Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aAu5aDEwTFvoO8rZtlIN-1kWoYw.roa
File: aAu5aDEwTFvoO8rZtlIN-1kWoYw.roa (raw, json)
Hash identifier: UsNYa/LkqnND4lFNYdK3nErlthwBQ9Ybf3AXU4GgS8U=
Subject key identifier: 68:0B:B9:68:31:30:4C:5B:E8:3B:CA:D9:B6:52:0D:FB:59:16:A1:8C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018487408D11BB096511679F4264A288AC6C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aAu5aDEwTFvoO8rZtlIN-1kWoYw.roa
Signing time: Thu 17 Nov 2022 20:21:05 +0000
ROA not before: Thu 17 Nov 2022 20:21:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197071
IP address blocks: 2a10:cc40:230::/48 maxlen: 48
2a0e:97c0:3e4::/48 maxlen: 48
2a10:cc40:231::/48 maxlen: 48
2a0e:97c0:3e2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:87:40:8d:11:bb:09:65:11:67:9f:42:64:a2:88:ac:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 17 20:21:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=680bb96831304c5be83bcad9b6520dfb5916a18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c9:83:90:8a:b2:a3:81:40:ed:ca:25:72:b9:
42:9b:47:92:1a:20:2a:2d:1c:15:eb:f0:90:d8:a9:
e1:5b:a3:4f:f7:20:63:31:b6:3f:5a:3e:ce:fa:80:
e3:dc:c6:27:f1:68:bd:e2:01:01:cb:d8:c7:38:bd:
82:ae:be:e1:50:81:d7:96:5b:1a:2e:84:d0:47:ea:
ba:24:32:98:2d:18:6a:9b:3e:51:8a:44:cf:ce:45:
63:43:59:6b:e0:74:8b:08:5f:44:5a:fa:53:9b:db:
78:e8:40:38:a2:b8:5f:19:82:02:4b:43:68:70:67:
48:ec:5c:a0:bc:3d:ab:90:10:b6:42:51:77:1d:a3:
88:53:94:ab:54:b0:18:99:cf:52:ab:82:36:25:8e:
a3:b8:ba:b1:a9:b8:06:b7:c7:d7:c5:45:c7:ba:33:
fb:66:64:88:cc:c9:88:cb:2b:0d:86:e9:14:3f:8d:
93:0c:70:7f:9d:be:96:fa:9a:ed:9f:09:53:ab:06:
9c:44:7e:1f:a8:d1:c2:6a:10:b7:bb:ba:3f:09:44:
22:48:dd:9e:9c:fd:af:dd:94:24:31:0a:70:a3:99:
ac:e6:d5:e8:dc:0a:e0:3d:14:bd:f3:95:9c:32:da:
cd:26:a2:f7:ca:d4:ee:d0:b9:0f:f9:58:cb:ce:0e:
8c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0B:B9:68:31:30:4C:5B:E8:3B:CA:D9:B6:52:0D:FB:59:16:A1:8C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aAu5aDEwTFvoO8rZtlIN-1kWoYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3e2::/48
2a0e:97c0:3e4::/48
2a10:cc40:230::/47
Signature Algorithm: sha256WithRSAEncryption
c1:d8:51:d8:97:df:2f:d0:7a:2a:50:33:29:cd:f0:cc:f4:d2:
41:62:60:ab:36:7a:e9:c3:ac:58:71:62:20:32:2c:a2:74:02:
c7:db:d8:6c:10:fb:af:4b:cf:ca:9a:f5:1f:5a:b8:2c:ab:40:
38:ff:4d:24:db:b5:77:96:e3:f0:34:c9:a9:f8:49:72:7e:ff:
6c:db:84:9f:ff:aa:08:99:1d:dc:31:fa:27:57:56:c7:e5:73:
6a:e4:f0:7e:4a:70:0b:dc:d0:81:34:4b:32:7e:9a:79:82:03:
19:b5:ff:aa:be:82:2d:ba:5f:09:cb:ab:29:32:92:99:ca:6a:
8e:7a:12:b6:45:21:0d:04:30:fa:d1:75:d8:c4:16:39:bb:f3:
8a:46:c2:61:c2:9d:3b:30:5a:2c:e7:f5:cf:8c:19:3b:1e:e0:
73:95:46:f0:5f:7c:78:18:58:79:a8:12:35:06:44:8f:62:05:
89:6d:33:87:bb:ef:4a:41:e0:86:63:8c:dc:36:72:ea:d1:66:
a2:91:36:f1:f6:87:57:ce:8d:ae:4c:eb:09:2d:16:a4:21:d7:
ef:3f:3d:63:23:83:34:ac:51:af:fb:2f:0f:69:4a:63:e0:c8:
83:3b:93:fe:42:50:4c:4b:2b:d6:de:76:43:df:24:24:0e:0f:
f8:6b:55:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSHQI0RuwllEWefQmSiiKxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE3MjAyMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODBiYjk2ODMxMzA0YzViZTgzYmNhZDliNjUyMGRmYjU5MTZhMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsmDkIqyo4FA7colcrlCm0eSGiAq
LRwV6/CQ2KnhW6NP9yBjMbY/Wj7O+oDj3MYn8Wi94gEBy9jHOL2Crr7hUIHXllsa
LoTQR+q6JDKYLRhqmz5RikTPzkVjQ1lr4HSLCF9EWvpTm9t46EA4orhfGYICS0No
cGdI7FygvD2rkBC2QlF3HaOIU5SrVLAYmc9Sq4I2JY6juLqxqbgGt8fXxUXHujP7
ZmSIzMmIyysNhukUP42TDHB/nb6W+prtnwlTqwacRH4fqNHCahC3u7o/CUQiSN2e
nP2v3ZQkMQpwo5ms5tXo3ArgPRS985WcMtrNJqL3ytTu0LkP+VjLzg6MKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGgLuWgxMExb6DvK2bZSDftZFqGMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYUF1NWFERXdURnZvTzhyWnRsSU4tMWtXb1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAPi
AwcAKg6XwAPkAwcBKhDMQAIwMA0GCSqGSIb3DQEBCwUAA4IBAQDB2FHYl98v0Hoq
UDMpzfDM9NJBYmCrNnrpw6xYcWIgMiyidALH29hsEPuvS8/KmvUfWrgsq0A4/00k
27V3luPwNMmp+Elyfv9s24Sf/6oImR3cMfonV1bH5XNq5PB+SnAL3NCBNEsyfpp5
ggMZtf+qvoItul8Jy6spMpKZymqOehK2RSENBDD60XXYxBY5u/OKRsJhwp07MFos
5/XPjBk7HuBzlUbwX3x4GFh5qBI1BkSPYgWJbTOHu+9KQeCGY4zcNnLq0WaikTbx
9odXzo2uTOsJLRakIdfvPz1jI4M0rFGv+y8PaUpj4MiDO5P+QlBMSyvW3nZD3yQk
Dg/4a1US
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org