Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q5OB7TIwXrcz40X9RQH-mLaSQm4.roa
File: q5OB7TIwXrcz40X9RQH-mLaSQm4.roa (raw, json)
Hash identifier: ZPVDONITgl3Y/1DjfLXAHpheoBfkShF2VLLO6QePlTw=
Subject key identifier: AB:93:81:ED:32:30:5E:B7:33:E3:45:FD:45:01:FE:98:B6:92:42:6E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 128C4359
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q5OB7TIwXrcz40X9RQH-mLaSQm4.roa
Signing time: Fri 04 Mar 2022 01:28:05 +0000
ROA not before: Fri 04 Mar 2022 01:28:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211459
IP address blocks: 2a0e:97c0:373::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311182169 (0x128c4359)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 4 01:28:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab9381ed32305eb733e345fd4501fe98b692426e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:1a:4a:95:bf:1f:f1:50:82:aa:dc:7f:28:
9e:f2:21:82:a9:62:3d:cd:a6:f1:d2:56:85:eb:f5:
7c:e7:f3:42:9f:2e:11:08:ea:d6:24:d2:11:e5:2d:
c0:c9:ec:ef:a4:2a:9b:7e:95:54:50:96:bd:cb:92:
8a:fd:9e:c2:6c:76:4c:2e:ed:09:7b:70:4e:28:88:
f8:3d:e7:2b:d7:aa:ca:0f:36:a2:76:7a:4f:f4:7e:
67:2d:44:e8:a6:f4:62:32:0c:f6:2d:83:91:87:bb:
13:84:2f:b7:1f:ce:42:38:62:cd:31:96:09:d8:6d:
8d:1a:2d:d3:5b:a4:a9:0e:c8:1b:79:fe:b0:b6:57:
87:5d:fb:33:86:94:1e:19:84:a7:5e:5f:44:67:4f:
1b:8d:d9:04:45:64:bb:22:c8:a9:4b:46:61:ea:80:
1d:fa:c5:10:63:11:60:33:6c:7a:05:fc:3a:2c:d7:
d4:84:68:0a:dd:d2:4d:ee:13:c1:46:77:79:28:ca:
12:67:24:20:38:a8:30:07:1f:5b:bc:a1:dc:19:bc:
31:89:c6:ed:cc:39:bf:94:ed:df:55:16:41:33:11:
55:24:9c:13:73:2b:65:7e:0e:2f:8b:e5:84:70:cb:
1a:f0:e5:aa:28:fd:e9:f8:a5:24:7c:4c:28:2d:63:
5f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:93:81:ED:32:30:5E:B7:33:E3:45:FD:45:01:FE:98:B6:92:42:6E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q5OB7TIwXrcz40X9RQH-mLaSQm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:373::/48
Signature Algorithm: sha256WithRSAEncryption
3b:c0:5c:9c:ed:33:b7:16:9a:1a:d8:a2:98:66:2d:c9:8e:87:
96:ee:ce:f3:b8:7f:a0:e5:2d:35:a1:c7:5e:c6:c1:70:69:a0:
3d:1d:af:bc:4b:89:47:9c:4d:f0:97:3c:08:47:21:89:87:49:
43:53:d1:4f:6f:4f:2d:3a:08:a4:6b:d6:94:a8:0d:d3:38:54:
7b:1c:a3:28:c1:58:62:41:a0:eb:d6:d0:30:93:bf:b8:24:38:
58:22:32:e4:85:c5:82:33:68:8d:9c:c5:22:e2:79:87:39:01:
d0:c2:ae:a0:f1:06:37:56:d9:b4:c2:30:51:9f:09:b9:5a:f7:
f5:d2:e6:35:62:22:0e:aa:38:91:2e:26:97:59:54:7b:16:2b:
5a:ea:e8:95:d7:3f:77:0a:c9:fd:e8:5e:f8:7b:29:02:ac:ca:
60:b4:00:3c:b5:73:12:67:ca:54:10:c3:62:90:50:09:50:c1:
94:56:17:02:e5:1a:f7:98:51:af:37:2b:93:08:e8:0f:79:20:
47:67:80:0f:d9:85:09:2f:fd:cc:6e:53:72:7e:82:92:35:64:
1f:b1:3c:51:c4:43:89:85:01:0b:3e:d2:e1:f3:f1:97:7a:8d:
04:84:8c:a4:c3:25:81:bc:d3:d2:65:d4:83:79:39:e7:2b:63:
52:cd:54:02
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEoxDWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
NDAxMjgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI5MzgxZWQzMjMw
NWViNzMzZTM0NWZkNDUwMWZlOThiNjkyNDI2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWgGkqVvx/xUIKq3H8onvIhgqliPc2m8dJWhev1fOfzQp8u
EQjq1iTSEeUtwMns76Qqm36VVFCWvcuSiv2ewmx2TC7tCXtwTiiI+D3nK9eqyg82
onZ6T/R+Zy1E6Kb0YjIM9i2DkYe7E4Qvtx/OQjhizTGWCdhtjRot01ukqQ7IG3n+
sLZXh137M4aUHhmEp15fRGdPG43ZBEVkuyLIqUtGYeqAHfrFEGMRYDNsegX8OizX
1IRoCt3STe4TwUZ3eSjKEmckIDioMAcfW7yh3Bm8MYnG7cw5v5Tt31UWQTMRVSSc
E3MrZX4OL4vlhHDLGvDlqij96filJHxMKC1jXx8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSrk4HtMjBetzPjRf1FAf6YtpJCbjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3E1T0I3VEl3WHJjejQwWDlSUUgtbUxhU1FtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOl8ADczANBgkqhkiG9w0BAQsF
AAOCAQEAO8BcnO0ztxaaGtiimGYtyY6Hlu7O87h/oOUtNaHHXsbBcGmgPR2vvEuJ
R5xN8Jc8CEchiYdJQ1PRT29PLToIpGvWlKgN0zhUexyjKMFYYkGg69bQMJO/uCQ4
WCIy5IXFgjNojZzFIuJ5hzkB0MKuoPEGN1bZtMIwUZ8JuVr39dLmNWIiDqo4kS4m
l1lUexYrWuroldc/dwrJ/ehe+HspAqzKYLQAPLVzEmfKVBDDYpBQCVDBlFYXAuUa
95hRrzcrkwjoD3kgR2eAD9mFCS/9zG5Tcn6CkjVkH7E8UcRDiYUBCz7S4fPxl3qN
BISMpMMlgbzT0mXUg3k55ytjUs1UAg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org