Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zfHeT6T42atR60TEszA3lzHSLq4.roa
File: zfHeT6T42atR60TEszA3lzHSLq4.roa (raw, json)
Hash identifier: AHjQKPXPC1kTsjzw9HPeAzXdhLCeSUT47aGClrULMB8=
Subject key identifier: CD:F1:DE:4F:A4:F8:D9:AB:51:EB:44:C4:B3:30:37:97:31:D2:2E:AE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12CF8019
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zfHeT6T42atR60TEszA3lzHSLq4.roa
Signing time: Wed 09 Mar 2022 19:50:50 +0000
ROA not before: Wed 09 Mar 2022 19:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207716
IP address blocks: 2a0e:97c0:7b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315588633 (0x12cf8019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 9 19:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdf1de4fa4f8d9ab51eb44c4b330379731d22eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:17:28:99:b7:2f:78:b9:8c:53:44:9a:ca:
af:1d:61:0a:31:4d:d5:b5:d4:52:8f:a9:ed:5f:69:
81:cc:29:ad:cf:c9:38:b6:b2:18:24:8e:ec:d2:b9:
29:be:05:5b:8b:a0:3c:b2:29:c6:76:75:e8:2e:37:
0d:9e:ce:2f:64:07:bc:d8:9c:d1:b3:63:fc:2f:91:
00:17:77:2e:02:ec:d2:b5:f2:94:dd:63:a3:04:04:
cf:24:e9:9a:b5:2b:f5:0f:aa:56:9a:1a:fc:c7:8a:
8b:fb:f8:8c:c4:b5:62:6b:ee:99:ff:db:76:9f:7d:
7e:2b:c4:01:dd:73:de:a7:18:af:c9:93:c9:b5:91:
81:8a:a9:92:72:c3:47:3d:5d:fa:c8:6e:34:4a:82:
98:4a:51:5b:0f:d7:e5:bf:57:73:01:39:93:08:f6:
2c:84:7e:71:4d:e6:89:79:68:d3:1e:9b:6c:d0:b7:
60:4d:0e:0f:bb:72:38:a1:a4:50:e3:98:4a:c0:af:
35:3a:29:6f:ca:12:f3:f7:96:f1:9e:b7:89:25:98:
0c:0c:4c:2a:76:46:bf:62:11:6a:1e:22:4e:a6:1f:
2c:16:15:dd:82:53:15:5c:56:99:2d:fb:50:83:86:
7d:f8:06:f9:ec:ef:71:b0:3d:a8:ea:42:93:5b:8c:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:DE:4F:A4:F8:D9:AB:51:EB:44:C4:B3:30:37:97:31:D2:2E:AE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zfHeT6T42atR60TEszA3lzHSLq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:7b0::/44
Signature Algorithm: sha256WithRSAEncryption
6d:8c:51:a6:bd:bd:e7:4b:3a:ac:be:24:cf:3e:54:ff:54:73:
82:9f:85:f7:85:e4:ce:e1:ae:57:54:3e:2e:93:9e:28:00:b8:
8b:1a:8d:f4:55:88:40:b7:b0:4a:6f:bc:33:f4:0f:44:08:b7:
e3:b6:14:63:0d:bc:94:6c:a8:7d:a1:18:d8:78:43:d5:1f:45:
9a:7f:ad:53:48:c4:0e:24:03:e5:b2:ba:22:06:6e:4b:85:eb:
c1:66:eb:13:25:75:45:3a:9b:1a:5e:0a:9e:da:17:f1:4b:95:
17:91:8d:8d:e6:59:9f:f6:df:bf:28:e8:4e:23:45:34:fd:94:
48:4c:14:48:3e:3f:54:ab:43:1f:d0:90:a6:5b:e9:2f:79:dc:
80:36:13:f1:6d:15:f1:39:5d:fe:84:7c:42:6c:f2:5a:ac:7b:
df:86:61:64:38:74:3d:a2:3a:db:0b:49:47:07:38:98:e9:bd:
3d:f0:62:f4:81:de:c4:f4:c0:75:0a:ed:8b:91:fa:3b:c5:3c:
3f:95:b3:a4:72:1c:b4:97:d6:4d:21:49:ee:d3:dc:37:b4:92:
0a:0c:cd:a2:60:36:7a:ad:56:68:76:43:28:26:c2:bd:aa:81:
16:2d:05:95:e4:42:f5:2a:ed:e7:90:39:fd:02:04:66:56:52:
f4:5e:70:99
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEs+AGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
OTE5NTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RmMWRlNGZhNGY4
ZDlhYjUxZWI0NGM0YjMzMDM3OTczMWQyMmVhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+vFyiZty94uYxTRJrKrx1hCjFN1bXUUo+p7V9pgcwprc/J
OLayGCSO7NK5Kb4FW4ugPLIpxnZ16C43DZ7OL2QHvNic0bNj/C+RABd3LgLs0rXy
lN1jowQEzyTpmrUr9Q+qVpoa/MeKi/v4jMS1Ymvumf/bdp99fivEAd1z3qcYr8mT
ybWRgYqpknLDRz1d+shuNEqCmEpRWw/X5b9XcwE5kwj2LIR+cU3miXlo0x6bbNC3
YE0OD7tyOKGkUOOYSsCvNTopb8oS8/eW8Z63iSWYDAxMKnZGv2IRah4iTqYfLBYV
3YJTFVxWmS37UIOGffgG+ezvcbA9qOpCk1uM8UcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTN8d5PpPjZq1HrRMSzMDeXMdIurjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3pmSGVUNlQ0MmF0UjYwVEVzekEzbHpIU0xxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AHsDANBgkqhkiG9w0BAQsF
AAOCAQEAbYxRpr2950s6rL4kzz5U/1Rzgp+F94XkzuGuV1Q+LpOeKAC4ixqN9FWI
QLewSm+8M/QPRAi347YUYw28lGyofaEY2HhD1R9Fmn+tU0jEDiQD5bK6IgZuS4Xr
wWbrEyV1RTqbGl4KntoX8UuVF5GNjeZZn/bfvyjoTiNFNP2USEwUSD4/VKtDH9CQ
plvpL3ncgDYT8W0V8Tld/oR8QmzyWqx734ZhZDh0PaI62wtJRwc4mOm9PfBi9IHe
xPTAdQrti5H6O8U8P5WzpHIctJfWTSFJ7tPcN7SSCgzNomA2eq1WaHZDKCbCvaqB
Fi0FleRC9Srt55A5/QIEZlZS9F5wmQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:05 2023 by rpki-client on console-ams.rpki-client.org