Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1LuPuEeqYMP_FcWmu-LL0UbHPEU.roa
File: 1LuPuEeqYMP_FcWmu-LL0UbHPEU.roa (raw, json)
Hash identifier: tMz1TZUv7hvKNgHeHgkQsfZvDjsUBV0Pu/H+c1lH09Y=
Subject key identifier: D4:BB:8F:B8:47:AA:60:C3:FF:15:C5:A6:BB:E2:CB:D1:46:C7:3C:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182DB90197047B36F4FF388622C6B77EC70
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1LuPuEeqYMP_FcWmu-LL0UbHPEU.roa
Signing time: Fri 26 Aug 2022 19:10:30 +0000
ROA not before: Fri 26 Aug 2022 19:10:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209225
IP address blocks: 2a10:cc40:100::/44 maxlen: 48
2a10:2f00:17e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:db:90:19:70:47:b3:6f:4f:f3:88:62:2c:6b:77:ec:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 26 19:10:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4bb8fb847aa60c3ff15c5a6bbe2cbd146c73c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:25:9d:77:05:60:bc:c8:6e:37:68:76:c8:a9:
8b:00:4b:c8:ce:98:c8:59:e4:85:f2:54:c1:bb:29:
77:bb:17:4c:47:6e:64:68:91:e9:5a:64:0f:dc:37:
fb:fb:75:8a:f0:c5:19:62:63:2e:bd:2b:db:3e:e1:
95:05:80:30:0d:ab:a2:f8:84:e3:45:d3:bf:cb:a1:
f6:64:2f:ea:3c:87:25:a1:33:04:d9:95:6b:e9:b0:
86:9c:25:86:16:0f:c5:bc:5a:f4:ad:8f:95:84:75:
70:8a:5b:75:96:0b:5c:fa:3d:18:62:3d:65:57:d8:
dd:19:a4:f2:90:c2:13:35:34:d5:a0:de:d0:67:1c:
44:26:3f:dd:03:05:d4:1f:4f:af:c9:2d:cf:61:60:
01:3b:c7:0f:eb:2e:5b:88:67:cf:cd:32:60:e2:43:
9e:78:af:73:d4:9c:f8:70:98:12:21:28:d1:60:34:
64:5f:b5:1f:6b:f2:8d:30:2e:f5:c7:63:c1:a1:75:
20:55:26:3d:5c:1d:6d:3b:a4:1f:c4:35:37:fa:ff:
dc:ee:0b:31:d0:ea:7a:72:a3:b0:28:36:ea:aa:ad:
69:dd:df:fc:02:be:85:6b:68:e5:19:7a:fe:7e:0d:
c2:dc:f7:86:bc:b4:ea:7d:e6:6f:38:ac:bb:c7:7b:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BB:8F:B8:47:AA:60:C3:FF:15:C5:A6:BB:E2:CB:D1:46:C7:3C:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1LuPuEeqYMP_FcWmu-LL0UbHPEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17e::/48
2a10:cc40:100::/44
Signature Algorithm: sha256WithRSAEncryption
15:d4:65:ae:0a:bf:23:9d:bf:2c:fe:ee:8a:2c:fa:5b:ad:97:
7e:3e:c4:00:03:c6:d9:7e:69:39:74:ef:01:aa:77:e7:f6:8c:
06:98:7b:a5:a9:34:51:2b:7f:ba:90:c7:f8:87:a6:c6:0e:28:
9d:7c:fd:04:a0:e8:54:c8:5d:61:57:c6:52:fe:33:68:33:b1:
4b:86:7f:5a:23:61:29:75:6d:04:d9:4a:73:ca:02:ee:da:6d:
b5:8a:64:0d:2f:1d:49:6e:fd:11:ce:28:64:86:15:22:9d:73:
4f:8b:2f:47:c7:9e:4f:fd:68:d8:45:bb:ad:e8:3c:ab:50:1b:
c9:07:4a:fd:0b:28:58:88:84:18:2d:bb:64:9a:60:40:be:b8:
bb:43:db:b8:52:74:50:6f:c1:5e:9f:5d:9c:2e:05:30:fc:be:
fe:cc:7c:db:d7:d6:d0:19:ce:a9:2e:7a:6a:8d:09:68:b6:12:
87:9d:5f:50:5d:06:a0:58:eb:7e:c1:a8:34:4c:5d:ce:2b:28:
1b:fd:22:1f:25:82:ed:48:31:d8:7a:1a:82:ce:c3:f8:6f:54:
ef:2f:ac:60:0f:37:7b:b8:c8:55:47:0d:09:89:da:00:f9:fa:
38:50:1a:77:83:d6:48:a3:f9:e3:aa:77:4c:8f:db:18:f2:23:
27:1b:4b:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLbkBlwR7NvT/OIYixrd+xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI2MTkxMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGJiOGZiODQ3YWE2MGMzZmYxNWM1YTZiYmUyY2JkMTQ2YzczYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCWddwVgvMhuN2h2yKmLAEvIzpjI
WeSF8lTBuyl3uxdMR25kaJHpWmQP3Df7+3WK8MUZYmMuvSvbPuGVBYAwDaui+ITj
RdO/y6H2ZC/qPIcloTME2ZVr6bCGnCWGFg/FvFr0rY+VhHVwilt1lgtc+j0YYj1l
V9jdGaTykMITNTTVoN7QZxxEJj/dAwXUH0+vyS3PYWABO8cP6y5biGfPzTJg4kOe
eK9z1Jz4cJgSISjRYDRkX7Ufa/KNMC71x2PBoXUgVSY9XB1tO6QfxDU3+v/c7gsx
0Op6cqOwKDbqqq1p3d/8Ar6Fa2jlGXr+fg3C3PeGvLTqfeZvOKy7x3sT/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNS7j7hHqmDD/xXFprviy9FGxzxFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMUx1UHVFZXFZTVBfRmNXbXUtTEwwVWJIUEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAF+
AwcEKhDMQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQAV1GWuCr8jnb8s/u6KLPpbrZd+
PsQAA8bZfmk5dO8Bqnfn9owGmHulqTRRK3+6kMf4h6bGDiidfP0EoOhUyF1hV8ZS
/jNoM7FLhn9aI2EpdW0E2UpzygLu2m21imQNLx1Jbv0RzihkhhUinXNPiy9Hx55P
/WjYRbut6DyrUBvJB0r9CyhYiIQYLbtkmmBAvri7Q9u4UnRQb8Fen12cLgUw/L7+
zHzb19bQGc6pLnpqjQlothKHnV9QXQagWOt+wag0TF3OKygb/SIfJYLtSDHYehqC
zsP4b1TvL6xgDzd7uMhVRw0JidoA+fo4UBp3g9ZIo/njqndMj9sY8iMnG0sD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org