Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xapGr2ZpWIPN_TpT2rpKeep_SkM.roa
File: xapGr2ZpWIPN_TpT2rpKeep_SkM.roa (raw, json)
Hash identifier: oAakDT0iL6WWbA9tQrHwxxCcA4jdssbHrdQiib+Gan4=
Subject key identifier: C5:AA:46:AF:66:69:58:83:CD:FD:3A:53:DA:BA:4A:79:EA:7F:4A:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01834414CAE46FD8BAC5544BC45E7F78AD75
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xapGr2ZpWIPN_TpT2rpKeep_SkM.roa
Signing time: Fri 16 Sep 2022 02:15:56 +0000
ROA not before: Fri 16 Sep 2022 02:15:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208840
IP address blocks: 2a0e:97c0:bd0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:44:14:ca:e4:6f:d8:ba:c5:54:4b:c4:5e:7f:78:ad:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 16 02:15:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5aa46af66695883cdfd3a53daba4a79ea7f4a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3f:ae:65:0c:bf:a7:00:d1:5e:31:d1:e6:13:
16:6b:bc:67:93:43:d0:ad:93:59:f7:1c:14:ef:5e:
63:ac:7c:ae:f7:91:27:ed:4b:73:58:37:ed:f6:7c:
af:6b:81:33:cc:bb:63:5e:13:ba:1d:16:f1:22:95:
e1:fc:91:c4:f5:a0:e8:13:78:98:f3:f0:de:5a:24:
de:37:95:99:0d:60:2d:d7:f7:d6:d6:b1:ab:e4:ef:
f8:94:14:a4:a6:2b:dc:13:e6:0e:68:32:a5:55:2a:
83:58:bb:f1:d5:2a:de:fa:60:63:39:c7:f3:51:19:
2c:a1:3e:b6:66:48:7b:10:a3:51:30:10:1b:a0:3b:
08:94:e0:e8:57:e0:b3:c9:68:26:70:6f:f2:db:1c:
10:e5:df:70:d4:bd:6d:eb:c6:2a:c7:5a:91:00:a0:
45:01:dc:26:97:df:11:26:0c:d5:0d:5b:81:2d:45:
25:76:7a:d9:72:a0:0b:42:a2:4f:b9:47:f8:81:81:
3f:e0:96:e6:bd:1f:ab:3c:89:36:90:44:7f:a0:bc:
ab:f3:3c:33:67:50:bc:45:4d:64:e6:d9:32:9c:12:
7d:2d:f0:e1:44:24:93:2b:de:15:4b:74:b4:ac:8f:
19:19:b2:60:ba:be:d1:d6:1f:93:37:0c:46:b9:05:
08:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AA:46:AF:66:69:58:83:CD:FD:3A:53:DA:BA:4A:79:EA:7F:4A:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xapGr2ZpWIPN_TpT2rpKeep_SkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:bd0::/44
Signature Algorithm: sha256WithRSAEncryption
04:2c:ea:8e:8c:5b:dc:ce:11:eb:c1:00:75:2a:6c:eb:70:ed:
ca:04:21:15:f1:ba:58:09:bb:a7:6e:f7:9c:fe:90:df:75:b9:
08:ca:07:44:81:65:ee:7a:d5:50:c7:62:13:21:8c:b8:97:16:
90:82:ea:6a:73:fe:ce:a1:cd:5f:95:4c:33:ba:86:ef:5e:55:
b8:0e:d6:50:61:b1:2d:1d:d1:61:11:de:2c:30:fc:e7:cc:25:
c6:98:c8:04:c6:ad:fa:a3:50:a2:bd:bb:9a:74:0f:ab:18:4a:
f3:03:fc:63:25:d3:a4:05:2a:45:1f:62:20:81:c7:5d:c5:85:
ca:d1:5a:f3:5f:e1:b0:c2:19:bb:1c:95:df:2d:4d:a0:26:88:
bc:a7:39:de:54:4e:4f:48:6d:24:b9:1f:f7:c3:b4:a4:6e:93:
c3:8f:74:b1:e3:9f:56:04:8c:d4:d4:d3:d6:50:03:98:49:d9:
58:0f:ad:bc:b1:57:fe:0c:df:67:4a:4e:2a:9d:e7:b5:6b:cb:
2b:a6:d2:6f:9e:9f:fc:a6:fb:46:e9:f6:b1:44:61:be:15:b3:
d0:b1:6e:8c:2c:77:47:91:53:29:13:2f:51:92:be:20:3c:1b:
8a:b7:74:da:ee:d3:d8:7c:00:45:6c:8e:16:bf:54:69:39:53:
b8:c6:dd:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNEFMrkb9i6xVRLxF5/eK11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTE2MDIxNTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWFhNDZhZjY2Njk1ODgzY2RmZDNhNTNkYWJhNGE3OWVhN2Y0YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj+uZQy/pwDRXjHR5hMWa7xnk0PQ
rZNZ9xwU715jrHyu95En7UtzWDft9nyva4EzzLtjXhO6HRbxIpXh/JHE9aDoE3iY
8/DeWiTeN5WZDWAt1/fW1rGr5O/4lBSkpivcE+YOaDKlVSqDWLvx1Sre+mBjOcfz
URksoT62Zkh7EKNRMBAboDsIlODoV+CzyWgmcG/y2xwQ5d9w1L1t68Yqx1qRAKBF
Adwml98RJgzVDVuBLUUldnrZcqALQqJPuUf4gYE/4JbmvR+rPIk2kER/oLyr8zwz
Z1C8RU1k5tkynBJ9LfDhRCSTK94VS3S0rI8ZGbJgur7R1h+TNwxGuQUIMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMWqRq9maViDzf06U9q6Snnqf0pDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGFwR3IyWnBXSVBOX1RwVDJycEtlZXBfU2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAvQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAELOqOjFvczhHrwQB1KmzrcO3KBCEV8bpYCbun
bvec/pDfdbkIygdEgWXuetVQx2ITIYy4lxaQgupqc/7Ooc1flUwzuobvXlW4DtZQ
YbEtHdFhEd4sMPznzCXGmMgExq36o1CivbuadA+rGErzA/xjJdOkBSpFH2Iggcdd
xYXK0VrzX+Gwwhm7HJXfLU2gJoi8pzneVE5PSG0kuR/3w7SkbpPDj3Sx459WBIzU
1NPWUAOYSdlYD628sVf+DN9nSk4qnee1a8srptJvnp/8pvtG6faxRGG+FbPQsW6M
LHdHkVMpEy9Rkr4gPBuKt3Ta7tPYfABFbI4Wv1RpOVO4xt0f
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-fra.rpki-client.org