Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MUS9o4RqOznHjSgYC8-_llVlCu8.roa
File: MUS9o4RqOznHjSgYC8-_llVlCu8.roa (raw, json)
Hash identifier: sk9y5rF6+3xAts6YpD7rTeK4i9iquYCA1mm4HEE6oaQ=
Subject key identifier: 31:44:BD:A3:84:6A:3B:39:C7:8D:28:18:0B:CF:BF:96:55:65:0A:EF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182FAB0BE8E686DBA6479AD7CA85E282BE1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MUS9o4RqOznHjSgYC8-_llVlCu8.roa
Signing time: Thu 01 Sep 2022 20:14:23 +0000
ROA not before: Thu 01 Sep 2022 20:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50842
IP address blocks: 2a10:2f00:181::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fa:b0:be:8e:68:6d:ba:64:79:ad:7c:a8:5e:28:2b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 1 20:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3144bda3846a3b39c78d28180bcfbf9655650aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6e:0c:1c:03:06:2c:ea:2f:d0:e8:03:ce:a7:
ba:ae:dc:2f:43:ca:59:95:ee:5b:36:1c:17:c9:38:
01:0c:6a:0c:bf:14:5e:a5:6f:af:92:20:a8:da:84:
3e:bd:3c:53:98:a4:08:c0:38:63:f8:3f:84:26:a2:
74:1f:18:38:f7:af:a0:24:f8:70:cb:1c:46:a0:54:
4a:76:73:7b:d1:64:a9:a9:4d:df:ef:5e:fd:ef:48:
41:46:bd:30:85:9f:8b:a9:ab:18:df:1b:f3:0a:41:
e8:c7:fc:40:85:eb:b7:fb:2b:99:a3:d9:42:94:5e:
b9:62:3f:2e:51:1f:24:ed:b9:77:f0:7f:e1:21:82:
b5:36:73:78:6e:d5:76:12:37:f0:c0:3c:77:4e:83:
fe:1d:50:86:6a:c8:14:e6:2e:f7:e3:71:e5:2f:ca:
d1:40:38:97:86:1c:5f:bd:50:bd:51:4c:1a:e0:e3:
e2:66:5c:4c:7a:d3:58:74:68:e9:fa:42:b7:6d:c6:
ed:18:5c:91:80:13:14:04:0e:30:ff:81:ca:c1:b9:
e8:a5:ca:1d:91:d7:ae:22:34:42:27:7a:4a:df:25:
55:88:9a:fd:a6:03:4a:af:83:d4:e1:5d:a8:31:42:
e9:8d:e6:8e:d2:5e:38:8a:56:05:41:17:a1:7a:84:
bc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:44:BD:A3:84:6A:3B:39:C7:8D:28:18:0B:CF:BF:96:55:65:0A:EF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MUS9o4RqOznHjSgYC8-_llVlCu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:181::/48
Signature Algorithm: sha256WithRSAEncryption
67:f7:e5:6e:2d:59:a4:af:75:c8:a6:24:d2:b1:63:34:fc:8f:
5d:f7:7a:22:7f:52:64:cf:20:f8:94:db:b6:28:49:eb:3c:05:
87:f1:f5:c2:2a:65:8b:35:ed:10:18:8f:00:ee:7f:c1:8a:3c:
f5:c5:a9:7f:9d:aa:f0:ca:e1:ce:a5:d6:9a:69:b2:69:2f:1c:
ad:5f:6c:dc:4b:84:80:88:b0:a3:81:71:ee:b4:0d:ec:7f:62:
51:c1:f9:d3:61:2e:c8:15:97:22:3f:b7:6e:bd:27:3e:46:fb:
0f:d1:36:11:13:8e:c6:ae:fa:c5:2d:17:4b:69:66:e1:5d:6e:
b2:00:eb:08:68:83:02:9d:c7:58:df:57:d3:9f:47:ce:5a:3f:
3a:6e:fc:a0:73:86:e9:80:2d:36:c3:da:11:91:73:c2:f9:22:
7e:f1:4d:46:3b:5b:5a:8f:2f:ba:d0:31:4e:24:31:f3:96:ec:
88:ac:e7:1e:94:9a:40:f8:a8:5c:b6:36:0b:1c:7f:2a:7e:19:
15:c6:be:9f:fa:8b:7e:a6:39:a1:87:00:9e:59:a4:61:30:4a:
db:75:f8:40:42:cc:16:6a:71:e8:e8:bc:39:93:58:0c:12:61:
84:de:ea:da:41:76:3b:1c:4d:d1:dc:0f:37:08:c7:63:74:03:
68:bd:f7:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYL6sL6OaG26ZHmtfKheKCvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTAxMjAxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQ0YmRhMzg0NmEzYjM5Yzc4ZDI4MTgwYmNmYmY5NjU1NjUwYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl24MHAMGLOov0OgDzqe6rtwvQ8pZ
le5bNhwXyTgBDGoMvxRepW+vkiCo2oQ+vTxTmKQIwDhj+D+EJqJ0Hxg496+gJPhw
yxxGoFRKdnN70WSpqU3f717970hBRr0whZ+LqasY3xvzCkHox/xAheu3+yuZo9lC
lF65Yj8uUR8k7bl38H/hIYK1NnN4btV2EjfwwDx3ToP+HVCGasgU5i7343HlL8rR
QDiXhhxfvVC9UUwa4OPiZlxMetNYdGjp+kK3bcbtGFyRgBMUBA4w/4HKwbnopcod
kdeuIjRCJ3pK3yVViJr9pgNKr4PU4V2oMULpjeaO0l44ilYFQReheoS8hQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDFEvaOEajs5x40oGAvPv5ZVZQrvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTVVTOW80UnFPem5IalNnWUM4LV9sbFZsQ3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGB
MA0GCSqGSIb3DQEBCwUAA4IBAQBn9+VuLVmkr3XIpiTSsWM0/I9d93oif1JkzyD4
lNu2KEnrPAWH8fXCKmWLNe0QGI8A7n/Bijz1xal/narwyuHOpdaaabJpLxytX2zc
S4SAiLCjgXHutA3sf2JRwfnTYS7IFZciP7duvSc+RvsP0TYRE47GrvrFLRdLaWbh
XW6yAOsIaIMCncdY31fTn0fOWj86bvygc4bpgC02w9oRkXPC+SJ+8U1GO1tajy+6
0DFOJDHzluyIrOcelJpA+KhctjYLHH8qfhkVxr6f+ot+pjmhhwCeWaRhMErbdfhA
QswWanHo6Lw5k1gMEmGE3uraQXY7HE3R3A83CMdjdANovfcC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org