Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4u4uMto-u-zHWNlyu54ut_GH3E.roa
File: z4u4uMto-u-zHWNlyu54ut_GH3E.roa (raw, json)
Hash identifier: /Rlev1gHfTucNfX6r1cUR4ZxtZImJJrQ8A32X+eQr5I=
Subject key identifier: CF:8B:B8:B8:CB:68:FA:EF:B3:1D:63:65:CA:EE:78:BA:DF:C6:1F:71
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184B4ADAD099480CF232E08EBCCAE921E0C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4u4uMto-u-zHWNlyu54ut_GH3E.roa
Signing time: Sat 26 Nov 2022 16:03:11 +0000
ROA not before: Sat 26 Nov 2022 16:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201197
IP address blocks: 2a0e:97c0:c80::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b4:ad:ad:09:94:80:cf:23:2e:08:eb:cc:ae:92:1e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 26 16:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf8bb8b8cb68faefb31d6365caee78badfc61f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b0:15:5d:ab:6c:79:2a:a9:63:e4:fc:8c:c9:
43:07:9f:39:d5:3b:78:34:85:bf:d3:28:e9:90:cc:
e9:63:dd:38:7c:59:c9:04:14:31:77:ad:fb:fc:7e:
1a:fa:93:bc:f7:8a:f1:25:17:5f:89:df:74:e7:68:
50:78:cc:b5:0f:b9:b0:c6:28:7d:4e:2c:bb:e8:b0:
c3:3e:58:15:f2:69:61:e6:21:e9:07:57:30:eb:e8:
fa:84:69:73:ce:51:55:02:0f:ca:47:64:97:eb:18:
60:d4:6f:c9:5d:77:16:ac:b2:66:70:33:5e:52:01:
33:5f:c6:6b:b2:1e:2e:f2:41:dc:d1:ab:6d:29:d0:
49:94:9b:6a:a7:0d:f6:51:91:11:f4:c0:37:ae:80:
14:cb:0a:f1:c5:07:53:27:6e:c2:25:10:c5:49:88:
6c:14:b5:b8:e5:f4:c9:ed:52:fa:1d:76:ad:c3:20:
a6:4e:56:fc:34:f9:b2:12:bd:9f:06:50:5a:ac:d2:
28:81:98:5f:4c:46:25:be:fd:c6:85:ad:dc:22:46:
ea:0d:fa:1c:48:c5:e3:15:6a:06:d0:90:14:2b:1e:
89:86:4f:b1:21:12:44:fd:4a:fe:aa:dd:ad:59:70:
b9:f4:e2:42:ea:4e:ac:70:51:60:51:b8:9f:f8:06:
17:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8B:B8:B8:CB:68:FA:EF:B3:1D:63:65:CA:EE:78:BA:DF:C6:1F:71
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4u4uMto-u-zHWNlyu54ut_GH3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c80::/44
Signature Algorithm: sha256WithRSAEncryption
81:50:9a:c1:24:a9:40:58:20:df:d9:1e:68:8f:76:e7:73:17:
a2:ce:e5:b4:1e:ae:7f:44:0e:7c:7c:c4:70:7a:bb:6a:58:4f:
82:9b:ce:eb:88:bb:df:fe:40:0a:9c:3b:a7:6d:18:81:5b:e0:
a2:54:13:a8:f8:e6:53:57:69:f8:bd:a0:d2:c2:d5:d6:27:26:
90:bb:ca:6c:5f:18:dc:2d:4f:95:40:31:a5:1e:a7:f2:98:5d:
10:f5:ee:02:a8:37:72:c4:15:72:76:d4:03:db:bd:53:12:c7:
9c:38:39:18:19:dc:fc:79:8c:24:04:2b:02:e3:f1:74:01:1e:
2c:5f:bf:ed:f4:a2:7b:55:6d:80:e3:e2:6a:55:b5:c6:c0:86:
39:6f:93:e2:16:7f:59:a5:3b:77:8d:f8:b8:7d:65:83:bc:10:
2d:47:6a:5d:8f:a4:73:c3:70:96:e7:be:20:ed:8c:a4:de:bc:
4c:ed:9b:09:b5:b5:98:66:d2:91:74:78:b4:04:e3:8e:ea:ca:
ad:24:c6:81:88:1c:1e:b1:39:ff:a0:a0:e0:d0:08:c4:8b:d6:
98:81:4b:ea:a1:97:aa:b3:8a:24:62:5d:6b:1b:75:40:55:1b:
95:e2:13:dd:43:e5:ec:d8:ec:68:28:df:9c:99:9e:80:6b:38:
ca:c5:60:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYS0ra0JlIDPIy4I68yukh4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI2MTYwMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhiYjhiOGNiNjhmYWVmYjMxZDYzNjVjYWVlNzhiYWRmYzYxZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7AVXatseSqpY+T8jMlDB5851Tt4
NIW/0yjpkMzpY904fFnJBBQxd637/H4a+pO894rxJRdfid9052hQeMy1D7mwxih9
Tiy76LDDPlgV8mlh5iHpB1cw6+j6hGlzzlFVAg/KR2SX6xhg1G/JXXcWrLJmcDNe
UgEzX8Zrsh4u8kHc0attKdBJlJtqpw32UZER9MA3roAUywrxxQdTJ27CJRDFSYhs
FLW45fTJ7VL6HXatwyCmTlb8NPmyEr2fBlBarNIogZhfTEYlvv3Gha3cIkbqDfoc
SMXjFWoG0JAUKx6Jhk+xIRJE/Ur+qt2tWXC59OJC6k6scFFgUbif+AYX7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM+LuLjLaPrvsx1jZcrueLrfxh9xMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvejR1NHVNdG8tdS16SFdObHl1NTR1dF9HSDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAyA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBUJrBJKlAWCDf2R5oj3bncxeizuW0Hq5/RA58
fMRwertqWE+Cm87riLvf/kAKnDunbRiBW+CiVBOo+OZTV2n4vaDSwtXWJyaQu8ps
XxjcLU+VQDGlHqfymF0Q9e4CqDdyxBVydtQD271TEsecODkYGdz8eYwkBCsC4/F0
AR4sX7/t9KJ7VW2A4+JqVbXGwIY5b5PiFn9ZpTt3jfi4fWWDvBAtR2pdj6Rzw3CW
574g7Yyk3rxM7ZsJtbWYZtKRdHi0BOOO6sqtJMaBiBwesTn/oKDg0AjEi9aYgUvq
oZeqs4okYl1rG3VAVRuV4hPdQ+Xs2OxoKN+cmZ6AazjKxWAk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-fra.rpki-client.org