Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r6aHm4WA9kG4KYv2aDy9uEW5sB4.roa
File: r6aHm4WA9kG4KYv2aDy9uEW5sB4.roa (raw, json)
Hash identifier: Pvj+hfwPlXdW60zperUwC5N7HCn3IHPColdkkRcMIdw=
Subject key identifier: AF:A6:87:9B:85:80:F6:41:B8:29:8B:F6:68:3C:BD:B8:45:B9:B0:1E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184140A5684C9FF6223E44F563D240CC3B2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r6aHm4WA9kG4KYv2aDy9uEW5sB4.roa
Signing time: Wed 26 Oct 2022 11:25:32 +0000
ROA not before: Wed 26 Oct 2022 11:25:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:97c1:800::/37 maxlen: 48
2a0e:97c7:800::/37 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:0a:56:84:c9:ff:62:23:e4:4f:56:3d:24:0c:c3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 26 11:25:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afa6879b8580f641b8298bf6683cbdb845b9b01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:1d:f5:e4:be:e5:81:94:34:43:99:f7:dc:
20:a5:fc:2c:68:8e:f4:d3:70:04:31:86:5c:6e:eb:
c4:7c:b6:02:c2:e1:cc:52:02:93:31:73:a5:d9:c0:
56:74:b5:61:d3:2a:dd:56:f6:5e:b4:29:15:00:41:
d3:bd:fa:69:34:94:96:cf:23:87:eb:da:36:ea:3b:
de:b9:07:5c:df:f2:57:2a:a3:07:d2:09:37:1e:2a:
36:6e:61:d8:79:2b:d6:f0:27:d9:20:8c:a8:c3:c1:
bc:98:2b:3f:58:70:7e:27:3d:07:b2:64:72:3d:62:
b9:3d:81:14:06:9c:40:1c:01:b9:37:ba:a6:dd:34:
24:01:3a:05:53:6d:5d:97:a8:38:5c:4f:44:b7:a3:
41:d9:31:9e:09:c8:04:fc:08:e4:76:5d:6a:08:07:
21:ea:f7:2f:9c:d4:89:90:2f:15:15:58:51:9d:61:
c9:af:52:99:f7:da:c4:97:09:2e:5e:20:2d:b6:9d:
90:4b:64:c4:53:43:ec:db:88:52:cc:48:b5:71:f9:
1a:2e:a5:12:2f:60:5d:e0:f0:eb:ed:66:3a:ea:85:
a4:60:92:b0:a7:20:d5:fa:f8:e0:54:12:93:b8:cb:
16:4a:ec:b5:b3:84:30:93:e1:e4:cc:94:78:e5:8d:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:87:9B:85:80:F6:41:B8:29:8B:F6:68:3C:BD:B8:45:B9:B0:1E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r6aHm4WA9kG4KYv2aDy9uEW5sB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c7:800::/37
Signature Algorithm: sha256WithRSAEncryption
41:cc:e8:dc:b9:81:f2:f2:f2:dc:ab:ae:61:31:23:95:b9:4a:
0d:4f:5a:0f:2f:1f:2e:0c:78:10:c0:d8:9b:50:c3:bb:d6:e3:
15:b5:4f:00:dd:7b:06:6f:bc:cf:cf:96:bc:d5:83:2d:fd:c1:
b7:ea:c9:97:04:fa:94:24:1e:f0:bf:ec:bd:d5:7a:e5:f9:11:
40:8c:41:84:8f:45:3f:a7:9d:43:00:63:d4:6c:76:de:93:04:
ec:1d:5c:d8:a9:f6:62:6c:8e:ad:f4:c6:f9:8c:5a:d1:23:3b:
41:4f:20:15:0d:88:d5:90:32:59:df:0c:67:19:d3:d7:64:6c:
6e:5e:0f:52:68:8d:a4:56:d6:81:8b:44:01:ae:2b:48:1a:e1:
05:58:5c:49:27:ae:f6:d6:72:b8:d6:74:26:bc:e3:7f:73:f3:
e2:e8:19:40:b7:8f:4f:dc:88:7a:90:a3:79:94:65:82:bb:31:
14:08:d3:a2:8e:d0:ec:38:58:ca:2e:5b:5b:72:f0:4e:ac:0f:
6f:16:e5:02:c8:25:95:ef:c5:f5:c1:85:08:1b:b3:19:e7:8a:
db:05:36:da:8d:ef:46:4f:89:f8:49:67:5b:48:4c:88:eb:c7:
41:8c:05:4b:bb:79:dc:dd:57:d4:0f:37:57:ed:83:59:61:1c:
77:4c:6b:ab
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYQUClaEyf9iI+RPVj0kDMOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI2MTEyNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE2ODc5Yjg1ODBmNjQxYjgyOThiZjY2ODNjYmRiODQ1YjliMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Ad9eS+5YGUNEOZ99wgpfwsaI70
03AEMYZcbuvEfLYCwuHMUgKTMXOl2cBWdLVh0yrdVvZetCkVAEHTvfppNJSWzyOH
69o26jveuQdc3/JXKqMH0gk3Hio2bmHYeSvW8CfZIIyow8G8mCs/WHB+Jz0HsmRy
PWK5PYEUBpxAHAG5N7qm3TQkAToFU21dl6g4XE9Et6NB2TGeCcgE/Ajkdl1qCAch
6vcvnNSJkC8VFVhRnWHJr1KZ99rElwkuXiAttp2QS2TEU0Ps24hSzEi1cfkaLqUS
L2Bd4PDr7WY66oWkYJKwpyDV+vjgVBKTuMsWSuy1s4Qwk+HkzJR45Y20rwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFK+mh5uFgPZBuCmL9mg8vbhFubAeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcjZhSG00V0E5a0c0S1l2MmFEeTl1RVc1c0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYDKg6XwQgD
BgMqDpfHCDANBgkqhkiG9w0BAQsFAAOCAQEAQczo3LmB8vLy3KuuYTEjlblKDU9a
Dy8fLgx4EMDYm1DDu9bjFbVPAN17Bm+8z8+WvNWDLf3Bt+rJlwT6lCQe8L/svdV6
5fkRQIxBhI9FP6edQwBj1Gx23pME7B1c2Kn2YmyOrfTG+Yxa0SM7QU8gFQ2I1ZAy
Wd8MZxnT12Rsbl4PUmiNpFbWgYtEAa4rSBrhBVhcSSeu9tZyuNZ0Jrzjf3Pz4ugZ
QLePT9yIepCjeZRlgrsxFAjToo7Q7DhYyi5bW3LwTqwPbxblAsglle/F9cGFCBuz
GeeK2wU22o3vRk+J+ElnW0hMiOvHQYwFS7t53N1X1A83V+2DWWEcd0xrqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org