Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PRSzZy-ZFQHq0rE_RtmWVFSaZNs.roa
File: PRSzZy-ZFQHq0rE_RtmWVFSaZNs.roa (raw, json)
Hash identifier: gVamHs6pZHrda0IRhL7iOx4leZIdrFdb/yfl+7VqPNY=
Subject key identifier: 3D:14:B3:67:2F:99:15:01:EA:D2:B1:3F:46:D9:96:54:54:9A:64:DB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 14EF386B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PRSzZy-ZFQHq0rE_RtmWVFSaZNs.roa
Signing time: Wed 01 Jun 2022 08:58:46 +0000
ROA not before: Wed 01 Jun 2022 08:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204882
IP address blocks: 2a10:cc40:1b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351221867 (0x14ef386b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 1 08:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d14b3672f991501ead2b13f46d99654549a64db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:33:49:39:91:09:14:b7:49:7e:ca:3e:78:4c:
97:36:75:8b:d7:78:dc:57:f7:d9:b5:f4:3f:7d:3d:
de:6d:6d:b5:ad:04:68:d2:93:83:3e:aa:0f:4e:29:
67:d0:28:02:c7:61:a5:59:d1:09:ca:c2:f6:63:ea:
f1:2e:df:33:d9:84:e2:f1:01:d8:1f:6f:b3:be:26:
2f:73:59:5e:ad:a9:24:65:f1:8f:3d:dd:2b:58:ab:
79:73:e5:ab:c9:3a:31:d6:ab:24:ec:22:e3:a2:8d:
25:d1:e6:2d:74:1f:ca:f6:23:ac:6b:6f:dd:52:da:
c4:3d:16:bc:5f:46:c9:64:9c:bc:21:d9:e1:28:d5:
5e:2b:8f:43:b9:fc:53:21:ef:14:6a:a5:ae:a6:03:
22:1c:fd:46:1d:b9:94:74:40:f4:9e:19:af:1a:9a:
0b:e5:e3:2c:44:e7:64:75:4c:a9:e7:b5:2a:0d:0d:
75:3d:47:bd:9e:0b:2e:5f:84:70:d0:55:8e:e1:15:
68:c7:1f:c6:20:94:c8:51:67:69:1d:2f:f7:79:67:
5e:93:a6:22:d1:67:4c:9f:49:1c:54:99:3d:92:aa:
50:18:8f:a3:55:c5:1f:7f:43:cf:90:42:a1:a8:90:
40:ad:c8:ee:f0:55:a3:a7:29:d4:0c:3e:2d:fc:27:
60:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:14:B3:67:2F:99:15:01:EA:D2:B1:3F:46:D9:96:54:54:9A:64:DB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PRSzZy-ZFQHq0rE_RtmWVFSaZNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
13:cc:c7:76:72:43:1d:65:81:27:84:2c:cb:33:18:45:40:f5:
ce:94:4c:de:20:4a:71:54:55:da:ed:69:8e:06:c5:8e:fd:82:
3a:97:2a:d1:d6:84:5c:60:1e:5b:41:7e:ce:62:e3:35:a2:64:
06:dd:f4:00:1f:bb:69:a1:e2:40:96:18:68:98:0a:07:c0:53:
ca:95:9d:67:3e:bc:6b:74:34:5f:ee:e4:bc:65:7e:f9:56:ea:
f8:1f:18:31:94:e8:a7:43:f8:d5:4a:25:6f:dc:34:f4:12:07:
1e:bc:24:9a:6b:a1:00:7d:e5:a6:b3:b3:5f:8b:1f:09:7b:ed:
4f:71:b1:84:9c:80:0a:f5:55:57:ac:46:90:02:43:11:f6:ac:
ad:ee:70:bd:0e:e4:bb:e9:af:70:bd:b3:07:f4:e2:b5:9a:5c:
4d:49:e9:c9:eb:7a:89:0a:c6:ad:ee:6a:7a:b6:46:4d:07:5f:
69:06:67:24:01:65:e8:5b:36:d8:e1:3e:ac:03:f9:66:03:58:
87:0e:f5:44:9e:03:ff:07:f6:9e:17:9f:8c:f0:7a:91:5d:82:
7c:ca:5e:66:f0:3e:d8:85:35:ba:f1:08:b4:60:f5:70:bc:f6:
50:33:e5:0d:f7:6f:50:a8:25:1c:e3:0d:2d:c0:3a:c5:e2:77:
f8:b7:5b:22
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFO84azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYw
MTA4NTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QxNGIzNjcyZjk5
MTUwMWVhZDJiMTNmNDZkOTk2NTQ1NDlhNjRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAzSTmRCRS3SX7KPnhMlzZ1i9d43Ff32bX0P3093m1tta0E
aNKTgz6qD04pZ9AoAsdhpVnRCcrC9mPq8S7fM9mE4vEB2B9vs74mL3NZXq2pJGXx
jz3dK1ireXPlq8k6MdarJOwi46KNJdHmLXQfyvYjrGtv3VLaxD0WvF9GyWScvCHZ
4SjVXiuPQ7n8UyHvFGqlrqYDIhz9Rh25lHRA9J4ZrxqaC+XjLETnZHVMqee1Kg0N
dT1HvZ4LLl+EcNBVjuEVaMcfxiCUyFFnaR0v93lnXpOmItFnTJ9JHFSZPZKqUBiP
o1XFH39Dz5BCoaiQQK3I7vBVo6cp1Aw+LfwnYGsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ9FLNnL5kVAerSsT9G2ZZUVJpk2zAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1BSU3paeS1aRlFIcTByRV9SdG1XVkZTYVpOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQzEABsDANBgkqhkiG9w0BAQsF
AAOCAQEAE8zHdnJDHWWBJ4QsyzMYRUD1zpRM3iBKcVRV2u1pjgbFjv2COpcq0daE
XGAeW0F+zmLjNaJkBt30AB+7aaHiQJYYaJgKB8BTypWdZz68a3Q0X+7kvGV++Vbq
+B8YMZTop0P41Uolb9w09BIHHrwkmmuhAH3lprOzX4sfCXvtT3GxhJyACvVVV6xG
kAJDEfasre5wvQ7ku+mvcL2zB/TitZpcTUnpyet6iQrGre5qerZGTQdfaQZnJAFl
6Fs22OE+rAP5ZgNYhw71RJ4D/wf2nhefjPB6kV2CfMpeZvA+2IU1uvEItGD1cLz2
UDPlDfdvUKglHOMNLcA6xeJ3+LdbIg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org