Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hllnpIHDs9LTAlc0bNrZrun3Vjk.roa
File: hllnpIHDs9LTAlc0bNrZrun3Vjk.roa (raw, json)
Hash identifier: HlwqqtH6eNMiWJCyY8U0X+p9hVxfYcTb/yZB0MzfciA=
Subject key identifier: 86:59:67:A4:81:C3:B3:D2:D3:02:57:34:6C:DA:D9:AE:E9:F7:56:39
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184207297A8D9F6BBA22771FBE0D2AC0B08
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hllnpIHDs9LTAlc0bNrZrun3Vjk.roa
Signing time: Fri 28 Oct 2022 21:14:51 +0000
ROA not before: Fri 28 Oct 2022 21:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202340
IP address blocks: 2a10:cc40:212::/48 maxlen: 48
2a10:cc40:215::/48 maxlen: 48
2a10:cc40:213::/48 maxlen: 48
2a10:cc40:211::/48 maxlen: 48
2a10:cc40:214::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:20:72:97:a8:d9:f6:bb:a2:27:71:fb:e0:d2:ac:0b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 28 21:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=865967a481c3b3d2d30257346cdad9aee9f75639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:62:c6:d2:b8:19:af:75:bc:74:aa:74:5f:b1:
e9:f8:d4:77:f0:46:e0:e3:39:e6:67:a6:b2:d6:96:
16:50:f3:23:30:b4:54:d9:15:18:b5:bb:f9:69:38:
ca:86:33:86:b0:be:5a:35:d6:c9:d7:dd:0d:9e:43:
16:b2:26:c7:0e:a2:bd:3e:eb:59:45:e6:1a:6e:ac:
1a:5c:0d:2c:59:7b:33:19:04:bb:8c:dc:23:4a:2d:
10:4f:6b:35:35:81:60:55:6b:b2:2e:71:8b:3a:dd:
90:96:0a:84:6f:ea:99:f6:6e:a7:71:48:22:3b:55:
d4:8f:8b:1b:a9:94:46:44:7e:53:5f:e2:6b:d7:77:
ed:9d:bc:75:fb:37:ff:cb:34:46:c5:bc:c2:c9:21:
11:70:92:a7:59:5a:91:75:b6:a5:89:96:cf:bf:91:
b2:e6:a0:91:b8:8d:49:a1:4e:91:2b:05:5e:b3:74:
d1:42:5d:e4:ef:c3:20:34:b0:ed:82:53:b3:58:79:
08:19:26:0c:48:9c:41:20:18:76:42:47:e6:a9:1d:
56:78:48:73:33:f0:e1:fb:c0:86:f0:93:77:fb:a8:
6b:c4:35:5b:6e:c3:ab:b3:9d:0e:d9:3f:81:95:0b:
22:0a:18:ca:65:c9:2b:0c:7d:73:44:bd:4d:9d:b0:
67:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:67:A4:81:C3:B3:D2:D3:02:57:34:6C:DA:D9:AE:E9:F7:56:39
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hllnpIHDs9LTAlc0bNrZrun3Vjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:211::-2a10:cc40:215:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:cc:1e:4f:4a:43:61:0b:c6:17:bb:34:c9:2d:75:ff:33:83:
dd:aa:94:07:88:0e:c5:f4:95:77:da:d2:5e:48:9d:da:a1:d2:
ca:af:ad:08:9c:1e:0a:71:a7:8b:5b:07:5b:91:12:30:a7:e0:
e5:b6:6b:75:72:7f:32:76:e8:c2:f4:50:87:3b:cd:16:45:b7:
32:36:4f:63:c9:b3:94:70:34:cc:56:1a:07:30:c5:a4:05:4f:
c9:27:54:32:cf:cb:bb:ec:6e:51:13:68:1b:82:3e:1e:5f:ca:
f2:47:21:80:43:db:5e:32:8e:a2:3c:44:2d:aa:c3:19:19:a9:
66:a3:b9:b6:7d:fb:50:93:f3:cc:31:8c:5f:e8:bd:3b:96:83:
d0:0d:99:0f:a1:1c:5c:d5:d8:5e:0e:d2:b9:10:5c:34:6a:ab:
78:51:a5:33:13:e7:7e:d5:ff:dd:f8:70:a2:54:3d:c5:28:80:
96:96:52:26:e5:a8:cc:34:41:cf:f2:5f:73:fe:fa:79:15:35:
04:91:ed:cb:79:71:53:2e:04:9b:cb:f1:1b:1b:33:86:22:85:
21:33:39:af:76:20:44:84:a2:14:81:f0:f6:5b:c2:b8:ba:14:
fc:bc:57:55:2f:21:e0:d1:ec:5b:45:7e:0b:2a:9d:69:d7:d7:
7e:09:7f:8b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQgcpeo2fa7oidx++DSrAsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI4MjExNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU5NjdhNDgxYzNiM2QyZDMwMjU3MzQ2Y2RhZDlhZWU5Zjc1NjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmLG0rgZr3W8dKp0X7Hp+NR38Ebg
4znmZ6ay1pYWUPMjMLRU2RUYtbv5aTjKhjOGsL5aNdbJ190NnkMWsibHDqK9PutZ
ReYabqwaXA0sWXszGQS7jNwjSi0QT2s1NYFgVWuyLnGLOt2QlgqEb+qZ9m6ncUgi
O1XUj4sbqZRGRH5TX+Jr13ftnbx1+zf/yzRGxbzCySERcJKnWVqRdbaliZbPv5Gy
5qCRuI1JoU6RKwVes3TRQl3k78MgNLDtglOzWHkIGSYMSJxBIBh2QkfmqR1WeEhz
M/Dh+8CG8JN3+6hrxDVbbsOrs50O2T+BlQsiChjKZckrDH1zRL1NnbBnjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIZZZ6SBw7PS0wJXNGza2a7p91Y5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGxsbnBJSERzOUxUQWxjMGJOclpydW4zVmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEMxA
AhEDBwEqEMxAAhQwDQYJKoZIhvcNAQELBQADggEBAIfMHk9KQ2ELxhe7NMktdf8z
g92qlAeIDsX0lXfa0l5Indqh0sqvrQicHgpxp4tbB1uREjCn4OW2a3VyfzJ26ML0
UIc7zRZFtzI2T2PJs5RwNMxWGgcwxaQFT8knVDLPy7vsblETaBuCPh5fyvJHIYBD
214yjqI8RC2qwxkZqWajubZ9+1CT88wxjF/ovTuWg9ANmQ+hHFzV2F4O0rkQXDRq
q3hRpTMT537V/934cKJUPcUogJaWUiblqMw0Qc/yX3P++nkVNQSR7ct5cVMuBJvL
8RsbM4YihSEzOa92IESEohSB8PZbwri6FPy8V1UvIeDR7FtFfgsqnWnX134Jf4s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org