Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFvfVOmZ6cmlrMNgRCKmbb5ivaY.roa
File: vFvfVOmZ6cmlrMNgRCKmbb5ivaY.roa (raw, json)
Hash identifier: vgeqUkyXukDLbIy4puMdAjyaedc4rKsZsg/89IG0dIM=
Subject key identifier: BC:5B:DF:54:E9:99:E9:C9:A5:AC:C3:60:44:22:A6:6D:BE:62:BD:A6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10F6EBFB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFvfVOmZ6cmlrMNgRCKmbb5ivaY.roa
Signing time: Sat 01 Jan 2022 09:06:00 +0000
ROA not before: Sat 01 Jan 2022 09:06:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213262
IP address blocks: 2a0e:b107:9d0::/48 maxlen: 48
2a0e:b107:9d5::/48 maxlen: 48
2a0e:b107:9d2::/48 maxlen: 48
2a0e:b107:9da::/48 maxlen: 48
2a0e:b107:9d7::/48 maxlen: 48
2a0e:b107:9d4::/48 maxlen: 48
2a0e:b107:9d1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284617723 (0x10f6ebfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:06:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc5bdf54e999e9c9a5acc3604422a66dbe62bda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:3d:f7:f8:a6:08:e8:f3:7b:0a:32:fd:76:
24:ab:c8:f9:5d:26:67:b0:71:fe:55:f1:f5:41:fc:
a2:97:8f:6f:8e:3f:91:d9:1a:68:50:f0:7d:07:b5:
fe:93:a5:8f:82:90:40:60:6f:95:dc:b9:64:01:68:
c8:29:02:94:de:2f:34:84:37:44:4e:6b:71:8b:e5:
f8:cd:3b:a5:6d:ac:b3:f8:7c:5b:63:f7:95:31:45:
a7:a4:32:5b:2f:45:81:a0:ab:2e:1d:18:00:08:82:
67:e1:b0:18:6e:a1:3d:c7:2f:aa:04:94:00:05:0d:
17:59:5a:21:fd:58:49:91:04:8c:31:a4:9f:30:cd:
d5:4f:6d:52:6d:bf:f4:a1:a9:d5:86:ce:5a:a7:ec:
12:64:79:e2:c1:1d:7d:62:d1:d5:b8:96:51:44:e5:
20:12:23:e8:d4:83:ce:f7:4f:eb:9e:17:1d:18:93:
22:e0:3c:95:d7:da:06:55:f3:10:44:9a:d1:ec:e5:
49:0c:59:19:ea:c8:c9:b4:be:a5:f6:be:c5:2e:c5:
e8:d5:a5:c9:28:fc:27:aa:77:bc:1f:fc:97:7e:2b:
6c:00:38:29:80:17:9a:04:8b:54:64:1e:f3:b3:b4:
a2:1e:95:15:0e:8d:1d:83:00:16:4f:1f:f2:59:cf:
2f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5B:DF:54:E9:99:E9:C9:A5:AC:C3:60:44:22:A6:6D:BE:62:BD:A6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vFvfVOmZ6cmlrMNgRCKmbb5ivaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:9d0::-2a0e:b107:9d2:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9d4::/47
2a0e:b107:9d7::/48
2a0e:b107:9da::/48
Signature Algorithm: sha256WithRSAEncryption
56:d9:b3:64:ee:fe:7f:21:75:cc:8d:11:47:74:3a:b3:bf:0a:
a1:5e:6a:d0:4a:cd:1f:b7:2d:1a:eb:ff:c9:ea:f3:8c:5f:05:
2f:21:8b:b1:37:7e:57:a1:8d:92:15:6b:63:9a:a4:5f:05:bb:
78:f5:dc:f2:aa:16:00:d0:69:78:7a:fa:d2:24:a9:07:11:5b:
f5:9e:0d:5b:ac:46:6e:e5:26:0f:cd:56:21:9b:41:e7:3a:07:
71:49:71:87:bc:8b:69:46:80:81:5b:e8:fe:fb:1c:70:5a:3b:
76:0f:d0:a6:f6:78:d1:25:b5:c8:e2:66:27:36:a2:ba:43:c9:
55:8b:1e:68:8c:7b:70:a2:e8:01:e3:9f:ee:dc:eb:9e:81:3a:
bc:ac:0f:e8:40:cf:ac:2e:df:a0:6a:91:af:33:da:df:c8:16:
66:93:7b:cc:94:91:2a:3c:f1:d4:44:8f:35:9e:71:de:a0:8a:
6b:16:ea:5a:32:88:1a:99:6c:80:c0:1e:45:b6:a8:3c:5e:86:
d2:aa:ad:7f:f0:a2:78:3b:a8:27:3d:e2:db:e8:48:90:a0:c4:
46:12:b0:96:46:fe:d6:80:6b:eb:49:d2:c0:66:5a:71:90:da:
5f:2c:be:93:3d:69:60:2e:5a:f6:e4:18:0f:fc:b6:2f:71:c2:
c7:ff:c7:f3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEEPbr+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmM1YmRmNTRlOTk5
ZTljOWE1YWNjMzYwNDQyMmE2NmRiZTYyYmRhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbbPff4pgjo83sKMv12JKvI+V0mZ7Bx/lXx9UH8opePb44/
kdkaaFDwfQe1/pOlj4KQQGBvldy5ZAFoyCkClN4vNIQ3RE5rcYvl+M07pW2ss/h8
W2P3lTFFp6QyWy9FgaCrLh0YAAiCZ+GwGG6hPccvqgSUAAUNF1laIf1YSZEEjDGk
nzDN1U9tUm2/9KGp1YbOWqfsEmR54sEdfWLR1biWUUTlIBIj6NSDzvdP654XHRiT
IuA8ldfaBlXzEESa0ezlSQxZGerIybS+pfa+xS7F6NWlySj8J6p3vB/8l34rbAA4
KYAXmgSLVGQe87O0oh6VFQ6NHYMAFk8f8lnPL9cCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBS8W99U6ZnpyaWsw2BEIqZtvmK9pjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3ZGdmZWT21aNmNtbHJNTmdSQ0ttYmI1aXZhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLzASAwcEKg6xBwnQAwcAKg6xBwnSAwcB
Kg6xBwnUAwcAKg6xBwnXAwcAKg6xBwnaMA0GCSqGSIb3DQEBCwUAA4IBAQBW2bNk
7v5/IXXMjRFHdDqzvwqhXmrQSs0fty0a6//J6vOMXwUvIYuxN35XoY2SFWtjmqRf
Bbt49dzyqhYA0Gl4evrSJKkHEVv1ng1brEZu5SYPzVYhm0HnOgdxSXGHvItpRoCB
W+j++xxwWjt2D9Cm9njRJbXI4mYnNqK6Q8lVix5ojHtwougB45/u3OuegTq8rA/o
QM+sLt+gapGvM9rfyBZmk3vMlJEqPPHURI81nnHeoIprFupaMogamWyAwB5Ftqg8
XobSqq1/8KJ4O6gnPeLb6EiQoMRGErCWRv7WgGvrSdLAZlpxkNpfLL6TPWlgLlr2
5BgP/LYvccLH/8fz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org