Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o_QXmc-m3H06HK6MYL2bWPPhp04.roa
File: o_QXmc-m3H06HK6MYL2bWPPhp04.roa (raw, json)
Hash identifier: 0eX56qQpSaaNwiEv7+7TrUFADRmwgeKR47jxUyPO4SA=
Subject key identifier: A3:F4:17:99:CF:A6:DC:7D:3A:1C:AE:8C:60:BD:9B:58:F3:E1:A7:4E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184C3CC2CAE5E04221B3E9479B154F13CE4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o_QXmc-m3H06HK6MYL2bWPPhp04.roa
Signing time: Tue 29 Nov 2022 14:30:48 +0000
ROA not before: Tue 29 Nov 2022 14:30:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47687
IP address blocks: 2a10:2f01:330::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:cc:2c:ae:5e:04:22:1b:3e:94:79:b1:54:f1:3c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 29 14:30:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3f41799cfa6dc7d3a1cae8c60bd9b58f3e1a74e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:dc:e5:df:45:47:b1:e6:07:6c:48:9f:04:a4:
8c:6d:23:a6:e9:6f:a2:f3:25:85:4c:73:98:0a:29:
a9:dd:a8:e7:c2:2d:3c:d2:ad:90:12:75:d5:05:34:
b4:5e:1f:48:aa:0e:d2:f6:40:b7:ef:7d:a1:47:cc:
21:d0:16:51:dd:0b:ed:ba:5c:70:20:ba:25:73:be:
06:a8:62:8b:84:d5:a5:2a:b1:48:74:94:1f:fd:b4:
10:fd:82:97:cb:7a:56:f9:83:ac:50:d9:b3:ba:d9:
9b:d8:3b:c0:e3:4e:49:b0:5a:b2:ed:9a:e5:dd:ae:
c9:d7:71:aa:18:c4:8b:aa:10:a0:18:02:13:6e:2d:
59:74:93:d4:6f:7e:f0:f8:d7:95:37:c9:d7:45:eb:
0b:a8:06:f1:84:2f:ce:50:7e:d7:f5:12:1a:15:5c:
2a:8e:f7:aa:e2:d3:99:06:06:67:75:c1:e3:8c:cf:
9d:a5:75:33:f2:0e:6c:65:e0:76:72:e7:37:88:fe:
cb:f8:a7:cc:3b:ff:99:83:b4:70:f8:3c:32:19:82:
2c:7c:52:46:de:1a:30:1c:c4:05:c3:35:04:a1:0c:
76:26:a4:17:d7:50:f5:75:2f:f3:f5:f3:46:06:8b:
81:93:1f:d8:51:c4:62:46:14:b4:84:27:46:96:ec:
99:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F4:17:99:CF:A6:DC:7D:3A:1C:AE:8C:60:BD:9B:58:F3:E1:A7:4E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o_QXmc-m3H06HK6MYL2bWPPhp04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f01:330::/44
Signature Algorithm: sha256WithRSAEncryption
a5:dd:ea:55:df:0d:16:9d:3b:e9:19:a0:14:a7:29:3e:42:16:
6f:10:84:f1:ae:21:c6:70:94:f8:46:87:9b:43:4f:ea:da:9a:
e0:30:ec:e3:cf:66:4a:28:09:db:d9:a6:52:16:aa:a1:92:24:
80:89:0d:7f:63:b9:b5:37:e5:a1:12:41:bb:12:7d:31:e2:44:
f4:dc:d5:b0:b5:ab:05:7c:ca:0e:49:f3:50:e2:10:96:a1:df:
e8:ce:c0:58:ba:94:4e:94:c7:ed:c9:55:e9:4c:75:93:df:ec:
5f:86:90:c6:56:61:1c:6a:7b:a5:12:49:18:61:cb:f5:f8:ae:
21:c2:87:77:4e:df:1d:0b:62:82:a7:e5:08:0f:83:ef:90:05:
4f:f6:5f:2b:c4:c0:56:94:1c:17:93:2e:f5:01:b7:5f:ae:ba:
af:ba:cc:fa:1a:52:f5:40:d1:f9:c2:e4:37:61:63:5e:c6:ee:
29:34:3e:31:28:bb:4c:88:ca:0a:90:77:9d:8e:db:ac:9c:23:
a5:b3:5d:9d:95:2b:65:f7:60:21:40:06:c6:58:f9:19:2f:4a:
9e:23:eb:2c:c8:13:d2:66:48:19:1e:4f:4c:a3:e3:c1:f8:1e:
5d:49:da:c1:9c:72:3e:f9:c5:ca:84:e3:7f:ae:98:44:53:6a:
c9:16:e4:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTDzCyuXgQiGz6UebFU8TzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI5MTQzMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y0MTc5OWNmYTZkYzdkM2ExY2FlOGM2MGJkOWI1OGYzZTFhNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtzl30VHseYHbEifBKSMbSOm6W+i
8yWFTHOYCimp3ajnwi080q2QEnXVBTS0Xh9Iqg7S9kC3732hR8wh0BZR3Qvtulxw
ILolc74GqGKLhNWlKrFIdJQf/bQQ/YKXy3pW+YOsUNmzutmb2DvA405JsFqy7Zrl
3a7J13GqGMSLqhCgGAITbi1ZdJPUb37w+NeVN8nXResLqAbxhC/OUH7X9RIaFVwq
jveq4tOZBgZndcHjjM+dpXUz8g5sZeB2cuc3iP7L+KfMO/+Zg7Rw+DwyGYIsfFJG
3howHMQFwzUEoQx2JqQX11D1dS/z9fNGBouBkx/YUcRiRhS0hCdGluyZ8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKP0F5nPptx9OhyujGC9m1jz4adOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb19RWG1jLW0zSDA2SEs2TVlMMmJXUFBocDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhAvAQMw
MA0GCSqGSIb3DQEBCwUAA4IBAQCl3epV3w0WnTvpGaAUpyk+QhZvEITxriHGcJT4
RoebQ0/q2prgMOzjz2ZKKAnb2aZSFqqhkiSAiQ1/Y7m1N+WhEkG7En0x4kT03NWw
tasFfMoOSfNQ4hCWod/ozsBYupROlMftyVXpTHWT3+xfhpDGVmEcanulEkkYYcv1
+K4hwod3Tt8dC2KCp+UID4PvkAVP9l8rxMBWlBwXky71Abdfrrqvusz6GlL1QNH5
wuQ3YWNexu4pND4xKLtMiMoKkHedjtusnCOls12dlStl92AhQAbGWPkZL0qeI+ss
yBPSZkgZHk9Mo+PB+B5dSdrBnHI++cXKhON/rphEU2rJFuR7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org