Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8uQFidDakZBM0dq-9wj0ZQwBp_0.roa
File: 8uQFidDakZBM0dq-9wj0ZQwBp_0.roa (raw, json)
Hash identifier: 7NnlVO2vFTRpJR6n+U+xu8wUvNA9u+hibQXvpNCdxXw=
Subject key identifier: F2:E4:05:89:D0:DA:91:90:4C:D1:DA:BE:F7:08:F4:65:0C:01:A7:FD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183044AF97D2AD3257880AC843561EF679E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8uQFidDakZBM0dq-9wj0ZQwBp_0.roa
Signing time: Sat 03 Sep 2022 16:59:25 +0000
ROA not before: Sat 03 Sep 2022 16:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 2a10:cc46:100::/44 maxlen: 48
2a10:cc46:100::/48 maxlen: 48
2a10:cc46:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:04:4a:f9:7d:2a:d3:25:78:80:ac:84:35:61:ef:67:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 3 16:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2e40589d0da91904cd1dabef708f4650c01a7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:22:2f:03:56:d4:7d:46:9d:8f:f9:e4:72:
f6:32:f3:7b:6d:b1:d0:24:77:f2:09:f5:c7:ac:d5:
15:46:af:97:ad:13:4c:a8:ce:8f:ac:10:59:6e:11:
24:cb:1a:fb:d0:0a:f7:41:79:38:12:1e:a4:34:d9:
fb:b3:52:b4:d0:e8:11:1d:66:5b:16:15:d7:9e:d9:
f0:30:9d:b3:fd:02:b2:f0:0b:9c:2c:53:0c:ee:6d:
00:e8:9f:b3:d4:bb:33:63:7b:05:9e:01:78:70:f5:
16:20:0b:f7:09:e4:77:71:ac:16:e7:d8:87:b6:b5:
1f:cf:67:e6:d8:bd:a1:00:d4:c5:e3:66:b0:54:66:
b1:76:d5:79:68:96:60:59:28:8d:fb:df:25:b1:cd:
9b:af:9e:5d:86:3a:e1:f1:95:b3:33:6b:23:b7:cd:
7b:b0:85:5e:b8:0b:ba:80:2a:cd:ac:06:7c:c9:71:
a7:3b:0a:53:f8:bf:7c:25:69:f8:75:8f:51:92:e2:
d9:50:9c:67:b0:8a:5a:79:3e:79:8d:0e:04:86:7b:
c4:d9:2a:95:e1:1a:a5:76:d7:6b:b3:ba:bb:a3:f0:
9a:c5:94:31:3f:c3:90:4e:ca:ce:85:1e:8b:ec:26:
98:bf:31:34:5b:db:57:dd:27:6d:19:45:aa:24:a1:
ff:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E4:05:89:D0:DA:91:90:4C:D1:DA:BE:F7:08:F4:65:0C:01:A7:FD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8uQFidDakZBM0dq-9wj0ZQwBp_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc46:100::/44
Signature Algorithm: sha256WithRSAEncryption
5a:2a:fc:78:b2:da:ef:5c:ad:53:30:74:74:25:03:66:1b:98:
64:ea:09:c0:5d:1b:c1:bd:2b:25:b1:0b:ad:a6:76:d6:d7:61:
9c:b4:00:66:4a:82:7a:88:70:4e:b3:d8:fa:c1:ff:50:57:c2:
95:25:8d:95:22:43:b2:88:f7:db:e9:59:d5:a4:f1:51:33:83:
20:8f:f2:64:95:2d:15:6c:a4:43:73:50:8d:06:f8:78:d2:c8:
28:05:68:7a:10:c1:38:ff:3d:15:93:32:23:76:cf:f3:2e:96:
35:64:42:c5:1d:8c:b9:43:f5:50:52:08:94:1b:1f:d5:9f:ec:
a8:15:91:3b:49:fa:6b:4d:90:dc:fc:c2:b9:e0:f6:5d:b2:70:
24:5d:69:61:8a:d5:f0:db:18:ad:77:e1:c7:93:ad:6b:17:d3:
ff:8d:2a:75:47:a4:29:53:b2:af:f3:1d:e2:a4:e8:64:a6:a6:
19:be:88:e8:9f:42:ec:f9:0d:1f:a1:43:f3:af:77:bf:24:25:
da:7e:62:16:92:08:e3:3f:0f:57:cb:c8:a9:f7:6d:24:4b:da:
cf:63:e1:77:51:a6:fc:c9:af:96:99:4b:9c:72:c1:5e:bd:c1:
23:2f:3b:fc:94:36:b9:96:d6:31:80:b4:ee:dc:42:ef:cb:34:
52:98:cc:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMESvl9KtMleICshDVh72eeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTAzMTY1OTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU0MDU4OWQwZGE5MTkwNGNkMWRhYmVmNzA4ZjQ2NTBjMDFhN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv4iLwNW1H1GnY/55HL2MvN7bbHQ
JHfyCfXHrNUVRq+XrRNMqM6PrBBZbhEkyxr70Ar3QXk4Eh6kNNn7s1K00OgRHWZb
FhXXntnwMJ2z/QKy8AucLFMM7m0A6J+z1LszY3sFngF4cPUWIAv3CeR3cawW59iH
trUfz2fm2L2hANTF42awVGaxdtV5aJZgWSiN+98lsc2br55dhjrh8ZWzM2sjt817
sIVeuAu6gCrNrAZ8yXGnOwpT+L98JWn4dY9RkuLZUJxnsIpaeT55jQ4EhnvE2SqV
4Rqldtdrs7q7o/CaxZQxP8OQTsrOhR6L7CaYvzE0W9tX3SdtGUWqJKH/AwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPLkBYnQ2pGQTNHavvcI9GUMAaf9MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOHVRRmlkRGFrWkJNMGRxLTl3ajBaUXdCcF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRgEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBaKvx4strvXK1TMHR0JQNmG5hk6gnAXRvBvSsl
sQutpnbW12GctABmSoJ6iHBOs9j6wf9QV8KVJY2VIkOyiPfb6VnVpPFRM4Mgj/Jk
lS0VbKRDc1CNBvh40sgoBWh6EME4/z0VkzIjds/zLpY1ZELFHYy5Q/VQUgiUGx/V
n+yoFZE7SfprTZDc/MK54PZdsnAkXWlhitXw2xitd+HHk61rF9P/jSp1R6QpU7Kv
8x3ipOhkpqYZvojon0Ls+Q0foUPzr3e/JCXafmIWkgjjPw9Xy8ip920kS9rPY+F3
Uab8ya+WmUuccsFevcEjLzv8lDa5ltYxgLTu3ELvyzRSmMyp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org