Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mYdZ4HL5Z2Hz9tEvcsENfJTpSmk.roa
File: mYdZ4HL5Z2Hz9tEvcsENfJTpSmk.roa (raw, json)
Hash identifier: fogLX443erKNyg/4jcXCM9IHVHgCfVm+ZJ+WZCDxjj4=
Subject key identifier: 99:87:59:E0:72:F9:67:61:F3:F6:D1:2F:72:C1:0D:7C:94:E9:4A:69
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184CCCF80E9AAE31543040536DFA7E9184F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mYdZ4HL5Z2Hz9tEvcsENfJTpSmk.roa
Signing time: Thu 01 Dec 2022 08:31:01 +0000
ROA not before: Thu 01 Dec 2022 08:31:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:cc44:800::/37 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:cf:80:e9:aa:e3:15:43:04:05:36:df:a7:e9:18:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 08:31:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=998759e072f96761f3f6d12f72c10d7c94e94a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f4:0c:bd:d0:b8:32:e1:a2:48:8e:c9:ba:38:
49:29:eb:b8:39:18:74:7c:dc:a7:a3:b3:79:42:17:
81:32:13:1b:43:1d:b8:63:da:35:ef:54:67:36:ad:
f0:57:03:d0:88:48:cf:3c:a0:89:c4:ee:e1:a9:f1:
12:38:89:4a:6c:c9:dc:ea:0d:6b:74:aa:71:36:e8:
84:5d:a3:75:f8:34:39:6e:4c:46:62:88:53:ff:3b:
90:6f:6f:7c:29:24:05:d3:7f:b8:fb:74:25:34:11:
b1:38:70:9d:37:a8:ed:1c:da:06:9d:65:ff:a8:39:
67:15:2f:85:70:e5:46:cd:45:66:71:97:00:2b:6c:
75:63:33:3c:b1:19:c6:04:a5:58:a5:94:14:2f:93:
0e:c6:e6:3e:5c:a2:e5:d4:fe:e4:de:ef:e6:36:2a:
cf:f5:0d:6b:fe:33:99:52:2c:7d:e4:8f:30:f1:60:
5c:37:34:52:89:73:04:4f:28:32:66:cd:45:6d:ef:
32:12:7e:a0:5a:03:a1:56:aa:f6:fb:09:1d:39:23:
45:f9:ea:3b:24:82:e1:e1:4e:17:0f:39:33:5a:b5:
d6:4a:49:5d:39:21:d8:5a:44:15:5f:0f:d3:2b:fb:
48:69:ec:f2:c9:e5:23:e4:69:8b:a9:df:58:bf:c5:
77:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:87:59:E0:72:F9:67:61:F3:F6:D1:2F:72:C1:0D:7C:94:E9:4A:69
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mYdZ4HL5Z2Hz9tEvcsENfJTpSmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c6:4000::/34
2a10:cc44:800::/37
Signature Algorithm: sha256WithRSAEncryption
77:d8:1f:5c:43:95:be:1a:99:98:6d:10:88:c5:98:54:4c:82:
d2:ac:88:10:c2:b9:ac:b9:e2:2f:04:fa:76:99:ea:17:32:1d:
75:a5:7d:aa:21:f0:bb:d7:ae:e8:72:b1:54:52:97:05:e3:f2:
d9:65:7e:1b:96:1d:3e:d7:a0:41:cd:81:2d:76:da:f3:9f:09:
f4:34:83:7c:fd:32:81:78:e0:ed:e8:72:f4:d9:69:6f:91:7d:
a4:a8:a8:6c:69:80:4d:ef:99:d9:92:bf:cd:b7:cb:d4:cd:b8:
af:fd:1f:d5:14:49:ef:23:ab:6b:98:35:d1:36:76:1d:aa:ad:
f6:71:80:cf:fe:d7:7f:c1:44:c0:0e:53:97:4b:9e:78:aa:e3:
ea:2f:8d:c8:e6:a1:fb:aa:41:77:6f:57:dd:a8:32:1f:79:76:
54:04:82:20:af:43:2b:59:5f:b0:38:58:73:d9:3d:df:03:d7:
cf:54:1c:61:c9:a4:d6:00:5c:35:fc:7d:e7:6a:1b:67:45:b0:
85:94:53:03:33:37:e9:2e:68:57:84:db:73:2b:ed:dc:9d:03:
16:68:68:cd:24:74:42:78:c0:ff:07:e4:21:61:9c:2f:ca:74:
01:2d:ac:04:2b:79:ff:de:01:b7:d4:9f:b2:03:88:11:f0:2d:
d8:21:d4:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTMz4DpquMVQwQFNt+n6RhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjAxMDgzMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTg3NTllMDcyZjk2NzYxZjNmNmQxMmY3MmMxMGQ3Yzk0ZTk0YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvQMvdC4MuGiSI7JujhJKeu4ORh0
fNyno7N5QheBMhMbQx24Y9o171RnNq3wVwPQiEjPPKCJxO7hqfESOIlKbMnc6g1r
dKpxNuiEXaN1+DQ5bkxGYohT/zuQb298KSQF03+4+3QlNBGxOHCdN6jtHNoGnWX/
qDlnFS+FcOVGzUVmcZcAK2x1YzM8sRnGBKVYpZQUL5MOxuY+XKLl1P7k3u/mNirP
9Q1r/jOZUix95I8w8WBcNzRSiXMETygyZs1Fbe8yEn6gWgOhVqr2+wkdOSNF+eo7
JILh4U4XDzkzWrXWSkldOSHYWkQVXw/TK/tIaezyyeUj5GmLqd9Yv8V3awIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJmHWeBy+Wdh8/bRL3LBDXyU6UppMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbVlkWjRITDVaMkh6OXRFdmNzRU5mSlRwU21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYDKg6XwQgD
BgYqDpfGQAMGAyoQzEQIMA0GCSqGSIb3DQEBCwUAA4IBAQB32B9cQ5W+GpmYbRCI
xZhUTILSrIgQwrmsueIvBPp2meoXMh11pX2qIfC7167ocrFUUpcF4/LZZX4blh0+
16BBzYEtdtrznwn0NIN8/TKBeODt6HL02WlvkX2kqKhsaYBN75nZkr/Nt8vUzbiv
/R/VFEnvI6trmDXRNnYdqq32cYDP/td/wUTADlOXS554quPqL43I5qH7qkF3b1fd
qDIfeXZUBIIgr0MrWV+wOFhz2T3fA9fPVBxhyaTWAFw1/H3nahtnRbCFlFMDMzfp
LmhXhNtzK+3cnQMWaGjNJHRCeMD/B+QhYZwvynQBLawEK3n/3gG31J+yA4gR8C3Y
IdQu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org