Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qINAN35xA2dIMUw0YjdiPL1JDQ0.roa
File: qINAN35xA2dIMUw0YjdiPL1JDQ0.roa (raw, json)
Hash identifier: echd/R43cEebDvUj8E5eqQGDoioHf54YSWWE8FiJ0/g=
Subject key identifier: A8:83:40:37:7E:71:03:67:48:31:4C:34:62:37:62:3C:BD:49:0D:0D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 108A8B39
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qINAN35xA2dIMUw0YjdiPL1JDQ0.roa
Signing time: Sat 01 Jan 2022 09:04:55 +0000
ROA not before: Sat 01 Jan 2022 09:04:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142130
IP address blocks: 2a0e:b107:1200::/48 maxlen: 48
2a0e:b107:1202::/48 maxlen: 48
2a0e:b107:120f::/48 maxlen: 48
2a0e:b107:1204::/48 maxlen: 48
2a0e:b107:1201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277515065 (0x108a8b39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:04:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a88340377e71036748314c346237623cbd490d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b6:d8:bc:71:fe:6a:82:43:bc:03:f9:42:49:
82:40:81:6f:c5:05:bb:dd:37:6f:53:02:e7:72:eb:
4c:f4:ce:b9:cf:03:f7:6d:5d:bf:c1:55:ff:9c:0c:
a9:98:e6:7b:4c:92:d7:98:7e:3b:52:e7:b8:0a:d8:
18:a0:48:ca:a2:c6:30:41:9e:8b:97:0f:df:8a:2c:
e7:f8:3b:c3:35:1b:2a:8e:01:95:fb:fe:59:29:4f:
82:cd:62:80:ff:87:34:29:3b:52:3b:b7:26:2a:3e:
f5:bc:9b:70:cc:8f:7f:3c:02:94:3d:0a:17:c2:aa:
d8:e0:62:1b:fb:22:c8:59:71:ab:8b:21:93:da:18:
7e:19:a7:28:da:00:88:a3:0b:3e:74:9a:b1:fe:00:
28:7f:b6:41:1a:a8:6e:48:fc:c6:22:28:a7:03:5f:
74:c3:9e:24:2b:70:cf:97:7d:1b:c2:1c:84:41:87:
cf:c9:6c:9a:54:1a:50:32:9c:98:68:2a:64:01:31:
9d:5e:77:b6:e3:e3:f3:cd:31:f6:1a:d3:59:d9:ef:
8a:13:3d:27:60:17:a6:2c:10:e9:23:7f:c7:07:c0:
93:56:cc:cf:91:59:3e:5e:bc:9f:45:70:c7:de:ee:
5a:cd:3d:d8:ed:3b:14:ca:7d:d0:67:e4:5f:0b:a3:
15:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:83:40:37:7E:71:03:67:48:31:4C:34:62:37:62:3C:BD:49:0D:0D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qINAN35xA2dIMUw0YjdiPL1JDQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1200::-2a0e:b107:1202:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1204::/48
2a0e:b107:120f::/48
Signature Algorithm: sha256WithRSAEncryption
3d:89:ae:da:c8:5d:f3:e9:3f:93:ab:34:f4:12:5a:be:35:83:
17:05:e0:cf:3a:fd:67:56:20:b0:56:a2:2c:77:6a:07:57:ef:
d9:05:90:47:bf:72:1a:f5:24:01:77:f4:9e:8b:8d:af:7a:8d:
a3:f8:4d:68:cd:26:c8:cf:22:37:ef:a5:ec:64:cf:79:50:76:
dd:33:c0:10:52:b0:d3:93:d5:9d:fa:06:46:97:cd:ff:ee:74:
41:0a:a6:c6:d8:49:d7:4f:ab:ba:dc:09:06:1e:dd:ae:63:42:
5e:a4:69:e8:4b:2f:55:41:e3:c1:7d:bd:7c:6a:96:13:e7:4f:
e6:5d:9b:63:da:cd:38:b7:44:21:a1:16:6a:c7:be:61:b5:ef:
e3:24:86:37:41:ce:da:1e:3a:68:0a:38:d2:5c:f4:d8:07:cd:
fa:40:c6:96:38:6c:f7:01:02:b6:48:1c:0a:d6:e3:ab:cc:6a:
7f:72:bd:30:8b:dc:4b:be:ec:c0:cc:56:01:c0:e8:ac:db:47:
92:e8:d4:6b:c1:5a:04:bd:af:88:37:84:1a:71:45:60:41:84:
95:f7:1a:71:7b:2e:fe:90:e5:c4:eb:f0:1b:b2:a4:f1:84:43:
8d:78:e7:94:b0:cc:bf:c1:01:5e:e8:2d:94:73:25:25:66:59:
cc:65:a4:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEEIqLOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg4MzQwMzc3ZTcx
MDM2NzQ4MzE0YzM0NjIzNzYyM2NiZDQ5MGQwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL222Lxx/mqCQ7wD+UJJgkCBb8UFu903b1MC53LrTPTOuc8D
921dv8FV/5wMqZjme0yS15h+O1LnuArYGKBIyqLGMEGei5cP34os5/g7wzUbKo4B
lfv+WSlPgs1igP+HNCk7Uju3Jio+9bybcMyPfzwClD0KF8Kq2OBiG/siyFlxq4sh
k9oYfhmnKNoAiKMLPnSasf4AKH+2QRqobkj8xiIopwNfdMOeJCtwz5d9G8IchEGH
z8lsmlQaUDKcmGgqZAExnV53tuPj880x9hrTWdnvihM9J2AXpiwQ6SN/xwfAk1bM
z5FZPl68n0Vwx97uWs092O07FMp90GfkXwujFakCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBSog0A3fnEDZ0gxTDRiN2I8vUkNDTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3FJTkFOMzV4QTJkSU1VdzBZamRpUEwxSkRRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wKwQCAAIwJTARAwYBKg6xBxIDBwAqDrEHEgIDBwAq
DrEHEgQDBwAqDrEHEg8wDQYJKoZIhvcNAQELBQADggEBAD2JrtrIXfPpP5OrNPQS
Wr41gxcF4M86/WdWILBWoix3agdX79kFkEe/chr1JAF39J6Lja96jaP4TWjNJsjP
Ijfvpexkz3lQdt0zwBBSsNOT1Z36BkaXzf/udEEKpsbYSddPq7rcCQYe3a5jQl6k
aehLL1VB48F9vXxqlhPnT+Zdm2PazTi3RCGhFmrHvmG17+MkhjdBztoeOmgKONJc
9NgHzfpAxpY4bPcBArZIHArW46vMan9yvTCL3Eu+7MDMVgHA6KzbR5Lo1GvBWgS9
r4g3hBpxRWBBhJX3GnF7Lv6Q5cTr8BuypPGEQ41455SwzL/BAV7oLZRzJSVmWcxl
pN8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org