Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kNkQDcS2P9SYV6IjFJdgz9S4KUE.roa
File: kNkQDcS2P9SYV6IjFJdgz9S4KUE.roa (raw, json)
Hash identifier: sq6Sl253Pg6HhfBfkOsmssuBRc8pyPiD9VQCsRg+JB4=
Subject key identifier: 90:D9:10:0D:C4:B6:3F:D4:98:57:A2:23:14:97:60:CF:D4:B8:29:41
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183C7A401A47107FDA6CDA51744C32A79B4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kNkQDcS2P9SYV6IjFJdgz9S4KUE.roa
Signing time: Tue 11 Oct 2022 15:22:37 +0000
ROA not before: Tue 11 Oct 2022 15:22:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210606
IP address blocks: 2a10:2f00:175::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:a4:01:a4:71:07:fd:a6:cd:a5:17:44:c3:2a:79:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 11 15:22:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90d9100dc4b63fd49857a223149760cfd4b82941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:a8:4b:e7:2c:91:1c:c1:32:12:2c:f9:ac:
64:0a:0a:30:2a:73:43:21:1a:13:24:81:00:01:11:
53:5d:8a:6f:dd:d6:72:68:a3:c4:3a:07:6f:2a:69:
bf:60:a7:35:36:e0:ed:10:43:cb:88:d4:ae:15:b1:
de:2f:fa:f2:61:57:c7:ca:9b:ee:2f:70:a2:80:e0:
79:49:db:50:96:ee:9b:24:5e:df:ab:d2:6b:c1:b6:
90:13:1b:b6:46:7a:f6:4f:b3:5d:5f:6a:35:1a:1e:
1f:04:04:ea:f5:6e:6d:fd:df:25:50:28:e8:27:09:
f5:6e:33:27:10:59:36:46:31:eb:8a:49:d5:f3:80:
7c:41:c6:b0:e4:da:45:41:8d:80:e7:3b:7f:81:67:
72:a9:4d:2c:99:0e:fc:60:94:87:63:af:d1:7a:3d:
53:2b:cc:91:f1:e7:83:75:2f:32:90:93:13:3a:31:
19:e5:b2:61:c3:8f:ea:80:b9:08:49:c4:6b:0b:29:
28:10:f6:4c:96:9c:e3:cd:8e:9f:c0:5b:1d:c3:53:
72:73:86:51:ce:fd:21:6d:11:9f:12:b7:ff:5b:00:
71:4c:33:c6:85:be:40:36:4d:25:2c:d8:3f:a0:68:
97:28:c5:f6:ef:50:74:9c:44:5e:cf:a2:e7:63:2b:
9c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D9:10:0D:C4:B6:3F:D4:98:57:A2:23:14:97:60:CF:D4:B8:29:41
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kNkQDcS2P9SYV6IjFJdgz9S4KUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:175::/48
Signature Algorithm: sha256WithRSAEncryption
55:ec:b0:4d:4a:c5:8e:c8:3e:91:19:a5:4c:d5:a3:16:6d:12:
47:70:ee:71:ac:a4:e3:8a:0a:f2:70:52:54:98:a2:49:83:35:
35:1e:5e:5b:1c:0a:66:ba:06:d1:26:ff:eb:b8:5f:f7:2c:40:
90:fa:96:0b:8e:9a:6d:4e:82:4a:54:89:dd:57:c7:59:d1:1a:
e5:83:a8:b0:3e:2d:86:f6:2a:1d:f0:68:6c:b7:88:69:10:e2:
5d:b5:69:b9:45:14:ce:ea:4f:5a:da:b7:c3:7d:ec:42:79:26:
ce:20:da:0b:ac:c4:2e:e2:4a:47:c0:e6:bb:fe:41:22:18:35:
96:48:94:14:ff:82:74:04:31:4c:b8:fc:7c:d5:14:b7:40:15:
e4:fb:e2:33:4e:15:56:90:15:65:81:e8:e4:11:83:2d:6e:90:
b7:32:36:53:51:c3:c5:75:d1:70:bb:1c:bf:2b:24:d0:22:77:
43:9d:4b:a6:c2:75:1a:e9:70:db:3b:de:b6:77:f3:03:fa:22:
31:a7:e8:f5:c4:35:b9:c0:ca:2a:85:5d:94:06:e8:87:7d:93:
aa:34:5e:f8:a0:eb:db:4b:59:da:81:56:64:ae:bd:e8:09:29:
82:b2:b0:9f:13:cf:4f:77:dd:34:de:74:47:f2:ab:70:17:4c:
10:ac:fb:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYPHpAGkcQf9ps2lF0TDKnm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDExMTUyMjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ5MTAwZGM0YjYzZmQ0OTg1N2EyMjMxNDk3NjBjZmQ0YjgyOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovOoS+cskRzBMhIs+axkCgowKnND
IRoTJIEAARFTXYpv3dZyaKPEOgdvKmm/YKc1NuDtEEPLiNSuFbHeL/ryYVfHypvu
L3CigOB5SdtQlu6bJF7fq9JrwbaQExu2Rnr2T7NdX2o1Gh4fBATq9W5t/d8lUCjo
Jwn1bjMnEFk2RjHriknV84B8Qcaw5NpFQY2A5zt/gWdyqU0smQ78YJSHY6/Rej1T
K8yR8eeDdS8ykJMTOjEZ5bJhw4/qgLkIScRrCykoEPZMlpzjzY6fwFsdw1Nyc4ZR
zv0hbRGfErf/WwBxTDPGhb5ANk0lLNg/oGiXKMX271B0nERez6LnYyuc/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJDZEA3Etj/UmFeiIxSXYM/UuClBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva05rUURjUzJQOVNZVjZJakZKZGd6OVM0S1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAF1
MA0GCSqGSIb3DQEBCwUAA4IBAQBV7LBNSsWOyD6RGaVM1aMWbRJHcO5xrKTjigry
cFJUmKJJgzU1Hl5bHApmugbRJv/ruF/3LECQ+pYLjpptToJKVIndV8dZ0Rrlg6iw
Pi2G9iod8Ghst4hpEOJdtWm5RRTO6k9a2rfDfexCeSbOINoLrMQu4kpHwOa7/kEi
GDWWSJQU/4J0BDFMuPx81RS3QBXk++IzThVWkBVlgejkEYMtbpC3MjZTUcPFddFw
uxy/KyTQIndDnUumwnUa6XDbO962d/MD+iIxp+j1xDW5wMoqhV2UBuiHfZOqNF74
oOvbS1nagVZkrr3oCSmCsrCfE89Pd9003nRH8qtwF0wQrPt9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org