Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tq4yuabe49NfR4Pl4QGxO01-uas.roa
File: tq4yuabe49NfR4Pl4QGxO01-uas.roa (raw, json)
Hash identifier: Byvz9NrWnQNF1B+LTN023oiUjgjBMru00LyVQo3N0Pc=
Subject key identifier: B6:AE:32:B9:A6:DE:E3:D3:5F:47:83:E5:E1:01:B1:3B:4D:7E:B9:AB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184BB51D042CC57E55DA0D73FAD553B58B4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tq4yuabe49NfR4Pl4QGxO01-uas.roa
Signing time: Sun 27 Nov 2022 23:00:11 +0000
ROA not before: Sun 27 Nov 2022 23:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202427
IP address blocks: 2a0e:97c0:5bd::/48 maxlen: 48
2a0e:97c0:5b8::/48 maxlen: 48
2a0e:97c0:5b3::/48 maxlen: 48
2a0e:97c0:5be::/48 maxlen: 48
2a0e:97c0:5b1::/48 maxlen: 48
2a0e:97c0:5bc::/48 maxlen: 48
2a0e:97c0:5b7::/48 maxlen: 48
2a0e:97c0:5b2::/48 maxlen: 48
2a0e:97c0:5b5::/48 maxlen: 48
2a0e:97c0:5b0::/48 maxlen: 48
2a0e:97c0:5bb::/48 maxlen: 48
2a0e:97c0:5b6::/48 maxlen: 48
2a0e:97c0:5b9::/48 maxlen: 48
2a0e:97c0:5b4::/48 maxlen: 48
2a0e:97c0:5bf::/48 maxlen: 48
2a0e:97c0:5ba::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bb:51:d0:42:cc:57:e5:5d:a0:d7:3f:ad:55:3b:58:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 27 23:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6ae32b9a6dee3d35f4783e5e101b13b4d7eb9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:52:2d:60:b6:9a:81:e0:c6:27:cc:61:06:75:
79:ad:15:99:bc:c7:4c:07:89:08:35:8d:ac:7a:c1:
e0:56:e1:76:2f:49:a8:98:cd:f6:22:f8:49:66:62:
f5:f7:89:c6:66:41:55:e1:cf:58:7d:29:b5:ef:f0:
1c:d0:3c:58:58:81:94:c4:c9:25:e9:af:0a:d2:5e:
c0:54:7a:ea:f9:2a:b6:d7:2c:34:20:df:e6:88:e9:
36:fc:17:07:fa:81:ae:b8:52:e7:0b:51:32:80:73:
50:de:28:ec:2c:7e:b6:2f:cd:e7:bd:00:a9:5f:39:
40:65:74:ea:b3:ee:eb:24:58:b8:a9:4a:67:d7:4a:
75:84:01:35:ad:25:48:43:bd:ed:79:bf:86:fd:79:
c0:02:c8:2d:4b:0b:d0:0d:f4:46:cd:ac:4c:a0:a5:
81:d3:78:4f:57:54:91:a3:15:dd:10:6f:1c:da:00:
b8:a7:ae:6c:23:3a:4c:07:9e:d2:9f:11:14:09:6d:
74:98:ee:80:24:a2:9a:4a:93:86:75:34:3c:42:43:
96:82:9b:22:0e:50:cb:10:10:95:01:86:46:aa:a5:
cb:72:a0:d1:40:88:fe:8f:6c:49:b8:68:68:48:ba:
7b:c5:19:a1:d1:cc:25:53:18:94:94:18:b7:4b:53:
a2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AE:32:B9:A6:DE:E3:D3:5F:47:83:E5:E1:01:B1:3B:4D:7E:B9:AB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tq4yuabe49NfR4Pl4QGxO01-uas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5b0::/44
Signature Algorithm: sha256WithRSAEncryption
5d:f9:39:2c:f6:70:f7:40:92:c9:71:3c:cb:6c:3a:f9:8b:87:
7e:a4:bb:e3:08:cf:40:73:97:01:4a:58:8e:78:f5:a5:90:c9:
b4:1d:ba:a4:25:33:b3:62:fa:6d:a1:97:1a:09:2a:5c:43:e9:
06:ad:03:14:58:10:fe:47:4d:58:6e:a0:6b:c1:8a:f7:c1:bd:
14:09:aa:c4:c2:eb:cf:54:c5:14:07:1a:4e:71:08:db:b0:56:
60:91:c9:42:f3:08:f5:28:77:63:dc:cc:92:6b:be:97:2f:c4:
24:76:64:b9:d4:54:3f:39:ba:7e:9a:11:45:67:e0:0c:6f:24:
37:a4:ca:38:95:c2:bb:ae:3f:1e:4d:8c:b1:14:3b:5a:02:58:
2f:44:51:ad:cc:4a:98:dd:50:e9:79:fa:a7:c9:59:0d:ba:80:
e5:fb:33:98:5f:7e:a1:f9:ee:84:1c:98:5b:9f:d2:40:38:13:
b0:fd:ae:2e:03:4e:c7:c5:48:b6:02:16:7a:88:6e:42:d3:ea:
df:bb:c2:91:d3:47:b3:5b:8c:ed:fc:14:bf:9c:a1:7e:b1:ae:
23:71:92:52:82:aa:02:b3:88:7e:44:b7:4f:c9:a1:b5:2c:ed:
54:fb:c4:ad:88:93:74:36:ce:26:55:45:db:c9:94:a8:95:20:
4f:65:9d:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYS7UdBCzFflXaDXP61VO1i0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI3MjMwMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFlMzJiOWE2ZGVlM2QzNWY0NzgzZTVlMTAxYjEzYjRkN2ViOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21ItYLaageDGJ8xhBnV5rRWZvMdM
B4kINY2sesHgVuF2L0momM32IvhJZmL194nGZkFV4c9YfSm17/Ac0DxYWIGUxMkl
6a8K0l7AVHrq+Sq21yw0IN/miOk2/BcH+oGuuFLnC1EygHNQ3ijsLH62L83nvQCp
XzlAZXTqs+7rJFi4qUpn10p1hAE1rSVIQ73teb+G/XnAAsgtSwvQDfRGzaxMoKWB
03hPV1SRoxXdEG8c2gC4p65sIzpMB57SnxEUCW10mO6AJKKaSpOGdTQ8QkOWgpsi
DlDLEBCVAYZGqqXLcqDRQIj+j2xJuGhoSLp7xRmh0cwlUxiUlBi3S1OiowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLauMrmm3uPTX0eD5eEBsTtNfrmrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdHE0eXVhYmU0OU5mUjRQbDRRR3hPMDEtdWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAWw
MA0GCSqGSIb3DQEBCwUAA4IBAQBd+Tks9nD3QJLJcTzLbDr5i4d+pLvjCM9Ac5cB
SliOePWlkMm0HbqkJTOzYvptoZcaCSpcQ+kGrQMUWBD+R01YbqBrwYr3wb0UCarE
wuvPVMUUBxpOcQjbsFZgkclC8wj1KHdj3MySa76XL8QkdmS51FQ/Obp+mhFFZ+AM
byQ3pMo4lcK7rj8eTYyxFDtaAlgvRFGtzEqY3VDpefqnyVkNuoDl+zOYX36h+e6E
HJhbn9JAOBOw/a4uA07HxUi2AhZ6iG5C0+rfu8KR00ezW4zt/BS/nKF+sa4jcZJS
gqoCs4h+RLdPyaG1LO1U+8StiJN0Ns4mVUXbyZSolSBPZZ1P
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org