Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x82ekQyioWKrcEVvBGAWbdvwo5w.roa
File: x82ekQyioWKrcEVvBGAWbdvwo5w.roa (raw, json)
Hash identifier: igo7otC0Zr5JfiMdfAdx7ILgKbYVOmDRH+NbuTIrU78=
Subject key identifier: C7:CD:9E:91:0C:A2:A1:62:AB:70:45:6F:04:60:16:6D:DB:F0:A3:9C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01847C2D28EBCE91AA8343BB035516CCF4A4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x82ekQyioWKrcEVvBGAWbdvwo5w.roa
Signing time: Tue 15 Nov 2022 16:44:05 +0000
ROA not before: Tue 15 Nov 2022 16:44:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201412
IP address blocks: 2a0e:97c0:c70::/44 maxlen: 48
2a0e:b107:1cf0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:2d:28:eb:ce:91:aa:83:43:bb:03:55:16:cc:f4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 15 16:44:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7cd9e910ca2a162ab70456f0460166ddbf0a39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:72:79:ab:3d:78:6c:94:f9:b5:76:8f:c0:
8e:fe:77:bb:4d:51:7c:16:42:05:a4:99:e4:67:64:
c1:41:81:97:a2:ab:8f:1d:e3:ff:cc:d7:ee:20:4c:
0c:f8:d1:08:59:65:84:52:3c:1f:a0:ef:7a:63:fd:
f0:e5:a0:e8:74:01:d1:ef:ca:0f:5f:b7:ed:6d:1b:
cc:b3:ec:f2:7c:80:1f:17:bf:15:f6:8e:6d:1e:53:
3e:c8:69:08:11:e9:16:f6:28:ca:3c:45:1c:d9:3f:
81:f3:2a:83:bf:76:53:d1:a1:91:25:33:b5:a0:9a:
2c:50:22:cf:3a:8d:5a:10:32:c7:72:46:ae:db:f1:
fb:49:42:8e:81:e8:8e:7f:ab:08:1f:7f:ac:72:cc:
f2:58:48:c7:ec:4b:13:24:38:48:05:68:af:11:95:
aa:19:fd:26:54:24:f0:b5:97:57:ce:17:44:7b:9d:
e7:c9:f0:c7:27:d2:26:f0:79:fc:c6:f5:fc:00:a7:
00:7b:d0:0d:d6:6b:d7:ee:3c:15:e5:bc:e1:f0:73:
9d:c1:31:38:54:23:59:f7:22:99:ee:29:da:55:ec:
20:66:7c:e4:ed:eb:26:e1:27:52:93:58:a7:24:cc:
d7:38:a1:79:3a:b7:c0:45:38:0e:a9:36:9c:42:12:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CD:9E:91:0C:A2:A1:62:AB:70:45:6F:04:60:16:6D:DB:F0:A3:9C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x82ekQyioWKrcEVvBGAWbdvwo5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c70::/44
2a0e:b107:1cf0::/44
Signature Algorithm: sha256WithRSAEncryption
7f:fa:68:95:51:4a:c1:2c:3e:0e:bd:1e:7f:2a:2e:da:ea:59:
d9:c0:e8:b7:a7:d6:02:a2:b9:da:f9:b1:16:94:6a:3e:6f:ce:
f5:5f:46:91:fb:ae:a5:98:d5:77:b0:06:aa:1a:70:72:01:2e:
e4:99:66:d5:b2:6c:59:d6:9a:68:aa:e1:d6:ba:98:4a:f8:fd:
95:64:a3:f5:50:5b:ae:99:1b:e3:a9:4f:3f:32:78:75:77:50:
c7:a3:a7:e9:d0:ba:3f:39:ca:60:55:18:d2:11:46:81:35:e4:
d6:25:46:1c:57:74:67:fc:a3:23:4f:bf:94:ef:3e:18:b2:19:
92:2b:b1:59:2c:74:24:9e:0d:ab:37:15:3a:ed:05:39:d4:86:
2b:a8:e0:57:ab:f3:99:00:16:98:7d:5a:5c:a2:58:9d:24:87:
0a:f3:1e:7f:aa:5a:91:4b:ed:0e:11:31:c6:e8:a4:b3:db:46:
a8:03:4b:75:4a:70:95:ed:ae:ae:57:be:7b:63:73:aa:7a:a2:
58:ca:b4:25:68:ba:22:92:22:8a:7b:2d:9f:c7:63:30:6e:5a:
fb:5f:34:16:81:17:e5:d7:58:3f:25:61:52:0b:43:50:75:89:
bf:75:07:2c:8b:8e:43:93:d0:da:c7:b4:eb:bf:b9:61:ac:2e:
60:00:21:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR8LSjrzpGqg0O7A1UWzPSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE1MTY0NDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NkOWU5MTBjYTJhMTYyYWI3MDQ1NmYwNDYwMTY2ZGRiZjBhMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwlyeas9eGyU+bV2j8CO/ne7TVF8
FkIFpJnkZ2TBQYGXoquPHeP/zNfuIEwM+NEIWWWEUjwfoO96Y/3w5aDodAHR78oP
X7ftbRvMs+zyfIAfF78V9o5tHlM+yGkIEekW9ijKPEUc2T+B8yqDv3ZT0aGRJTO1
oJosUCLPOo1aEDLHckau2/H7SUKOgeiOf6sIH3+scszyWEjH7EsTJDhIBWivEZWq
Gf0mVCTwtZdXzhdEe53nyfDHJ9Im8Hn8xvX8AKcAe9AN1mvX7jwV5bzh8HOdwTE4
VCNZ9yKZ7inaVewgZnzk7esm4SdSk1inJMzXOKF5OrfARTgOqTacQhLUsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMfNnpEMoqFiq3BFbwRgFm3b8KOcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveDgyZWtReWlvV0tyY0VWdkJHQVdiZHZ3bzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAxw
AwcEKg6xBxzwMA0GCSqGSIb3DQEBCwUAA4IBAQB/+miVUUrBLD4OvR5/Ki7a6lnZ
wOi3p9YCorna+bEWlGo+b871X0aR+66lmNV3sAaqGnByAS7kmWbVsmxZ1ppoquHW
uphK+P2VZKP1UFuumRvjqU8/Mnh1d1DHo6fp0Lo/OcpgVRjSEUaBNeTWJUYcV3Rn
/KMjT7+U7z4YshmSK7FZLHQkng2rNxU67QU51IYrqOBXq/OZABaYfVpcolidJIcK
8x5/qlqRS+0OETHG6KSz20aoA0t1SnCV7a6uV757Y3OqeqJYyrQlaLoikiKKey2f
x2Mwblr7XzQWgRfl11g/JWFSC0NQdYm/dQcsi45Dk9Dax7Trv7lhrC5gACGN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org