Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/86CXd4Hqvr7_SDdr3jluvjOQM8E.roa
File: 86CXd4Hqvr7_SDdr3jluvjOQM8E.roa (raw, json)
Hash identifier: B3Qrbgqz7iSFUhBw4i5iY4mz75vQFqjw9uaBEm4/cyo=
Subject key identifier: F3:A0:97:77:81:EA:BE:BE:FF:48:37:6B:DE:39:6E:BE:33:90:33:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181EEAA5A52B8EB14D6EC2A343D2533BFCF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/86CXd4Hqvr7_SDdr3jluvjOQM8E.roa
Signing time: Mon 11 Jul 2022 19:09:10 +0000
ROA not before: Mon 11 Jul 2022 19:09:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212895
IP address blocks: 2a10:2f00:184::/48 maxlen: 48
2a0e:b102:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:aa:5a:52:b8:eb:14:d6:ec:2a:34:3d:25:33:bf:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 11 19:09:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3a0977781eabebeff48376bde396ebe339033c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fe:58:02:ae:0c:13:22:38:73:d2:6d:ff:64:
f4:c2:27:66:fa:96:b3:db:b5:c8:3b:38:2c:9f:fa:
a4:c6:88:97:a1:50:37:37:cc:31:51:70:22:21:2a:
8d:84:ee:86:38:59:d5:a7:a9:bf:ab:8b:df:48:e6:
c2:f1:a4:56:10:ce:a2:c9:71:65:81:68:d6:24:b6:
f5:3d:8b:90:85:6e:f9:44:00:57:14:1a:a1:4a:9a:
ac:b8:a3:65:77:bd:35:98:bc:74:15:58:fa:0a:06:
2f:45:86:0b:2b:3f:41:08:f3:9d:6f:6b:26:e3:04:
3b:48:ba:fc:7a:39:c3:cd:af:56:06:dd:01:40:9b:
bb:f6:75:49:43:86:d0:5e:c2:e8:62:fa:6b:f9:3e:
11:e0:17:c2:ca:74:86:65:51:39:7b:0a:2e:36:51:
c2:86:47:1b:c5:13:d4:3f:14:42:50:52:6e:0c:4f:
2c:ec:4e:2f:8a:81:6a:03:ea:27:57:b1:99:42:89:
34:bd:8e:a6:0c:59:d9:e4:7d:68:d0:73:ac:4e:e2:
e5:ba:9a:dc:5d:e1:96:71:a9:01:e4:84:7e:e6:c8:
e2:26:8f:9d:c3:33:b5:f5:a9:f7:67:6b:9d:e3:d0:
89:08:f7:7f:ae:11:71:8b:a8:8b:b5:db:21:6e:65:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A0:97:77:81:EA:BE:BE:FF:48:37:6B:DE:39:6E:BE:33:90:33:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/86CXd4Hqvr7_SDdr3jluvjOQM8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b102:100::/44
2a10:2f00:184::/48
Signature Algorithm: sha256WithRSAEncryption
99:cd:aa:98:cf:a3:10:25:dc:1a:f0:f6:eb:77:3a:e6:03:cd:
39:fe:85:8f:3a:36:45:d5:56:34:f1:83:dc:b3:43:75:82:1e:
63:72:f7:b0:1f:f9:af:a2:4d:a9:5d:d7:08:4d:da:59:ac:dc:
fb:79:5e:1d:b8:77:92:26:ef:a3:95:90:4a:33:90:f1:c6:e9:
8f:a0:46:f9:ba:40:90:cb:39:af:8d:db:26:d7:55:3a:0a:aa:
79:77:4d:cb:b5:ef:bc:91:df:94:19:77:80:3f:e8:45:83:41:
2a:0a:c8:95:53:a2:71:cb:3b:17:c5:b7:77:85:6a:4d:53:1a:
66:de:e2:fd:64:4e:37:c1:1d:01:8e:ec:94:ca:7e:ef:4b:83:
69:4f:93:fa:e0:12:19:31:b0:7a:c4:d1:a3:20:16:ff:93:a9:
74:e1:c5:df:ac:b4:1f:01:33:14:72:57:9e:00:f8:43:2f:32:
2e:ba:72:3d:83:34:30:bb:17:bb:a2:a5:cd:d5:13:ca:9f:cd:
20:e7:44:9f:ea:2b:75:aa:1e:d4:c6:b9:23:99:ef:71:5c:ff:
79:e8:d4:d8:44:c7:1e:37:5c:1d:24:07:fe:40:63:a3:60:bf:
13:f9:c6:89:6a:f6:42:69:8f:0b:2d:96:33:e5:98:29:e4:34:
e8:cd:2c:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHuqlpSuOsU1uwqND0lM7/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzExMTkwOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2EwOTc3NzgxZWFiZWJlZmY0ODM3NmJkZTM5NmViZTMzOTAzM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3f5YAq4MEyI4c9Jt/2T0widm+paz
27XIOzgsn/qkxoiXoVA3N8wxUXAiISqNhO6GOFnVp6m/q4vfSObC8aRWEM6iyXFl
gWjWJLb1PYuQhW75RABXFBqhSpqsuKNld701mLx0FVj6CgYvRYYLKz9BCPOdb2sm
4wQ7SLr8ejnDza9WBt0BQJu79nVJQ4bQXsLoYvpr+T4R4BfCynSGZVE5ewouNlHC
hkcbxRPUPxRCUFJuDE8s7E4vioFqA+onV7GZQok0vY6mDFnZ5H1o0HOsTuLluprc
XeGWcakB5IR+5sjiJo+dwzO19an3Z2ud49CJCPd/rhFxi6iLtdshbmXksQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPOgl3eB6r6+/0g3a945br4zkDPBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvODZDWGQ0SHF2cjdfU0RkcjNqbHV2ak9RTThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xAgEA
AwcAKhAvAAGEMA0GCSqGSIb3DQEBCwUAA4IBAQCZzaqYz6MQJdwa8PbrdzrmA805
/oWPOjZF1VY08YPcs0N1gh5jcvewH/mvok2pXdcITdpZrNz7eV4duHeSJu+jlZBK
M5DxxumPoEb5ukCQyzmvjdsm11U6Cqp5d03Lte+8kd+UGXeAP+hFg0EqCsiVU6Jx
yzsXxbd3hWpNUxpm3uL9ZE43wR0BjuyUyn7vS4NpT5P64BIZMbB6xNGjIBb/k6l0
4cXfrLQfATMUcleeAPhDLzIuunI9gzQwuxe7oqXN1RPKn80g50Sf6it1qh7Uxrkj
me9xXP956NTYRMceN1wdJAf+QGOjYL8T+caJavZCaY8LLZYz5Zgp5DTozSwl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org