Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAzahU4csT1Ru6BFLI97w5rT3xs.roa
File: qAzahU4csT1Ru6BFLI97w5rT3xs.roa (raw, json)
Hash identifier: JlxscRczlYsxIP1erKsdjRFpQEmXBhivn/q9P11tzm0=
Subject key identifier: A8:0C:DA:85:4E:1C:B1:3D:51:BB:A0:45:2C:8F:7B:C3:9A:D3:DF:1B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 154EB098
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAzahU4csT1Ru6BFLI97w5rT3xs.roa
Signing time: Sun 26 Jun 2022 19:56:42 +0000
ROA not before: Sun 26 Jun 2022 19:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204750
IP address blocks: 2a0e:97c0:3d5::/48 maxlen: 48
2a0e:97c0:3d0::/44 maxlen: 48
2a0e:97c0:3d0::/48 maxlen: 48
2a0e:97c0:3d3::/48 maxlen: 48
2a0e:97c0:3d6::/48 maxlen: 48
2a0e:97c0:3d1::/48 maxlen: 48
2a0e:97c0:3d4::/48 maxlen: 48
2a0e:97c0:3d2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357478552 (0x154eb098)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 26 19:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a80cda854e1cb13d51bba0452c8f7bc39ad3df1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b1:ed:98:29:b2:03:a0:bf:1c:3d:a8:73:24:
ea:50:1c:0f:9c:a6:27:26:fa:20:cd:80:e7:28:5c:
93:0c:cd:3e:25:06:25:4a:1e:26:5d:d7:dc:d5:bf:
d9:ca:45:67:7f:4f:23:5f:90:ff:4a:34:43:b6:3b:
9c:62:af:9d:ed:54:15:12:bb:f7:43:ba:18:28:29:
47:be:30:34:a1:7d:cf:d0:bb:62:e1:8e:f0:fa:35:
24:e5:9d:2e:d1:09:1f:4d:bc:9c:5f:ac:ba:45:55:
0d:45:59:ff:27:83:e5:3a:60:d3:06:17:8c:b7:19:
e6:2f:a5:c1:c8:58:c8:b6:80:84:ed:21:03:62:17:
42:6f:af:a3:54:24:fb:12:8e:0e:a4:94:cb:4b:ad:
e7:20:77:f4:b9:aa:15:ed:93:cd:d3:5c:c4:80:b7:
e3:51:ec:63:0f:be:fe:e5:99:e9:09:61:dd:98:d7:
84:c3:94:3b:f7:02:c9:d4:66:52:cb:79:be:29:c3:
25:43:b4:0f:bc:d8:ab:0c:33:89:33:48:26:ad:6e:
0e:96:4a:f2:34:56:d1:30:f5:12:c0:f5:5b:0a:c8:
08:68:11:1d:aa:e2:5d:a8:fa:7a:f5:4a:7d:03:e1:
d2:02:14:a5:f9:a3:55:5b:f7:ee:63:e1:c5:96:4a:
3e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0C:DA:85:4E:1C:B1:3D:51:BB:A0:45:2C:8F:7B:C3:9A:D3:DF:1B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAzahU4csT1Ru6BFLI97w5rT3xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3d0::/44
Signature Algorithm: sha256WithRSAEncryption
78:f3:fb:8e:6c:a1:9e:12:e8:a5:3e:e4:c9:f2:1b:04:70:9f:
ff:27:01:41:82:61:3f:0f:80:8f:8e:fc:3d:9b:3f:89:b6:24:
cb:3e:47:26:f5:59:e3:0c:5b:c5:b5:0a:76:c0:80:f1:0a:56:
0f:d7:f6:05:16:0a:2c:8e:5c:d4:ae:ce:9c:76:9c:60:44:55:
c0:bb:43:91:f7:2c:cc:22:96:34:65:a8:0c:43:3f:3b:bd:c4:
36:ca:d7:df:59:3c:c2:b6:99:05:a1:df:2d:f6:de:52:a8:ea:
01:6b:5c:bd:a7:c6:81:ad:42:4d:c3:9b:2a:53:1c:6b:f9:54:
27:8d:83:0a:3b:6d:57:8a:65:1a:de:10:d4:b5:1f:53:64:9f:
d9:9d:00:c6:ba:80:86:02:ef:40:9e:4a:dd:e2:54:aa:73:7d:
67:ea:60:d2:f7:f9:72:6f:db:53:01:8a:94:ed:2a:f1:ad:d8:
15:ef:0a:9d:25:c9:61:46:f1:00:b3:c7:d4:31:6b:86:2a:56:
96:e6:02:d4:a0:52:6d:59:3e:1f:47:e4:11:85:b1:53:2f:36:
51:f3:b5:68:53:44:33:d1:36:45:11:db:dd:12:ae:e0:2d:83:
50:96:08:f6:0c:28:84:fc:7c:be:05:05:a5:b6:10:85:74:06:
9e:b4:1e:eb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFU6wmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYy
NjE5NTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTgwY2RhODU0ZTFj
YjEzZDUxYmJhMDQ1MmM4ZjdiYzM5YWQzZGYxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+x7ZgpsgOgvxw9qHMk6lAcD5ymJyb6IM2A5yhckwzNPiUG
JUoeJl3X3NW/2cpFZ39PI1+Q/0o0Q7Y7nGKvne1UFRK790O6GCgpR74wNKF9z9C7
YuGO8Po1JOWdLtEJH028nF+sukVVDUVZ/yeD5Tpg0wYXjLcZ5i+lwchYyLaAhO0h
A2IXQm+vo1Qk+xKODqSUy0ut5yB39LmqFe2TzdNcxIC341HsYw++/uWZ6Qlh3ZjX
hMOUO/cCydRmUst5vinDJUO0D7zYqwwziTNIJq1uDpZK8jRW0TD1EsD1WwrICGgR
HariXaj6evVKfQPh0gIUpfmjVVv37mPhxZZKPmECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSoDNqFThyxPVG7oEUsj3vDmtPfGzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3FBemFoVTRjc1QxUnU2QkZMSTk3dzVyVDN4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AD0DANBgkqhkiG9w0BAQsF
AAOCAQEAePP7jmyhnhLopT7kyfIbBHCf/ycBQYJhPw+Aj478PZs/ibYkyz5HJvVZ
4wxbxbUKdsCA8QpWD9f2BRYKLI5c1K7OnHacYERVwLtDkfcszCKWNGWoDEM/O73E
NsrX31k8wraZBaHfLfbeUqjqAWtcvafGga1CTcObKlMca/lUJ42DCjttV4plGt4Q
1LUfU2Sf2Z0AxrqAhgLvQJ5K3eJUqnN9Z+pg0vf5cm/bUwGKlO0q8a3YFe8KnSXJ
YUbxALPH1DFrhipWluYC1KBSbVk+H0fkEYWxUy82UfO1aFNEM9E2RRHb3RKu4C2D
UJYI9gwohPx8vgUFpbYQhXQGnrQe6w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org