Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3hV2WSwHZ41sDbrssPfU98JRN_U.roa
File: 3hV2WSwHZ41sDbrssPfU98JRN_U.roa (raw, json)
Hash identifier: kSWU982LVxI2V0NZGJ9hT263WknwYtWghY4BzqE4Feo=
Subject key identifier: DE:15:76:59:2C:07:67:8D:6C:0D:BA:EC:B0:F7:D4:F7:C2:51:37:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10E4550C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3hV2WSwHZ41sDbrssPfU98JRN_U.roa
Signing time: Sat 01 Jan 2022 09:05:48 +0000
ROA not before: Sat 01 Jan 2022 09:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212568
IP address blocks: 2a10:2f01:300::/44 maxlen: 48
2a10:2f00:151::/48 maxlen: 48
2a10:2f01:30a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283399436 (0x10e4550c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de1576592c07678d6c0dbaecb0f7d4f7c25137f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:fe:8c:b0:a0:82:88:34:36:ee:c6:be:08:
f3:9f:f7:86:98:cc:87:e6:94:75:d1:f0:24:7b:6d:
71:f9:e3:ff:06:8d:16:6a:99:8b:0c:ee:b0:19:a4:
a7:3d:cf:fc:9e:57:a8:d0:42:9a:62:15:e9:30:4f:
28:8d:c4:75:8d:fe:6b:1d:9d:b4:51:52:46:0b:d4:
a1:d8:91:e4:79:ef:28:db:91:78:45:2b:5a:cd:3f:
83:ff:85:8d:e8:c9:57:10:c0:b6:37:d3:98:b6:a1:
b2:fe:12:01:ef:64:54:7b:91:61:61:cb:02:6d:7b:
e6:e0:ff:7f:3c:ac:df:86:9e:9a:d5:7c:5a:5c:14:
3d:6b:12:34:93:50:29:fc:4e:7b:16:a1:07:2f:40:
12:99:d4:b2:72:33:5a:dd:b7:8c:20:a7:dd:4b:49:
7a:e9:c8:bd:a3:97:c3:9f:0b:84:39:b2:e1:2e:78:
e1:20:2d:17:c9:41:6e:84:89:cd:95:47:22:8a:d6:
28:55:6d:91:20:61:5f:a6:ce:4a:91:6c:b8:75:68:
c6:76:e3:4f:e5:07:96:56:fd:d3:88:96:7e:d5:e9:
29:dd:03:a0:96:57:74:55:81:3a:73:87:90:00:23:
f5:b0:0b:b4:a1:09:88:3f:8d:9c:dd:1e:c6:15:c3:
01:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:15:76:59:2C:07:67:8D:6C:0D:BA:EC:B0:F7:D4:F7:C2:51:37:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3hV2WSwHZ41sDbrssPfU98JRN_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:151::/48
2a10:2f01:300::/44
Signature Algorithm: sha256WithRSAEncryption
62:d6:9d:6d:fb:6f:7c:3d:d3:a5:e3:7e:f4:81:83:71:1e:f5:
77:e4:a9:ce:f2:57:12:51:44:23:6d:3a:61:27:f4:29:ee:7b:
dc:9e:ad:f9:02:01:1f:d7:45:d2:57:43:ec:f9:88:25:38:dc:
22:a7:cf:df:b9:9e:6c:da:96:44:0e:1d:4a:3c:80:d8:dc:b5:
e2:68:aa:f9:94:f9:ba:b7:40:cf:c1:d6:5b:22:b2:dd:d7:fd:
2c:ae:84:93:98:16:82:16:3c:e1:c8:c6:f3:11:89:92:94:cd:
33:f6:db:24:c0:22:e5:1d:03:65:cc:4b:20:95:e3:b8:b3:61:
88:97:e6:6b:4b:2b:c8:57:e3:ae:33:6f:dd:6b:6e:11:24:9d:
dc:75:80:af:a9:e3:ab:8a:57:35:cc:f5:b8:16:de:6d:83:1a:
12:9a:7b:6d:02:d2:32:1b:e4:19:79:0a:f2:18:b1:21:1f:d1:
3d:d6:ba:f2:15:5a:ed:1d:f9:3f:14:44:da:7c:dc:95:0b:6d:
88:78:98:39:7d:9f:ed:68:a1:16:58:6b:65:b4:18:a9:d9:30:
29:29:6f:4c:ca:1a:3d:08:13:03:77:65:f6:5a:8e:17:4c:8d:
bb:86:63:01:05:8a:04:87:53:64:64:57:ce:f4:4e:cc:78:ed:
19:93:7c:6a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEORVDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUxNTc2NTkyYzA3
Njc4ZDZjMGRiYWVjYjBmN2Q0ZjdjMjUxMzdmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcy/oywoIKINDbuxr4I85/3hpjMh+aUddHwJHttcfnj/waN
FmqZiwzusBmkpz3P/J5XqNBCmmIV6TBPKI3EdY3+ax2dtFFSRgvUodiR5HnvKNuR
eEUrWs0/g/+FjejJVxDAtjfTmLahsv4SAe9kVHuRYWHLAm175uD/fzys34aemtV8
WlwUPWsSNJNQKfxOexahBy9AEpnUsnIzWt23jCCn3UtJeunIvaOXw58LhDmy4S54
4SAtF8lBboSJzZVHIorWKFVtkSBhX6bOSpFsuHVoxnbjT+UHllb904iWftXpKd0D
oJZXdFWBOnOHkAAj9bALtKEJiD+NnN0exhXDARkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTeFXZZLAdnjWwNuuyw99T3wlE39TAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzNoVjJXU3dIWjQxc0RicnNzUGZVOThKUk5fVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoQLwABUQMHBCoQLwEDADANBgkq
hkiG9w0BAQsFAAOCAQEAYtadbftvfD3TpeN+9IGDcR71d+SpzvJXElFEI206YSf0
Ke573J6t+QIBH9dF0ldD7PmIJTjcIqfP37mebNqWRA4dSjyA2Ny14miq+ZT5urdA
z8HWWyKy3df9LK6Ek5gWghY84cjG8xGJkpTNM/bbJMAi5R0DZcxLIJXjuLNhiJfm
a0sryFfjrjNv3WtuESSd3HWAr6njq4pXNcz1uBbebYMaEpp7bQLSMhvkGXkK8hix
IR/RPda68hVa7R35PxRE2nzclQttiHiYOX2f7WihFlhrZbQYqdkwKSlvTMoaPQgT
A3dl9lqOF0yNu4ZjAQWKBIdTZGRXzvROzHjtGZN8ag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org