Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRI5Nf2m7YB0OeEFWAIE4acPMAc.roa
File: bRI5Nf2m7YB0OeEFWAIE4acPMAc.roa (raw, json)
Hash identifier: 6cpjhmmZRZH99wLcI+CfeoWn4cMkHMYZjkaz9VW8g5U=
Subject key identifier: 6D:12:39:35:FD:A6:ED:80:74:39:E1:05:58:02:04:E1:A7:0F:30:07
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 12885656
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRI5Nf2m7YB0OeEFWAIE4acPMAc.roa
Signing time: Thu 03 Mar 2022 11:58:01 +0000
ROA not before: Thu 03 Mar 2022 11:58:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209225
IP address blocks: 2a10:2f00:17e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310924886 (0x12885656)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 3 11:58:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d123935fda6ed807439e105580204e1a70f3007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:84:54:0e:21:16:d1:4d:55:ab:0d:6a:42:
b9:79:f9:76:da:8b:fa:3c:07:64:a4:f0:e4:ad:19:
ef:29:19:cd:12:33:61:0a:e7:ec:23:be:f1:fb:bb:
8c:d0:f9:8e:9d:e1:27:72:8e:b0:47:26:48:70:8e:
4d:2f:38:de:b3:ca:54:79:38:cf:f4:18:1c:79:c8:
08:15:36:75:cc:e8:a3:fb:c2:1b:c9:ac:82:26:ea:
d0:4b:65:a2:23:a5:31:03:75:67:ae:c6:dd:67:d5:
08:77:59:a6:d4:14:12:e1:0b:d6:3b:29:c4:ae:44:
80:e5:a1:26:e6:d0:ad:53:f9:e5:d7:c2:5c:a5:b5:
21:5a:e6:32:45:ab:44:43:4e:35:04:c9:16:b2:60:
30:c1:8a:33:b8:7d:2a:35:7d:b2:a6:ab:07:aa:99:
9b:46:bd:16:18:44:d9:e7:d5:36:53:b4:d7:a7:ef:
8b:e1:66:5a:1d:ee:50:dd:91:65:da:c7:15:af:b4:
95:39:ec:36:4d:a3:06:a5:e8:cc:89:f4:50:a3:38:
93:dc:80:e3:15:b4:53:90:8b:4d:cb:62:e6:e3:b0:
b5:b8:3f:fb:52:f6:4e:96:79:f7:2f:96:ce:e3:58:
47:93:95:cf:c8:3d:3f:b4:8b:8f:13:46:ca:4a:16:
e0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:12:39:35:FD:A6:ED:80:74:39:E1:05:58:02:04:E1:A7:0F:30:07
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bRI5Nf2m7YB0OeEFWAIE4acPMAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17e::/48
Signature Algorithm: sha256WithRSAEncryption
b6:cb:27:a0:4f:aa:35:03:e9:5f:21:d2:4e:58:bb:28:77:70:
c4:84:dc:aa:4d:73:06:6b:9f:8e:52:79:4f:ac:75:1f:31:fc:
57:d2:40:8d:15:2c:22:21:11:85:69:8d:99:34:8b:13:6a:41:
0b:51:21:76:62:00:f1:36:d3:67:bd:6c:68:09:1d:4b:21:28:
03:30:e4:8d:aa:45:7c:9c:06:38:d5:22:ce:95:bd:a7:8e:f5:
e2:80:cf:ff:0a:85:89:e0:80:7c:92:6f:1e:20:0d:43:46:13:
fa:fa:7d:30:c3:5e:c1:18:b4:25:9b:35:5f:ae:94:d3:fb:d5:
f7:19:bd:fd:ce:e9:93:d9:1e:d7:17:e0:52:8e:a4:fd:a1:e9:
1a:18:6c:f3:67:86:d6:ea:ce:fd:fd:14:17:f1:9f:2e:f7:9c:
f7:eb:ea:7f:6d:4e:81:1f:17:43:6a:0a:de:a5:b9:1a:3f:7e:
32:f0:e5:ec:41:8c:42:07:a1:62:b3:5f:e0:87:0a:cd:cd:68:
d5:b0:23:64:1d:e3:2e:60:25:7d:ba:8d:89:60:d6:97:83:4f:
c4:8f:20:83:90:62:f5:41:b5:27:15:ad:20:8f:44:9d:15:79:
a5:07:bf:c7:d0:d5:d8:76:ef:44:86:8d:de:31:82:e1:71:94:
00:0b:2c:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEohWVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
MzExNTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxMjM5MzVmZGE2
ZWQ4MDc0MzllMTA1NTgwMjA0ZTFhNzBmMzAwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1zhFQOIRbRTVWrDWpCuXn5dtqL+jwHZKTw5K0Z7ykZzRIz
YQrn7CO+8fu7jND5jp3hJ3KOsEcmSHCOTS843rPKVHk4z/QYHHnICBU2dczoo/vC
G8msgibq0EtloiOlMQN1Z67G3WfVCHdZptQUEuEL1jspxK5EgOWhJubQrVP55dfC
XKW1IVrmMkWrRENONQTJFrJgMMGKM7h9KjV9sqarB6qZm0a9FhhE2efVNlO016fv
i+FmWh3uUN2RZdrHFa+0lTnsNk2jBqXozIn0UKM4k9yA4xW0U5CLTcti5uOwtbg/
+1L2TpZ59y+WzuNYR5OVz8g9P7SLjxNGykoW4EsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRtEjk1/abtgHQ54QVYAgThpw8wBzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2JSSTVOZjJtN1lCME9lRUZXQUlFNGFjUE1BYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwABfjANBgkqhkiG9w0BAQsF
AAOCAQEAtssnoE+qNQPpXyHSTli7KHdwxITcqk1zBmufjlJ5T6x1HzH8V9JAjRUs
IiERhWmNmTSLE2pBC1EhdmIA8TbTZ71saAkdSyEoAzDkjapFfJwGONUizpW9p471
4oDP/wqFieCAfJJvHiANQ0YT+vp9MMNewRi0JZs1X66U0/vV9xm9/c7pk9ke1xfg
Uo6k/aHpGhhs82eG1urO/f0UF/GfLvec9+vqf21OgR8XQ2oK3qW5Gj9+MvDl7EGM
QgehYrNf4IcKzc1o1bAjZB3jLmAlfbqNiWDWl4NPxI8gg5Bi9UG1JxWtII9EnRV5
pQe/x9DV2HbvRIaN3jGC4XGUAAssPg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org