Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CYUcQwpUvYNZy_7ZSPR12IaAb7o.roa
File: CYUcQwpUvYNZy_7ZSPR12IaAb7o.roa (raw, json)
Hash identifier: oR3c+WlKm1A7nG7Si3P1ikEdc8V8kHEqq7IG70GN8Ug=
Subject key identifier: 09:85:1C:43:0A:54:BD:83:59:CB:FE:D9:48:F4:75:D8:86:80:6F:BA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01845E185A35A55677C117B68BBD416D6CD7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CYUcQwpUvYNZy_7ZSPR12IaAb7o.roa
Signing time: Wed 09 Nov 2022 20:32:44 +0000
ROA not before: Wed 09 Nov 2022 20:32:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202224
IP address blocks: 2a10:2f00:18b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5e:18:5a:35:a5:56:77:c1:17:b6:8b:bd:41:6d:6c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 9 20:32:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09851c430a54bd8359cbfed948f475d886806fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f2:34:43:fa:f7:81:bc:17:e7:08:ee:03:0c:
bf:0b:e2:cf:bf:0b:3b:53:99:12:20:d9:ee:4a:3c:
66:d9:99:d6:a7:1f:b5:cc:4e:44:ca:04:b3:1f:e2:
43:c8:3b:62:ed:98:16:a9:78:fc:62:c4:88:d9:fb:
97:3b:e7:4a:4f:5f:86:29:b9:2f:9d:4c:86:ef:c8:
a2:3e:77:cb:14:dd:95:e7:d5:b1:f8:ae:8e:45:ac:
46:46:6d:be:83:5a:0c:d3:bc:03:44:6a:a7:c8:c4:
cc:f9:39:e6:fa:cc:b1:34:d0:0d:64:96:56:51:a7:
43:36:18:6e:4b:e6:e1:37:13:c6:b4:b9:97:ac:e5:
58:85:8d:db:ff:58:7c:b5:61:2d:dd:e1:d3:50:9a:
8b:a3:86:78:2a:c4:86:77:f7:13:19:32:c0:5e:fd:
cc:56:e0:3c:98:2d:06:bc:6e:f8:54:af:42:59:77:
5e:08:17:cc:6b:4c:0a:78:29:d9:59:33:cd:9d:d7:
53:bf:82:c4:0c:bc:c9:a2:b7:a8:f1:f0:44:99:76:
55:46:ac:71:b8:cc:3c:da:fe:30:20:48:60:45:94:
d0:09:86:aa:33:38:87:19:fb:ab:38:1d:5a:3b:fd:
57:6f:14:b5:67:17:a6:c8:0d:ab:21:9b:1c:31:ba:
45:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:85:1C:43:0A:54:BD:83:59:CB:FE:D9:48:F4:75:D8:86:80:6F:BA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CYUcQwpUvYNZy_7ZSPR12IaAb7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:18b::/48
Signature Algorithm: sha256WithRSAEncryption
14:1d:84:3b:a7:57:74:04:a4:d4:19:14:9d:7c:9f:2a:a1:10:
c1:00:42:fb:58:19:96:f5:4e:78:01:5a:ad:d0:6d:85:7a:1f:
c9:cd:97:60:24:04:2c:8e:8e:e9:eb:17:a8:b1:0a:21:a6:d2:
c3:64:b7:04:55:83:19:eb:9b:f5:8d:fd:d5:f2:75:ba:24:77:
25:95:33:2d:83:bd:d0:1f:61:67:d0:c1:3f:85:5b:49:a9:eb:
b5:31:45:dc:3a:98:08:bd:3b:a7:7d:ab:88:22:2b:45:9e:35:
f6:73:9f:1f:8d:29:29:be:1e:22:d1:1a:a6:e8:8f:18:6f:75:
50:c0:36:6a:be:95:40:8e:f9:cd:5c:22:f5:0a:da:4f:b4:66:
7b:24:21:eb:f2:a2:4a:b6:1a:cc:b4:85:ce:30:db:6f:ed:87:
d0:ef:e2:c6:45:e5:06:9d:86:dd:01:74:87:0e:cd:34:41:bf:
e0:ce:cc:f4:93:5c:cb:83:5e:2f:02:33:ff:34:a2:77:61:3b:
4b:06:9d:b7:f5:7a:14:57:61:e3:19:74:c3:76:be:7b:0c:9a:
de:37:bc:19:c1:78:0f:80:a0:01:ce:ee:12:30:12:cd:e9:2b:
74:e6:5b:ea:35:36:53:d3:34:ea:9e:44:04:1e:91:1a:bc:ed:
94:82:a1:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYReGFo1pVZ3wRe2i71BbWzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA5MjAzMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg1MWM0MzBhNTRiZDgzNTljYmZlZDk0OGY0NzVkODg2ODA2ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifI0Q/r3gbwX5wjuAwy/C+LPvws7
U5kSINnuSjxm2ZnWpx+1zE5EygSzH+JDyDti7ZgWqXj8YsSI2fuXO+dKT1+GKbkv
nUyG78iiPnfLFN2V59Wx+K6ORaxGRm2+g1oM07wDRGqnyMTM+Tnm+syxNNANZJZW
UadDNhhuS+bhNxPGtLmXrOVYhY3b/1h8tWEt3eHTUJqLo4Z4KsSGd/cTGTLAXv3M
VuA8mC0GvG74VK9CWXdeCBfMa0wKeCnZWTPNnddTv4LEDLzJoreo8fBEmXZVRqxx
uMw82v4wIEhgRZTQCYaqMziHGfurOB1aO/1XbxS1ZxemyA2rIZscMbpFbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAmFHEMKVL2DWcv+2Uj0ddiGgG+6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1lVY1F3cFV2WU5aeV83WlNQUjEySWFBYjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGL
MA0GCSqGSIb3DQEBCwUAA4IBAQAUHYQ7p1d0BKTUGRSdfJ8qoRDBAEL7WBmW9U54
AVqt0G2Feh/JzZdgJAQsjo7p6xeosQohptLDZLcEVYMZ65v1jf3V8nW6JHcllTMt
g73QH2Fn0ME/hVtJqeu1MUXcOpgIvTunfauIIitFnjX2c58fjSkpvh4i0Rqm6I8Y
b3VQwDZqvpVAjvnNXCL1CtpPtGZ7JCHr8qJKthrMtIXOMNtv7YfQ7+LGReUGnYbd
AXSHDs00Qb/gzsz0k1zLg14vAjP/NKJ3YTtLBp239XoUV2HjGXTDdr57DJreN7wZ
wXgPgKABzu4SMBLN6St05lvqNTZT0zTqnkQEHpEavO2UgqGq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org