6:be:74:1d:b3:a6:45:8e:56:aa:10:
bf:3b:17:8a:b5:1a:53:91:82:df:79:6c:8a:eb:45:41:78:89:
70:c8:ef:b7:4a:3f:d8:47:fb:f3:0e:c4:b3:85:5b:e5:42:7a:
aa:05:a5:50:e3:c9:ce:93:6c:cb:d1:05:e6:8f:3b:65:ee:b7:
cc:f0:bd:ea:16:74:e6:bc:61:45:06:94:f6:0a:04:b0:e9:cb:
ad:a6:39:d3:90:98:09:24:a0:49:d9:6c:57:20:b2:0a:11:f0:
99:7d:bf:7e:f5:a3:e8:b0:a0:75:9a:ab:48:10:ba:83:89:ad:
3a:90:6f:2b:07:cd:12:57:1e:7b:a3:fd:2a:a6:0c:f0:d8:9b:
d6:99:14:75:f6:4a:ba:f8:b2:f9:39:ff:eb:15:36:67:40:8c:
20:d0:4f:42:51:ea:20:c1:28:27:fc:5b:9e:a8:90:1a:7a:34:
ea:6b:53:01
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJu6CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVkMzYxZjEyOWYz
MWI1Mjg0OWI5MjA0MTEzOWIzOTk3ZTU2ZDI0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOg+BBzOVq8cwJNzxHH0KJTKi+1T2Pl9C2b05nUxy/KP+K1
RxbrSoYy7rWGl9+DBLVvUjo1ZZKHpay8jbyJtPJf/KU5+VOCnQbhF24qkweIKVbt
osN9x1/3I4ucHEtPFb2jx84BCrCzbjyNDTYKai82/SOEpYeuZ87yte+fT/Sodgtc
7xE2W5WPfLgGeNqvkvsuTd0P9jv7WVt1ZQIIj2qGgrDRjsRdPMjSTs/+fXn7NBK5
7HBYmYDjtm4Da9Xj+cxvAXyjCLfqgF9dcAFtDKi0FYG3DTqWs8rn0HmqUXsLVgRs
pypr5+Do01eo55QitvAXVYuaVODBAVvXDsBb0HUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSl02HxKfMbUoSbkgQRObOZflbSQzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3BkTmg4U256RzFLRW01SUVFVG16bVg1VzBrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcBmDANBgkqhkiG9w0BAQsF
AAOCAQEAS5ZeG57o88J/wZNKTKgjF0LjzpzvejnTo3Eo97uFbllGxE6TTmrBNEsV
+d7bD8B3XlQDXnc0rqMA3v0OUUctsu9qeHjKSZ8WhcTuodVJm6a+dB2zpkWOVqoQ
vzsXirUaU5GC33lsiutFQXiJcMjvt0o/2Ef78w7Es4Vb5UJ6qgWlUOPJzpNsy9EF
5o87Ze63zPC96hZ05rxhRQaU9goEsOnLraY505CYCSSgSdlsVyCyChHwmX2/fvWj
6LCgdZqrSBC6g4mtOpBvKwfNElcee6P9KqYM8Nib1pkUdfZKuviy+Tn/6xU2Z0CM
INBPQlHqIMEoJ/xbnqiQGno06mtTAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org