Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rgV1DHKXGbMDa11jFKjjil7JmlM.roa
File: rgV1DHKXGbMDa11jFKjjil7JmlM.roa (raw, json)
Hash identifier: YN9bW8lfUudjEWNeAvooFub0+U/W4NjBM9uLRg8ELr0=
Subject key identifier: AE:05:75:0C:72:97:19:B3:03:6B:5D:63:14:A8:E3:8A:5E:C9:9A:53
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182168188F9F86E64D243BB7C6AFF2CB965
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rgV1DHKXGbMDa11jFKjjil7JmlM.roa
Signing time: Tue 19 Jul 2022 12:49:24 +0000
ROA not before: Tue 19 Jul 2022 12:49:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d8::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d9::/48 maxlen: 48
2a0e:b107:381::/48 maxlen: 48
2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d6::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:81:88:f9:f8:6e:64:d2:43:bb:7c:6a:ff:2c:b9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 19 12:49:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae05750c729719b3036b5d6314a8e38a5ec99a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cc:c2:1a:5f:29:e9:3c:83:18:f7:90:77:d8:
ff:96:8f:bb:99:3d:91:7c:01:0e:1d:6d:b2:de:76:
9f:ea:a6:9d:51:ff:8a:7f:e6:54:65:3f:aa:d4:7a:
1f:78:8c:50:f9:42:27:9d:63:59:5f:d5:b6:27:c9:
34:8c:02:c4:4f:a2:8b:5b:85:03:8d:89:3e:02:b0:
bf:ea:c8:62:07:04:dc:eb:fb:8f:2d:b0:bc:d9:f5:
94:8d:eb:96:ab:fa:88:df:5b:5d:91:9a:0b:99:7f:
7c:6f:b7:c6:6b:57:00:bd:c1:44:ca:51:36:ad:bd:
18:5d:6b:22:5a:74:1f:06:69:b8:d3:1a:22:71:04:
1f:b2:4f:bf:ce:9d:f6:a7:0c:98:3d:0e:69:c7:0b:
9d:67:f9:28:ee:ee:e9:b1:82:05:13:8c:3f:f6:fe:
95:0e:21:46:e1:a1:6a:a3:dd:aa:27:f4:35:d7:d6:
38:69:5b:f7:94:84:b4:97:15:72:6c:f5:13:a7:b9:
f9:bf:ea:01:79:4a:fb:cd:64:40:71:f3:0c:bf:53:
06:f4:8d:7e:a2:e0:7e:00:6f:60:8f:3f:33:a6:dc:
2a:0e:e8:c5:32:e4:13:7b:f9:6a:4d:4f:0e:72:c1:
f1:82:cb:e3:30:ee:d3:e1:b0:da:28:4a:e0:6c:d4:
89:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:05:75:0C:72:97:19:B3:03:6B:5D:63:14:A8:E3:8A:5E:C9:9A:53
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rgV1DHKXGbMDa11jFKjjil7JmlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:381::/48
2a0e:b107:12d1::-2a0e:b107:12d9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:42:b6:79:b5:d8:8d:03:d4:8e:6e:6f:36:d0:a7:4c:f3:47:
4f:c2:26:8e:55:ba:ef:c5:f1:e3:3e:17:4b:60:c8:5a:41:0c:
e2:ec:f2:28:3a:1d:2a:ee:bd:b0:39:e1:1e:31:c8:fb:24:83:
5d:3d:65:a7:60:5a:f9:ee:d9:1a:48:94:0b:92:6b:6e:7a:a9:
31:62:d1:1f:df:01:43:b9:61:86:c1:92:9b:d3:ef:27:5a:a3:
61:37:34:6a:41:e8:e8:52:7a:48:b9:a4:6c:18:28:33:62:8a:
7b:f9:7f:6b:3d:1e:81:0c:05:8b:a6:db:d4:d8:8b:ab:c3:6e:
6b:13:20:11:1a:f2:a2:d9:87:2a:32:54:84:35:c5:48:44:31:
d6:b8:f8:0e:c4:b1:3f:bc:58:aa:97:39:f4:36:8d:65:24:e5:
f9:ff:01:69:67:11:36:cf:ab:22:d7:8a:62:88:e1:79:5f:2f:
07:ca:0c:b2:96:8f:18:61:66:4c:6f:85:c8:62:c4:85:94:ec:
58:b4:b2:09:e9:90:bb:8b:3b:de:3b:df:b2:e5:24:69:94:49:
5b:97:8e:12:1c:20:6e:ee:be:5c:58:65:81:02:9f:a2:24:04:
12:4e:44:c4:05:fe:c4:c5:fa:06:d5:0b:8e:69:dc:3c:24:41:
cb:9e:79:bb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYIWgYj5+G5k0kO7fGr/LLllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzE5MTI0OTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA1NzUwYzcyOTcxOWIzMDM2YjVkNjMxNGE4ZTM4YTVlYzk5YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMzCGl8p6TyDGPeQd9j/lo+7mT2R
fAEOHW2y3naf6qadUf+Kf+ZUZT+q1HofeIxQ+UInnWNZX9W2J8k0jALET6KLW4UD
jYk+ArC/6shiBwTc6/uPLbC82fWUjeuWq/qI31tdkZoLmX98b7fGa1cAvcFEylE2
rb0YXWsiWnQfBmm40xoicQQfsk+/zp32pwyYPQ5pxwudZ/ko7u7psYIFE4w/9v6V
DiFG4aFqo92qJ/Q119Y4aVv3lIS0lxVybPUTp7n5v+oBeUr7zWRAcfMMv1MG9I1+
ouB+AG9gjz8zptwqDujFMuQTe/lqTU8OcsHxgsvjMO7T4bDaKErgbNSJ0wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK4FdQxylxmzA2tdYxSo44peyZpTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcmdWMURIS1hHYk1EYTExakZLamppbDdKbWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBwOB
MBIDBwAqDrEHEtEDBwEqDrEHEtgwDQYJKoZIhvcNAQELBQADggEBABBCtnm12I0D
1I5ubzbQp0zzR0/CJo5Vuu/F8eM+F0tgyFpBDOLs8ig6HSruvbA54R4xyPskg109
ZadgWvnu2RpIlAuSa256qTFi0R/fAUO5YYbBkpvT7ydao2E3NGpB6OhSeki5pGwY
KDNiinv5f2s9HoEMBYum29TYi6vDbmsTIBEa8qLZhyoyVIQ1xUhEMda4+A7EsT+8
WKqXOfQ2jWUk5fn/AWlnETbPqyLXimKI4XlfLwfKDLKWjxhhZkxvhchixIWU7Fi0
sgnpkLuLO94737LlJGmUSVuXjhIcIG7uvlxYZYECn6IkBBJORMQF/sTF+gbVC45p
3DwkQcueebs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org