Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5ygmMeiL8aUMfd6972BDEoZczQ.roa
File: C5ygmMeiL8aUMfd6972BDEoZczQ.roa (raw, json)
Hash identifier: rOdWZI14sqb+1DX/BBzx/VC7x7fgZVzLYRoK7VJWrYI=
Subject key identifier: 0B:9C:A0:98:C7:A2:2F:C6:94:31:F7:7A:F7:BD:81:0C:4A:19:73:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185211BF58C079062E154229B63097C0961
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5ygmMeiL8aUMfd6972BDEoZczQ.roa
Signing time: Sat 17 Dec 2022 17:22:38 +0000
ROA not before: Sat 17 Dec 2022 17:22:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207317
IP address blocks: 2a10:2f00:11a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:21:1b:f5:8c:07:90:62:e1:54:22:9b:63:09:7c:09:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 17 17:22:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b9ca098c7a22fc69431f77af7bd810c4a197334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c2:00:4f:bd:df:5c:7a:7e:ec:f3:46:ff:03:
3d:00:88:e2:36:27:8f:ec:10:4f:68:b4:08:83:cd:
b3:ee:be:f5:06:8d:2f:40:bd:b1:b4:b9:35:99:80:
c7:50:f3:a3:c4:2f:f8:25:4e:0e:29:5c:07:d1:de:
7f:86:1a:0a:4d:6e:ff:d4:5e:a5:f3:6b:5a:c8:e1:
c1:7c:79:07:ee:5c:e1:d1:b7:d4:8f:62:6d:86:cb:
52:21:25:9f:d2:70:98:83:57:07:86:56:b3:7d:6a:
85:25:7f:56:50:4e:14:9e:6e:1c:bb:88:63:fd:18:
2d:b9:c0:cb:f2:cd:b7:57:04:86:04:a7:64:ca:e1:
40:8c:52:66:2d:58:19:ec:4e:b7:62:83:14:09:9c:
1a:2f:23:78:b5:85:df:34:70:4c:6c:8c:31:26:02:
a9:9e:e1:35:d0:c6:87:21:7f:99:12:4f:de:0f:e7:
fc:41:d2:3c:ea:8b:5e:fc:1f:54:88:67:bb:a9:be:
17:b5:05:b5:e8:43:cc:0d:ac:9f:12:71:47:f2:64:
92:2e:51:30:45:d7:0b:1a:e0:3a:8c:2b:c0:04:d5:
19:1c:62:ef:86:0d:d6:40:a8:fb:30:50:4a:6c:1d:
8e:8c:80:a5:45:f9:d3:30:21:cd:fe:f0:36:76:c6:
2f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9C:A0:98:C7:A2:2F:C6:94:31:F7:7A:F7:BD:81:0C:4A:19:73:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C5ygmMeiL8aUMfd6972BDEoZczQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:11a::/48
Signature Algorithm: sha256WithRSAEncryption
1e:06:9b:ff:19:11:a1:ce:44:ce:56:d4:17:ea:a6:c8:39:e2:
08:3d:84:12:12:a9:08:da:bf:4b:5c:09:89:f2:fa:31:3f:8a:
5f:03:3d:85:91:6a:88:0c:2c:c7:a4:1c:82:7c:82:19:2e:36:
e5:7f:37:7a:2b:07:b9:ed:1d:10:a1:10:bf:48:01:52:4d:bb:
56:75:b4:32:65:d7:82:93:11:9a:2c:d3:2c:e1:05:94:86:dd:
db:06:bc:08:b9:28:54:21:c5:66:5b:07:9e:8d:31:84:ac:48:
2a:96:55:11:ab:0a:bd:00:24:1c:d7:7e:ef:0b:12:f8:4c:5d:
72:91:f7:b8:34:f7:50:43:a6:57:67:5b:41:44:d3:07:35:1e:
eb:9e:bf:1d:3c:44:10:73:43:7f:40:cf:0d:36:88:e1:19:90:
97:f6:11:e5:5d:c2:45:59:7d:59:26:47:1d:ef:f8:8f:48:a0:
39:b0:be:54:89:09:b8:b9:58:b2:b3:7d:1d:3f:4f:5e:0f:6c:
89:f7:76:4c:e8:c6:34:32:b9:ac:e3:3d:9f:62:6e:52:e8:f9:
90:ae:a0:34:83:2e:9b:c0:0b:d5:8d:fd:6b:71:5c:49:20:7e:
ea:dd:a1:71:9c:28:ed:f4:1a:56:ac:9f:ce:b1:7b:5c:a8:79:
4e:8a:c2:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUhG/WMB5Bi4VQim2MJfAlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjE3MTcyMjM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjljYTA5OGM3YTIyZmM2OTQzMWY3N2FmN2JkODEwYzRhMTk3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsIAT73fXHp+7PNG/wM9AIjiNieP
7BBPaLQIg82z7r71Bo0vQL2xtLk1mYDHUPOjxC/4JU4OKVwH0d5/hhoKTW7/1F6l
82tayOHBfHkH7lzh0bfUj2JthstSISWf0nCYg1cHhlazfWqFJX9WUE4Unm4cu4hj
/RgtucDL8s23VwSGBKdkyuFAjFJmLVgZ7E63YoMUCZwaLyN4tYXfNHBMbIwxJgKp
nuE10MaHIX+ZEk/eD+f8QdI86ote/B9UiGe7qb4XtQW16EPMDayfEnFH8mSSLlEw
RdcLGuA6jCvABNUZHGLvhg3WQKj7MFBKbB2OjIClRfnTMCHN/vA2dsYvPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAucoJjHoi/GlDH3eve9gQxKGXM0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQzV5Z21NZWlMOGFVTWZkNjk3MkJERW9aY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAEa
MA0GCSqGSIb3DQEBCwUAA4IBAQAeBpv/GRGhzkTOVtQX6qbIOeIIPYQSEqkI2r9L
XAmJ8voxP4pfAz2FkWqIDCzHpByCfIIZLjblfzd6Kwe57R0QoRC/SAFSTbtWdbQy
ZdeCkxGaLNMs4QWUht3bBrwIuShUIcVmWweejTGErEgqllURqwq9ACQc137vCxL4
TF1ykfe4NPdQQ6ZXZ1tBRNMHNR7rnr8dPEQQc0N/QM8NNojhGZCX9hHlXcJFWX1Z
Jkcd7/iPSKA5sL5UiQm4uViys30dP09eD2yJ93ZM6MY0Mrms4z2fYm5S6PmQrqA0
gy6bwAvVjf1rcVxJIH7q3aFxnCjt9BpWrJ/OsXtcqHlOisLm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org