Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ap5Yb_jWVDz6j3t0tevGzvbgsKk.roa
File: ap5Yb_jWVDz6j3t0tevGzvbgsKk.roa (raw, json)
Hash identifier: Y/lRpzJEYbzZYPTYljn7/p7hHtBuzZGnltO1j77bp8M=
Subject key identifier: 6A:9E:58:6F:F8:D6:54:3C:FA:8F:7B:74:B5:EB:C6:CE:F6:E0:B0:A9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182CEAB6FCCFC261808A462E3B2BA23E1A3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ap5Yb_jWVDz6j3t0tevGzvbgsKk.roa
Signing time: Wed 24 Aug 2022 07:05:17 +0000
ROA not before: Wed 24 Aug 2022 07:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209225
IP address blocks: 2a10:cc40:100::/44 maxlen: 48
2a10:cc40:100::/48 maxlen: 48
2a10:2f00:17e::/48 maxlen: 48
2a10:cc40:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:ab:6f:cc:fc:26:18:08:a4:62:e3:b2:ba:23:e1:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 24 07:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a9e586ff8d6543cfa8f7b74b5ebc6cef6e0b0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:54:38:4f:46:c2:e2:97:75:3e:84:a0:02:
01:ca:f9:04:91:f3:c6:48:5e:3d:a7:39:30:1f:dd:
57:bc:e4:a8:c5:61:28:ae:f2:62:14:19:f3:c2:7b:
77:a8:ed:20:88:85:69:df:61:c4:a9:7d:0a:f2:84:
fa:17:3e:b0:da:7d:ab:87:6c:6b:d0:8f:24:4d:3a:
b7:6e:71:f0:4f:20:24:0e:3e:31:2e:c4:3e:ae:a4:
fc:a3:19:50:dd:f9:db:9c:30:9d:3f:98:ce:e8:34:
cc:16:18:80:b2:46:72:bf:2e:4f:48:37:21:e5:7e:
7d:e6:2e:75:44:af:26:2c:26:9c:90:ad:bc:41:22:
8a:08:d9:63:c8:39:70:c5:97:6e:49:4a:c3:fa:da:
23:09:14:48:73:aa:2a:43:fa:fa:a4:fb:fa:f0:de:
3f:39:54:fb:e9:82:48:07:fe:56:95:73:34:3b:55:
f0:24:fa:9e:fa:06:6d:91:b6:f7:90:ba:e2:42:51:
44:36:85:b3:a5:ad:57:b6:c9:ea:6f:72:a8:89:90:
b9:19:f1:ef:4e:fd:be:96:89:ed:81:3e:e5:1d:39:
de:d7:31:6d:23:0f:58:19:77:68:fd:f8:0d:b4:b8:
5c:38:43:c5:66:ac:38:1e:94:fd:70:78:00:09:98:
84:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9E:58:6F:F8:D6:54:3C:FA:8F:7B:74:B5:EB:C6:CE:F6:E0:B0:A9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ap5Yb_jWVDz6j3t0tevGzvbgsKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17e::/48
2a10:cc40:100::/44
Signature Algorithm: sha256WithRSAEncryption
a1:08:6a:97:99:c7:10:46:2e:23:e0:a2:f9:b1:35:60:36:7c:
fc:e2:07:36:40:a6:ff:ea:37:7d:52:b2:2c:9b:cf:16:3c:5e:
24:a3:29:47:3d:4e:72:a4:f1:ba:3c:cc:97:f4:f8:02:4b:80:
f8:b1:fb:1a:96:0d:7f:17:f5:7c:88:fa:0f:49:7f:c1:39:1c:
b8:ea:e2:ed:c2:35:46:26:36:a7:3f:ac:19:c3:46:0e:91:de:
d7:99:ef:21:7f:68:3e:42:ec:b5:d0:9d:d5:36:fd:93:1d:db:
17:96:f1:55:66:a6:a0:5f:08:e9:ee:3c:d8:cd:66:85:53:e4:
9b:b3:6b:f1:34:91:5d:a2:31:ae:22:91:74:d0:66:91:35:8b:
74:a2:08:1f:f8:24:07:31:0b:8d:7a:36:7e:31:80:32:1f:2a:
6a:ff:9d:ab:06:22:1f:6b:8c:10:2c:d3:da:8d:88:1d:ac:ba:
f1:1a:ff:fa:f4:66:ae:af:0c:9d:ec:0d:fe:13:db:b2:b0:88:
15:9a:25:11:e2:8e:a0:b1:43:c0:38:de:dd:f4:52:ba:b3:3e:
b4:46:85:5c:0d:ff:9e:70:19:03:45:d5:0c:58:3c:47:c6:24:
71:2a:10:f5:aa:18:73:10:1e:50:3b:f3:88:59:2a:c0:60:38:
67:03:2b:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLOq2/M/CYYCKRi47K6I+GjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI0MDcwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTllNTg2ZmY4ZDY1NDNjZmE4ZjdiNzRiNWViYzZjZWY2ZTBiMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ5UOE9GwuKXdT6EoAIByvkEkfPG
SF49pzkwH91XvOSoxWEorvJiFBnzwnt3qO0giIVp32HEqX0K8oT6Fz6w2n2rh2xr
0I8kTTq3bnHwTyAkDj4xLsQ+rqT8oxlQ3fnbnDCdP5jO6DTMFhiAskZyvy5PSDch
5X595i51RK8mLCackK28QSKKCNljyDlwxZduSUrD+tojCRRIc6oqQ/r6pPv68N4/
OVT76YJIB/5WlXM0O1XwJPqe+gZtkbb3kLriQlFENoWzpa1Xtsnqb3KoiZC5GfHv
Tv2+lontgT7lHTne1zFtIw9YGXdo/fgNtLhcOEPFZqw4HpT9cHgACZiErQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqeWG/41lQ8+o97dLXrxs724LCpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYXA1WWJfaldWRHo2ajN0MHRldkd6dmJnc0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAF+
AwcEKhDMQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQChCGqXmccQRi4j4KL5sTVgNnz8
4gc2QKb/6jd9UrIsm88WPF4koylHPU5ypPG6PMyX9PgCS4D4sfsalg1/F/V8iPoP
SX/BORy46uLtwjVGJjanP6wZw0YOkd7Xme8hf2g+Quy10J3VNv2THdsXlvFVZqag
Xwjp7jzYzWaFU+Sbs2vxNJFdojGuIpF00GaRNYt0oggf+CQHMQuNejZ+MYAyHypq
/52rBiIfa4wQLNPajYgdrLrxGv/69Gaurwyd7A3+E9uysIgVmiUR4o6gsUPAON7d
9FK6sz60RoVcDf+ecBkDRdUMWDxHxiRxKhD1qhhzEB5QO/OIWSrAYDhnAys0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org