Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dz_bUmohFr8-a3CUivFtlB1laJs.roa
File: Dz_bUmohFr8-a3CUivFtlB1laJs.roa (raw, json)
Hash identifier: bocaoxSav58nmiiZDmfS5YPzlUzZ9ohUamig6a5gMcE=
Subject key identifier: 0F:3F:DB:52:6A:21:16:BF:3E:6B:70:94:8A:F1:6D:94:1D:65:68:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10A5E4C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dz_bUmohFr8-a3CUivFtlB1laJs.roa
Signing time: Sat 01 Jan 2022 09:05:12 +0000
ROA not before: Sat 01 Jan 2022 09:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210387
IP address blocks: 2a10:cc46:12d::/48 maxlen: 48
2a10:cc46:120::/44 maxlen: 48
2a10:cc46:128::/48 maxlen: 48
2a10:cc46:127::/48 maxlen: 48
2a10:cc46:122::/48 maxlen: 48
2a10:cc46:129::/48 maxlen: 48
2a10:cc46:124::/48 maxlen: 48
2a10:cc46:123::/48 maxlen: 48
2a10:cc46:12e::/48 maxlen: 48
2a10:cc46:125::/48 maxlen: 48
2a10:cc46:120::/48 maxlen: 48
2a10:cc46:12f::/48 maxlen: 48
2a10:cc46:12a::/48 maxlen: 48
2a10:cc46:121::/48 maxlen: 48
2a10:cc46:12b::/48 maxlen: 48
2a10:cc46:126::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279307462 (0x10a5e4c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f3fdb526a2116bf3e6b70948af16d941d65689b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:aa:4f:2e:ca:15:e1:03:63:75:f5:30:2f:cb:
93:96:0f:5c:0c:49:38:ee:d1:fa:ff:b4:a8:4a:1d:
e2:10:86:a4:b6:e4:fd:00:63:1c:f3:23:ee:d7:a8:
67:69:41:a2:75:38:33:3b:73:ec:ca:04:7f:af:97:
80:56:d9:44:4c:3e:38:b1:7b:9e:ff:3f:c5:5e:8b:
ca:c7:4a:c4:91:05:20:15:f2:72:46:e7:0d:54:6d:
9f:e2:20:d0:59:47:a5:2f:d2:a4:f9:f3:26:bb:6b:
63:a9:81:04:38:2e:7b:8a:2e:11:26:97:ea:87:ff:
66:5f:63:d6:5a:56:3d:a0:d0:f5:64:5b:68:38:47:
16:39:97:1c:aa:81:8f:d0:6f:c9:39:20:bf:fe:0e:
6c:60:4f:f5:70:36:3f:75:20:ca:79:a0:1a:37:ea:
c5:5f:19:54:70:e9:48:4f:4d:7c:d4:a4:cc:84:a8:
dc:af:bc:90:e1:82:d1:98:83:cd:e0:20:58:64:9c:
62:99:27:61:f1:f0:43:a5:b7:66:16:5a:16:00:8d:
54:79:5d:0a:96:61:92:f7:51:c9:37:92:42:ad:a4:
e5:60:f6:ad:e1:8a:da:b9:5c:13:d4:00:99:bb:43:
8f:d3:c8:dd:39:6b:a4:a6:73:f6:ec:68:77:85:30:
b1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3F:DB:52:6A:21:16:BF:3E:6B:70:94:8A:F1:6D:94:1D:65:68:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dz_bUmohFr8-a3CUivFtlB1laJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc46:120::/44
Signature Algorithm: sha256WithRSAEncryption
2d:b0:03:64:22:09:06:ac:ac:fd:d4:11:28:13:79:4e:60:1a:
c7:b9:2f:74:6a:5e:8d:6f:5e:7b:f1:a7:b0:d1:d7:d3:0d:c3:
45:80:96:69:ef:d5:b0:2b:12:93:8a:ad:43:68:9a:41:b5:b4:
32:2e:96:b6:1c:02:0d:0f:1f:30:9a:36:09:9c:be:f2:27:e1:
b6:b4:49:19:74:81:b8:08:2f:54:b1:36:42:ca:e0:fc:9f:62:
56:29:c7:07:c0:c5:cb:8b:73:61:16:68:91:1c:23:c8:4e:52:
ec:c2:34:6e:d2:86:c0:ac:1d:0a:dc:4e:6f:f4:6c:90:14:a9:
6a:31:3f:17:88:e0:0b:07:a1:25:6f:51:75:09:8c:fa:db:36:
ee:f2:ea:60:d9:22:39:24:96:92:85:47:59:0d:64:ff:cf:f3:
1d:1b:13:30:28:3d:f5:a2:e3:a7:9f:0c:d5:da:8e:42:c0:b2:
ff:4e:0c:04:3b:b3:3a:d2:38:0e:8b:e8:08:9f:f4:97:85:d0:
37:8f:fa:25:0b:30:63:f0:53:e6:1c:27:13:53:84:0f:6a:06:
22:a4:02:21:4e:57:a3:e5:3c:24:dd:44:cb:0e:71:1c:20:d3:
89:c8:33:c1:4e:36:ce:58:b4:20:b3:54:fc:e1:98:fa:c2:b9:
94:1b:ee:f8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEKXkxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYzZmRiNTI2YTIx
MTZiZjNlNmI3MDk0OGFmMTZkOTQxZDY1Njg5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImqTy7KFeEDY3X1MC/Lk5YPXAxJOO7R+v+0qEod4hCGpLbk
/QBjHPMj7teoZ2lBonU4Mztz7MoEf6+XgFbZREw+OLF7nv8/xV6LysdKxJEFIBXy
ckbnDVRtn+Ig0FlHpS/SpPnzJrtrY6mBBDgue4ouESaX6of/Zl9j1lpWPaDQ9WRb
aDhHFjmXHKqBj9BvyTkgv/4ObGBP9XA2P3UgynmgGjfqxV8ZVHDpSE9NfNSkzISo
3K+8kOGC0ZiDzeAgWGScYpknYfHwQ6W3ZhZaFgCNVHldCpZhkvdRyTeSQq2k5WD2
reGK2rlcE9QAmbtDj9PI3TlrpKZz9uxod4UwsaECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQPP9tSaiEWvz5rcJSK8W2UHWVomzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0R6X2JVbW9oRnI4LWEzQ1VpdkZ0bEIxbGFKcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQzEYBIDANBgkqhkiG9w0BAQsF
AAOCAQEALbADZCIJBqys/dQRKBN5TmAax7kvdGpejW9ee/GnsNHX0w3DRYCWae/V
sCsSk4qtQ2iaQbW0Mi6WthwCDQ8fMJo2CZy+8ifhtrRJGXSBuAgvVLE2Qsrg/J9i
VinHB8DFy4tzYRZokRwjyE5S7MI0btKGwKwdCtxOb/RskBSpajE/F4jgCwehJW9R
dQmM+ts27vLqYNkiOSSWkoVHWQ1k/8/zHRsTMCg99aLjp58M1dqOQsCy/04MBDuz
OtI4DovoCJ/0l4XQN4/6JQswY/BT5hwnE1OED2oGIqQCIU5Xo+U8JN1Eyw5xHCDT
icgzwU42zli0ILNU/OGY+sK5lBvu+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org