Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/B85Jw5DpyB2yk2VjgnZ7BT81BJc.roa
File: B85Jw5DpyB2yk2VjgnZ7BT81BJc.roa (raw, json)
Hash identifier: hushgZh2Z4G99j1V6vo7cOOcBpdl/Tb6eYTv+FKQnUY=
Subject key identifier: 07:CE:49:C3:90:E9:C8:1D:B2:93:65:63:82:76:7B:05:3F:35:04:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 11D8933C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/B85Jw5DpyB2yk2VjgnZ7BT81BJc.roa
Signing time: Wed 09 Feb 2022 18:13:16 +0000
ROA not before: Wed 09 Feb 2022 18:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208893
IP address blocks: 2a10:2f00:17d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299406140 (0x11d8933c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 9 18:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07ce49c390e9c81db293656382767b053f350497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2f:71:a5:90:8f:6b:f9:95:e0:9f:ad:6b:96:
a1:3e:de:24:0e:89:c9:2b:79:d4:d6:4b:e1:cf:64:
6c:18:09:69:91:44:eb:e2:da:bf:39:92:c0:ac:88:
53:25:f0:78:fe:0f:89:0a:01:18:78:04:0d:a8:de:
38:f7:dd:aa:39:33:d6:6c:b8:75:2c:d3:d9:4b:be:
a1:c8:03:1b:b8:07:95:cf:e7:03:ce:e4:50:5b:5e:
de:76:b1:99:1e:97:8f:c3:ba:fd:ea:53:b7:d0:58:
fe:ff:f6:20:59:5b:19:82:7d:ad:c6:0e:ea:94:8a:
86:09:94:ec:82:88:1b:1f:04:d4:f5:b9:91:ce:e8:
d7:7a:7a:e7:7d:64:b8:cd:c8:68:cc:68:01:3f:62:
54:52:6b:f0:6d:a1:ca:03:8d:97:41:be:3e:82:12:
8a:e3:a1:8c:33:0c:f5:85:ff:71:4b:87:54:a1:0b:
da:c9:bd:74:e8:f8:38:2e:ed:7c:91:a2:bd:3a:af:
bf:05:d1:ba:41:bb:56:58:33:3a:06:96:53:03:55:
2a:6a:1f:78:da:c2:96:45:1a:63:9e:30:2f:75:62:
8f:6a:57:eb:fe:32:69:c4:5f:4b:79:f2:9e:0b:85:
84:6a:63:a1:d3:9e:23:6b:50:2e:d0:a2:13:59:1e:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CE:49:C3:90:E9:C8:1D:B2:93:65:63:82:76:7B:05:3F:35:04:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/B85Jw5DpyB2yk2VjgnZ7BT81BJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17d::/48
Signature Algorithm: sha256WithRSAEncryption
08:29:78:69:d3:ce:dd:1e:79:37:88:40:b3:bd:81:51:3a:4b:
85:df:ed:6a:8f:f8:88:85:f9:0c:7f:55:67:84:c7:78:a1:23:
10:1a:06:b3:a0:35:27:29:80:e0:79:b5:0d:94:bf:f6:a2:f6:
4f:8d:2f:c5:cd:bd:c8:2e:44:b2:77:0a:37:a7:e4:32:43:4b:
30:81:30:1e:3e:6d:58:9f:35:41:b5:06:f1:36:8d:ca:bb:80:
9e:87:45:fd:e7:39:07:af:d5:70:82:09:9c:24:83:a6:d8:da:
b1:5c:f7:b6:2d:f5:88:3a:a9:37:e2:97:90:4e:1f:8b:c5:c3:
d4:b1:12:29:bb:59:be:de:5d:1b:41:9e:a0:ec:b7:9f:40:b7:
ad:b6:2f:00:fc:11:86:64:01:49:3c:6c:37:bc:85:79:70:6d:
86:0d:e5:e8:b1:0c:6c:02:49:db:9b:e0:79:97:1e:91:14:a5:
b4:54:42:72:da:bc:06:c5:cb:0a:6c:85:1c:27:2f:69:f7:0e:
d8:f1:0c:2f:ec:70:fe:41:f7:c2:3a:a0:14:46:6b:ec:12:e8:
b6:47:86:da:9e:f7:50:a4:1e:91:bc:81:e6:71:f8:4b:34:14:
ee:21:fc:3c:80:3f:11:bd:1c:c2:68:f5:44:97:6a:f1:b9:b1:
59:47:37:4e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEdiTPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIw
OTE4MTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDdjZTQ5YzM5MGU5
YzgxZGIyOTM2NTYzODI3NjdiMDUzZjM1MDQ5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAvcaWQj2v5leCfrWuWoT7eJA6JySt51NZL4c9kbBgJaZFE
6+LavzmSwKyIUyXweP4PiQoBGHgEDajeOPfdqjkz1my4dSzT2Uu+ocgDG7gHlc/n
A87kUFte3naxmR6Xj8O6/epTt9BY/v/2IFlbGYJ9rcYO6pSKhgmU7IKIGx8E1PW5
kc7o13p6531kuM3IaMxoAT9iVFJr8G2hygONl0G+PoISiuOhjDMM9YX/cUuHVKEL
2sm9dOj4OC7tfJGivTqvvwXRukG7VlgzOgaWUwNVKmofeNrClkUaY54wL3Vij2pX
6/4yacRfS3nynguFhGpjodOeI2tQLtCiE1ke/ykCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQHzknDkOnIHbKTZWOCdnsFPzUElzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0I4NUp3NURweUIyeWsyVmpnblo3QlQ4MUJKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwABfTANBgkqhkiG9w0BAQsF
AAOCAQEACCl4adPO3R55N4hAs72BUTpLhd/tao/4iIX5DH9VZ4THeKEjEBoGs6A1
JymA4Hm1DZS/9qL2T40vxc29yC5EsncKN6fkMkNLMIEwHj5tWJ81QbUG8TaNyruA
nodF/ec5B6/VcIIJnCSDptjasVz3ti31iDqpN+KXkE4fi8XD1LESKbtZvt5dG0Ge
oOy3n0C3rbYvAPwRhmQBSTxsN7yFeXBthg3l6LEMbAJJ25vgeZcekRSltFRCctq8
BsXLCmyFHCcvafcO2PEML+xw/kH3wjqgFEZr7BLotkeG2p73UKQekbyB5nH4SzQU
7iH8PIA/Eb0cwmj1RJdq8bmxWUc3Tg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org