Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/95saRQ2fE4GkIvypbODVkqdqybU.roa
File: 95saRQ2fE4GkIvypbODVkqdqybU.roa (raw, json)
Hash identifier: zRAzX0XK/sfxi8tDCrK0zRnfP8bR0ZkTbwvu9jLcHSM=
Subject key identifier: F7:9B:1A:45:0D:9F:13:81:A4:22:FC:A9:6C:E0:D5:92:A7:6A:C9:B5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01845F551F2B58B923FD655AF6F947335D97
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/95saRQ2fE4GkIvypbODVkqdqybU.roa
Signing time: Thu 10 Nov 2022 02:18:44 +0000
ROA not before: Thu 10 Nov 2022 02:18:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:cc44:800::/37 maxlen: 48
2a0e:97c6:4000::/40 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
2a0e:97c7:800::/37 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5f:55:1f:2b:58:b9:23:fd:65:5a:f6:f9:47:33:5d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 10 02:18:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f79b1a450d9f1381a422fca96ce0d592a76ac9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1a:a7:ea:44:8b:de:c3:48:98:b9:fd:12:54:
78:51:4b:6e:f2:7e:c8:15:77:12:56:5a:03:d0:44:
58:f8:12:e6:6a:1c:89:50:b1:e9:98:af:99:3a:67:
d7:1a:a7:f3:14:1c:66:54:e6:3f:17:49:7d:53:22:
0c:10:fe:fb:93:02:d4:27:fd:94:b3:9c:7f:16:d9:
a7:a7:b1:21:2b:17:ba:51:f0:cf:32:5f:8d:81:80:
8e:c7:a2:5d:bf:76:f8:3e:1b:04:40:2a:98:97:19:
df:ab:3f:50:9e:a0:2f:9b:55:10:b2:2b:34:91:8e:
04:b2:62:b6:b3:ec:5a:0c:3b:87:a7:d0:20:2d:63:
01:92:ca:02:d1:6f:58:1d:45:dd:33:ca:fd:2a:bb:
0e:b0:e5:0b:9e:b1:1e:a1:50:8c:9a:31:f5:01:ed:
c1:56:13:ba:da:95:70:99:60:2d:7d:fc:1d:3b:ef:
07:bd:01:a3:ed:39:c5:50:83:e3:38:47:da:2a:c1:
1c:d1:b8:d4:ac:93:cc:33:6e:53:45:c9:e9:88:f7:
af:c9:52:6d:b9:98:93:8f:7f:e3:07:77:cd:e8:88:
24:61:c3:fe:4e:34:11:dc:b7:86:1a:27:29:bb:49:
d4:40:99:c9:81:74:47:bc:62:47:9c:dc:a6:e7:12:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9B:1A:45:0D:9F:13:81:A4:22:FC:A9:6C:E0:D5:92:A7:6A:C9:B5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/95saRQ2fE4GkIvypbODVkqdqybU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c6:4000::/40
2a0e:97c7:800::/37
2a10:cc42:1000::/36
2a10:cc44:800::/37
Signature Algorithm: sha256WithRSAEncryption
1c:0d:e6:10:30:75:59:c2:18:67:65:4d:af:fb:42:38:58:1e:
b2:9b:11:6c:94:cd:79:48:92:53:df:a6:bc:85:9f:49:fd:e8:
50:ff:49:cd:8d:47:20:89:9e:99:8d:ec:64:52:82:4a:37:cd:
4f:9f:68:72:76:a6:b2:c2:aa:10:82:d4:3b:eb:e5:21:c8:00:
4f:93:5b:54:d7:f2:6d:b6:2c:18:d9:d1:81:7c:c1:d1:fc:39:
7f:c8:95:3e:32:ec:f6:c3:86:5f:e6:dd:8e:7a:ca:29:42:27:
47:d6:0a:7c:b9:36:ce:94:a3:6d:e4:e4:74:dc:89:c4:60:e3:
52:c0:ff:e9:11:41:20:4e:2c:f1:d3:fd:e3:f1:9e:a8:f1:3e:
0e:f9:46:2f:6f:c9:c5:ab:a8:1f:7d:1d:72:d2:b6:32:ea:1d:
0c:ac:43:ed:2e:70:da:4e:eb:d9:88:cc:69:dd:fa:39:24:20:
f5:a5:ce:85:14:89:b4:9e:fb:dc:84:54:ba:f5:d3:2f:24:29:
27:e9:4f:3e:fa:80:3c:3e:37:3a:40:dd:4a:e6:7c:7e:dd:c5:
94:c2:52:3d:18:86:0c:f4:c0:ce:0d:b1:5f:79:30:aa:e1:b6:
f5:d6:93:e7:97:b4:cc:6d:48:ce:84:68:b8:1b:a8:e0:b0:f7:
5b:02:a7:2b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYRfVR8rWLkj/WVa9vlHM12XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEwMDIxODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzliMWE0NTBkOWYxMzgxYTQyMmZjYTk2Y2UwZDU5MmE3NmFjOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Rqn6kSL3sNImLn9ElR4UUtu8n7I
FXcSVloD0ERY+BLmahyJULHpmK+ZOmfXGqfzFBxmVOY/F0l9UyIMEP77kwLUJ/2U
s5x/Ftmnp7EhKxe6UfDPMl+NgYCOx6Jdv3b4PhsEQCqYlxnfqz9QnqAvm1UQsis0
kY4EsmK2s+xaDDuHp9AgLWMBksoC0W9YHUXdM8r9KrsOsOULnrEeoVCMmjH1Ae3B
VhO62pVwmWAtffwdO+8HvQGj7TnFUIPjOEfaKsEc0bjUrJPMM25TRcnpiPevyVJt
uZiTj3/jB3fN6IgkYcP+TjQR3LeGGicpu0nUQJnJgXRHvGJHnNym5xKxlwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPebGkUNnxOBpCL8qWzg1ZKnasm1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOTVzYVJRMmZFNEdrSXZ5cGJPRFZrcWRxeWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYDKg6XwQgD
BgAqDpfGQAMGAyoOl8cIAwYEKhDMQhADBgMqEMxECDANBgkqhkiG9w0BAQsFAAOC
AQEAHA3mEDB1WcIYZ2VNr/tCOFgespsRbJTNeUiSU9+mvIWfSf3oUP9JzY1HIIme
mY3sZFKCSjfNT59ocnamssKqEILUO+vlIcgAT5NbVNfybbYsGNnRgXzB0fw5f8iV
PjLs9sOGX+bdjnrKKUInR9YKfLk2zpSjbeTkdNyJxGDjUsD/6RFBIE4s8dP94/Ge
qPE+DvlGL2/JxauoH30dctK2MuodDKxD7S5w2k7r2YjMad36OSQg9aXOhRSJtJ77
3IRUuvXTLyQpJ+lPPvqAPD43OkDdSuZ8ft3FlMJSPRiGDPTAzg2xX3kwquG29daT
55e0zG1IzoRouBuo4LD3WwKnKw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org