Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qs5vPWFBuhXoXLC30Oz-BKzggWY.roa
File: qs5vPWFBuhXoXLC30Oz-BKzggWY.roa (raw, json)
Hash identifier: TAH58VhVfQ3eO5RQUV7krgv1F4XGvPUGQZ7UgGb2+j0=
Subject key identifier: AA:CE:6F:3D:61:41:BA:15:E8:5C:B0:B7:D0:EC:FE:04:AC:E0:81:66
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181EEAE042224D55698CF01CAE9AC55FFA6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qs5vPWFBuhXoXLC30Oz-BKzggWY.roa
Signing time: Mon 11 Jul 2022 19:13:10 +0000
ROA not before: Mon 11 Jul 2022 19:13:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206076
IP address blocks: 2a10:2f00:184::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:ae:04:22:24:d5:56:98:cf:01:ca:e9:ac:55:ff:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 11 19:13:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aace6f3d6141ba15e85cb0b7d0ecfe04ace08166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:94:cd:85:1c:4c:fa:2e:dd:b6:93:81:aa:
9d:35:b5:77:c5:a7:bd:07:74:a2:ab:9e:a7:8b:a7:
56:c8:8e:30:58:fd:e2:be:a9:1c:df:23:53:15:a5:
b7:2a:3a:85:d1:a0:1d:ae:78:83:f7:d8:1d:df:03:
15:e5:89:3f:47:b1:4a:59:16:b2:68:94:53:40:11:
33:c6:bf:ff:3e:cd:ec:a1:78:c8:b2:7d:3c:5f:4c:
34:bc:ec:5f:c2:ac:3c:fd:b0:ea:7a:26:65:75:a2:
0c:35:30:55:90:91:a3:9a:78:2f:ba:b9:ca:34:4d:
69:18:b3:ac:6d:b2:ab:24:d6:9e:89:d8:79:63:3e:
a0:df:1d:62:86:d4:e6:ff:6e:1f:cf:81:56:cf:d8:
5c:a2:46:6a:84:3c:3a:b2:d8:11:47:56:3c:5e:29:
b5:af:88:1e:b1:85:31:d4:2b:55:d6:61:c8:64:48:
10:49:95:b6:3a:63:19:e8:aa:09:64:21:7a:d0:c4:
85:1c:e3:1c:4b:f1:02:42:bf:6e:08:28:28:b4:62:
02:7f:81:4e:1e:c8:4f:ea:29:d1:67:b0:23:fa:d0:
af:8b:d3:44:c9:f8:64:5c:3e:0d:32:ec:98:43:78:
7a:7f:41:0f:7f:b6:f3:0b:0c:d0:cd:0b:6f:6a:12:
70:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CE:6F:3D:61:41:BA:15:E8:5C:B0:B7:D0:EC:FE:04:AC:E0:81:66
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qs5vPWFBuhXoXLC30Oz-BKzggWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:184::/48
Signature Algorithm: sha256WithRSAEncryption
30:c8:b9:6e:42:72:5b:f5:c7:26:3b:86:d4:5e:a0:cb:f9:40:
be:3c:e0:a0:91:e0:63:cc:eb:2a:80:eb:54:ba:9f:4e:bc:03:
4e:56:3a:67:8f:4b:25:ea:cd:81:57:aa:e8:34:a7:ce:15:41:
2e:17:39:01:ac:96:f1:d6:d1:84:4a:b1:ce:b6:60:49:a6:65:
f6:df:73:58:eb:13:b0:1c:dd:da:44:4d:a6:fa:a9:bc:53:1c:
e8:56:7f:00:fe:eb:2c:b7:63:b0:b9:03:d3:ba:cd:48:6d:20:
ed:f2:97:6f:bf:de:7f:5c:5a:58:a1:0d:32:a0:0a:59:65:ae:
09:a0:00:69:90:24:69:99:0a:d2:9e:5f:1c:b5:f2:b2:95:9d:
3e:3b:d8:79:3b:98:0a:77:89:4d:3a:0b:3c:19:63:ba:9c:c5:
e7:24:a0:ad:5a:2f:ba:73:16:61:ba:17:74:a8:1f:dd:8a:ef:
cd:18:e0:67:af:6d:da:f2:68:db:00:d0:02:21:69:89:61:e5:
ef:08:5a:9f:30:38:4e:37:83:0d:99:eb:51:c9:4d:dd:a6:f0:
97:15:a0:ef:2a:fd:fc:3c:ef:f5:8e:cb:56:94:26:df:96:b2:
42:ab:80:89:10:02:40:88:e1:60:e0:22:29:27:d4:50:89:92:
54:45:b8:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYHurgQiJNVWmM8ByumsVf+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzExMTkxMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNlNmYzZDYxNDFiYTE1ZTg1Y2IwYjdkMGVjZmUwNGFjZTA4MTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDKUzYUcTPou3baTgaqdNbV3xae9
B3Siq56ni6dWyI4wWP3ivqkc3yNTFaW3KjqF0aAdrniD99gd3wMV5Yk/R7FKWRay
aJRTQBEzxr//Ps3soXjIsn08X0w0vOxfwqw8/bDqeiZldaIMNTBVkJGjmngvurnK
NE1pGLOsbbKrJNaeidh5Yz6g3x1ihtTm/24fz4FWz9hcokZqhDw6stgRR1Y8Xim1
r4gesYUx1CtV1mHIZEgQSZW2OmMZ6KoJZCF60MSFHOMcS/ECQr9uCCgotGICf4FO
HshP6inRZ7Aj+tCvi9NEyfhkXD4NMuyYQ3h6f0EPf7bzCwzQzQtvahJw7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKrObz1hQboV6Fywt9Ds/gSs4IFmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcXM1dlBXRkJ1aFhvWExDMzBPei1CS3pnZ1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGE
MA0GCSqGSIb3DQEBCwUAA4IBAQAwyLluQnJb9ccmO4bUXqDL+UC+POCgkeBjzOsq
gOtUup9OvANOVjpnj0sl6s2BV6roNKfOFUEuFzkBrJbx1tGESrHOtmBJpmX233NY
6xOwHN3aRE2m+qm8UxzoVn8A/usst2OwuQPTus1IbSDt8pdvv95/XFpYoQ0yoApZ
Za4JoABpkCRpmQrSnl8ctfKylZ0+O9h5O5gKd4lNOgs8GWO6nMXnJKCtWi+6cxZh
uhd0qB/diu/NGOBnr23a8mjbANACIWmJYeXvCFqfMDhON4MNmetRyU3dpvCXFaDv
Kv38PO/1jstWlCbflrJCq4CJEAJAiOFg4CIpJ9RQiZJURbjF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org