Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aHXhYCtNON8SRr1qDUDvnY_8rw0.roa
File: aHXhYCtNON8SRr1qDUDvnY_8rw0.roa (raw, json)
Hash identifier: 2CexY12oCL9Gxdw435jI34nlKWe2Mu6tltkHQNlBwn0=
Subject key identifier: 68:75:E1:60:2B:4D:38:DF:12:46:BD:6A:0D:40:EF:9D:8F:FC:AF:0D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181D2E012D96BC5F1B771E26290539F34A0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aHXhYCtNON8SRr1qDUDvnY_8rw0.roa
Signing time: Wed 06 Jul 2022 09:38:29 +0000
ROA not before: Wed 06 Jul 2022 09:38:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212292
IP address blocks: 2a10:2f00:15c::/48 maxlen: 48
2a0e:b107:e70::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d2:e0:12:d9:6b:c5:f1:b7:71:e2:62:90:53:9f:34:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 6 09:38:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6875e1602b4d38df1246bd6a0d40ef9d8ffcaf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:af:b8:1f:10:85:fb:91:b8:04:29:3b:21:14:
97:81:d0:4f:ff:2c:b5:42:05:64:46:0f:04:86:04:
40:26:fe:5c:69:86:30:d0:0f:10:40:5f:1f:e5:93:
28:42:db:74:42:53:0f:d4:90:95:70:4d:9e:a6:e4:
94:4f:c9:ac:7e:c7:b9:ec:db:29:f3:7a:e0:79:d2:
71:2e:8e:54:45:dc:19:db:e0:f0:1a:c2:1c:a9:3c:
df:d8:ae:2b:62:31:ef:1e:dc:61:8e:61:43:6d:4b:
f6:1f:2e:f2:a8:20:1c:49:9b:96:91:0a:1f:48:06:
92:cc:f5:90:2d:43:54:ad:eb:99:3f:78:c5:91:9a:
c1:15:fe:d0:ed:e9:d2:dc:16:52:04:81:4f:9c:08:
1e:c0:5d:c3:ee:76:bf:be:c2:44:f5:b6:58:e1:3e:
c9:c3:0c:86:04:2b:b7:47:f2:30:c9:3b:a5:3a:02:
52:06:a5:33:3c:2a:98:16:c6:10:31:3c:1a:70:83:
b6:bc:50:5e:12:5c:c7:ed:f5:0e:e9:0b:3f:0c:0e:
6b:8d:fe:32:2a:77:fb:46:b3:34:78:aa:fa:1f:6c:
37:3e:2f:6b:79:0a:4c:0d:88:b0:c8:23:ac:fa:19:
56:cb:e5:cc:56:72:bf:ca:83:1e:c0:8c:71:52:49:
ee:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:75:E1:60:2B:4D:38:DF:12:46:BD:6A:0D:40:EF:9D:8F:FC:AF:0D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aHXhYCtNON8SRr1qDUDvnY_8rw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:e70::/44
2a10:2f00:15c::/48
Signature Algorithm: sha256WithRSAEncryption
1e:a7:a0:1b:5c:f7:b0:19:57:46:d2:42:48:33:98:2d:c0:4d:
f6:c5:4d:eb:f5:7d:21:07:df:16:4d:74:75:a6:83:6a:b3:0f:
e3:f1:f5:b6:dc:c7:a4:0c:c6:5f:26:dd:74:11:7b:d8:23:c9:
06:6a:ed:80:78:47:13:e8:b7:95:8f:bb:e7:9c:06:a9:64:16:
9a:b8:71:cf:b5:91:46:27:b2:ee:7a:e2:67:34:8e:d2:c0:d8:
31:da:38:6d:d5:f6:0f:ad:ef:52:0f:5e:7f:5d:44:52:f6:41:
be:81:a7:28:a3:97:b6:ed:d6:17:4e:53:5a:1f:b3:79:6e:e1:
e4:99:6f:e8:c8:38:6e:43:7b:1a:e5:14:25:18:f3:e5:0d:2f:
d5:e5:af:d2:67:cf:6f:35:5f:61:2b:64:01:74:06:5c:24:e7:
c9:37:0e:07:32:f3:51:ab:a0:31:f0:17:2f:48:c2:02:4a:df:
25:c8:68:51:44:3b:08:1f:0e:9f:62:11:e3:e4:68:fc:e2:b1:
ac:b2:64:02:c0:64:b2:c9:e3:49:6c:4a:f6:61:5b:90:21:de:
d0:de:8e:d8:d0:67:25:bc:d4:c4:23:be:3d:29:ef:ae:8b:d7:
9a:d7:2c:e9:15:32:e0:8e:57:7f:1f:ec:ef:40:e6:51:d6:5c:
a4:e5:b1:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHS4BLZa8Xxt3HiYpBTnzSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzA2MDkzODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc1ZTE2MDJiNGQzOGRmMTI0NmJkNmEwZDQwZWY5ZDhmZmNhZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq+4HxCF+5G4BCk7IRSXgdBP/yy1
QgVkRg8EhgRAJv5caYYw0A8QQF8f5ZMoQtt0QlMP1JCVcE2epuSUT8msfse57Nsp
83rgedJxLo5URdwZ2+DwGsIcqTzf2K4rYjHvHtxhjmFDbUv2Hy7yqCAcSZuWkQof
SAaSzPWQLUNUreuZP3jFkZrBFf7Q7enS3BZSBIFPnAgewF3D7na/vsJE9bZY4T7J
wwyGBCu3R/IwyTulOgJSBqUzPCqYFsYQMTwacIO2vFBeElzH7fUO6Qs/DA5rjf4y
Knf7RrM0eKr6H2w3Pi9reQpMDYiwyCOs+hlWy+XMVnK/yoMewIxxUknu3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGh14WArTTjfEka9ag1A752P/K8NMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYUhYaFlDdE5PTjhTUnIxcURVRHZuWV84cncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBw5w
AwcAKhAvAAFcMA0GCSqGSIb3DQEBCwUAA4IBAQAep6AbXPewGVdG0kJIM5gtwE32
xU3r9X0hB98WTXR1poNqsw/j8fW23MekDMZfJt10EXvYI8kGau2AeEcT6LeVj7vn
nAapZBaauHHPtZFGJ7LueuJnNI7SwNgx2jht1fYPre9SD15/XURS9kG+gacoo5e2
7dYXTlNaH7N5buHkmW/oyDhuQ3sa5RQlGPPlDS/V5a/SZ89vNV9hK2QBdAZcJOfJ
Nw4HMvNRq6Ax8BcvSMICSt8lyGhRRDsIHw6fYhHj5Gj84rGssmQCwGSyyeNJbEr2
YVuQId7Q3o7Y0GclvNTEI749Ke+ui9ea1yzpFTLgjld/H+zvQOZR1lyk5bE6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org