Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoplxuClGYwcSb47I01ZKv6WmXc.roa
File: uoplxuClGYwcSb47I01ZKv6WmXc.roa (raw, json)
Hash identifier: CP2Dl7kcoPfsJasFfwkKUVuGYIx5870rzEzdOJvjmds=
Subject key identifier: BA:8A:65:C6:E0:A5:19:8C:1C:49:BE:3B:23:4D:59:2A:FE:96:99:77
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182BE6A57FCEDE318242553EA47C5F7586B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoplxuClGYwcSb47I01ZKv6WmXc.roa
Signing time: Sun 21 Aug 2022 03:20:16 +0000
ROA not before: Sun 21 Aug 2022 03:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400542
IP address blocks: 2a0e:b107:b11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:be:6a:57:fc:ed:e3:18:24:25:53:ea:47:c5:f7:58:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 21 03:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba8a65c6e0a5198c1c49be3b234d592afe969977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:44:25:0d:d5:ed:3e:d7:7a:27:bd:75:22:
f2:18:58:60:4f:92:18:a2:8d:aa:cd:18:fc:54:b5:
77:00:00:03:46:43:0b:97:67:a4:09:86:42:1a:16:
e3:0d:9f:18:48:2c:84:d2:2d:b7:38:d8:0f:64:e0:
53:45:76:33:ed:d2:c1:8c:9b:22:ab:15:8d:99:c6:
e9:d3:12:4f:fd:88:8a:de:60:33:59:62:33:0a:38:
81:cd:26:83:d5:a8:e3:ea:bb:3c:e3:f8:bb:60:de:
d1:b1:23:de:8b:63:ce:2a:e2:56:2c:25:6d:92:a8:
3a:9d:30:cc:fe:7f:4f:37:5a:d5:5f:58:f4:ea:f5:
0a:4f:9e:1a:1d:4e:18:61:e8:27:17:69:bd:68:57:
ee:62:b5:70:de:00:be:fb:f6:d3:7d:b1:b1:45:3e:
f1:17:bc:ea:3f:f3:72:9c:43:67:5a:61:a0:e9:48:
fe:1b:80:1e:7e:7c:88:e6:17:fd:13:38:c5:52:60:
e2:be:fa:6f:1e:1e:2e:3d:55:d9:7f:0b:2e:78:17:
dc:29:d5:e9:30:43:2b:f5:b1:6a:de:a8:28:d5:db:
f9:77:3f:eb:29:95:6a:7c:04:ae:8e:bb:ec:72:12:
c7:4b:bc:c1:3c:ea:05:41:a2:da:c9:1c:06:c4:cf:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8A:65:C6:E0:A5:19:8C:1C:49:BE:3B:23:4D:59:2A:FE:96:99:77
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoplxuClGYwcSb47I01ZKv6WmXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:b11::/48
Signature Algorithm: sha256WithRSAEncryption
70:fb:4a:28:92:d0:58:68:06:f8:41:bb:7d:60:29:22:e8:a9:
a6:b1:cd:ab:4b:4b:ed:47:bd:ea:f7:56:e8:b2:94:7a:2f:b2:
24:b4:cc:b1:12:48:2f:cf:08:47:b9:e0:06:f0:e1:6a:2d:b9:
40:f9:9d:e2:d0:16:52:7f:5a:fa:25:13:db:ba:ba:68:5d:9a:
2d:1e:79:9b:f0:b5:65:25:a0:88:05:7d:f4:3d:f9:ce:98:0c:
a1:7c:31:e7:21:a2:30:24:e2:f9:90:88:4e:1a:51:c4:dd:5a:
3a:b8:d8:b8:c4:cc:45:75:1b:22:63:c2:61:95:a6:bb:15:bb:
19:17:b7:d2:bd:09:10:05:29:65:87:fe:2f:4b:9c:f7:10:f3:
45:d5:cf:eb:70:a3:17:cc:56:eb:69:c2:0a:36:18:65:a0:57:
4c:36:0d:c2:bc:47:93:03:a0:23:9e:be:00:75:20:25:43:e8:
21:40:20:5b:d1:0e:86:51:0a:9c:c7:24:d4:e7:b4:fa:c9:80:
46:4f:6b:44:34:43:7e:7d:5a:90:32:da:06:6c:bc:69:d7:31:
63:d0:57:e2:c2:2c:0d:a0:09:6c:d0:03:4d:19:8c:0c:df:8b:
82:57:ec:b3:05:a3:db:49:1e:ed:a8:64:2a:9e:71:48:c5:50:
7f:6d:b2:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYK+alf87eMYJCVT6kfF91hrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODIxMDMyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYThhNjVjNmUwYTUxOThjMWM0OWJlM2IyMzRkNTkyYWZlOTY5OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSxEJQ3V7T7Xeie9dSLyGFhgT5IY
oo2qzRj8VLV3AAADRkMLl2ekCYZCGhbjDZ8YSCyE0i23ONgPZOBTRXYz7dLBjJsi
qxWNmcbp0xJP/YiK3mAzWWIzCjiBzSaD1ajj6rs84/i7YN7RsSPei2POKuJWLCVt
kqg6nTDM/n9PN1rVX1j06vUKT54aHU4YYegnF2m9aFfuYrVw3gC++/bTfbGxRT7x
F7zqP/NynENnWmGg6Uj+G4AefnyI5hf9EzjFUmDivvpvHh4uPVXZfwsueBfcKdXp
MEMr9bFq3qgo1dv5dz/rKZVqfASujrvschLHS7zBPOoFQaLayRwGxM+fhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLqKZcbgpRmMHEm+OyNNWSr+lpl3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdW9wbHh1Q2xHWXdjU2I0N0kwMVpLdjZXbVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwsR
MA0GCSqGSIb3DQEBCwUAA4IBAQBw+0ooktBYaAb4Qbt9YCki6Kmmsc2rS0vtR73q
91bospR6L7IktMyxEkgvzwhHueAG8OFqLblA+Z3i0BZSf1r6JRPburpoXZotHnmb
8LVlJaCIBX30PfnOmAyhfDHnIaIwJOL5kIhOGlHE3Vo6uNi4xMxFdRsiY8Jhlaa7
FbsZF7fSvQkQBSllh/4vS5z3EPNF1c/rcKMXzFbracIKNhhloFdMNg3CvEeTA6Aj
nr4AdSAlQ+ghQCBb0Q6GUQqcxyTU57T6yYBGT2tENEN+fVqQMtoGbLxp1zFj0Ffi
wiwNoAls0ANNGYwM34uCV+yzBaPbSR7tqGQqnnFIxVB/bbIn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org