Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tUUTk-68w0DHC9J6ZCRUFNt93JA.roa
File: tUUTk-68w0DHC9J6ZCRUFNt93JA.roa (raw, json)
Hash identifier: ju/OCaNsSeOqOsYyhI37jJjUEAd0hsctDtEZ2p+p5Fk=
Subject key identifier: B5:45:13:93:EE:BC:C3:40:C7:0B:D2:7A:64:24:54:14:DB:7D:DC:90
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01837FAC1C746E05802EEC590A4C93FDA2D0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tUUTk-68w0DHC9J6ZCRUFNt93JA.roa
Signing time: Tue 27 Sep 2022 15:58:49 +0000
ROA not before: Tue 27 Sep 2022 15:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b10::/44 maxlen: 48
2a10:cc44:1b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:ac:1c:74:6e:05:80:2e:ec:59:0a:4c:93:fd:a2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 27 15:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5451393eebcc340c70bd27a64245414db7ddc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4f:d6:b3:c5:66:ea:b7:f0:d0:46:3a:7b:3c:
87:09:47:2f:dd:0a:9b:61:52:b1:be:d6:7d:51:42:
1f:3e:76:d6:47:86:18:e4:76:fa:a0:55:03:ab:59:
88:2e:4f:de:a5:1c:6f:5e:39:13:b4:77:b1:42:bf:
c9:f7:1a:3a:6a:b3:b5:b0:f5:91:7d:6c:e2:ba:fd:
4a:0c:d4:f1:92:99:e9:03:15:6d:96:2d:19:82:f9:
36:0e:6f:41:50:ab:f4:29:60:88:e0:21:38:59:7e:
62:df:96:10:8a:74:4a:b1:75:86:ee:dc:7f:fe:f4:
7a:d8:1b:20:0c:28:4b:b2:1d:11:c1:f9:ae:87:2e:
54:0f:d2:f4:65:a5:2e:c3:18:dd:a9:03:9d:f7:67:
eb:bd:73:f2:d0:e7:68:27:22:9b:7a:0f:ca:42:83:
c9:fc:13:67:03:72:91:71:aa:13:46:83:a5:07:1e:
99:99:31:25:fc:4f:1a:12:b0:c6:e5:b7:a8:c6:b2:
f3:9f:c1:9d:4c:c4:1d:3d:10:19:c1:90:90:5b:55:
b7:05:aa:4b:5d:a0:74:4e:9d:b0:48:49:e1:43:95:
61:3e:2f:24:f9:e4:d1:28:e7:18:2f:2e:77:7b:30:
2a:12:6d:08:1f:19:37:c8:ef:42:12:ea:4e:29:4f:
5b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:45:13:93:EE:BC:C3:40:C7:0B:D2:7A:64:24:54:14:DB:7D:DC:90
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tUUTk-68w0DHC9J6ZCRUFNt93JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::/44
2a10:cc44:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
7b:a0:d7:1a:ea:12:19:92:0c:1a:34:43:80:16:49:88:6b:96:
41:74:9d:d0:8a:57:49:d0:81:37:4c:a7:49:e2:69:d6:31:cd:
91:f5:57:c3:25:6a:d1:2e:c2:b7:13:0e:c7:73:cb:e7:d3:69:
1e:5c:78:57:78:1d:22:76:0d:cf:85:b6:d1:a6:1c:56:ad:a5:
22:43:ec:26:c6:45:2a:f0:5f:56:34:90:24:3a:c7:f7:d0:99:
06:97:f8:1d:9f:dc:71:dd:c9:3a:cb:61:33:2b:c8:cd:0f:3a:
b3:98:f9:c2:ce:ca:c9:a7:ff:4d:1f:81:a9:2e:da:6d:ff:23:
ea:af:e7:f0:86:81:86:1c:51:ef:6d:6b:df:04:b8:fb:15:ae:
a4:58:10:e1:33:aa:24:4b:a9:87:a8:6a:73:5e:27:80:89:9f:
18:96:50:4b:c5:99:f5:1f:05:3f:ee:35:c1:8a:59:8a:7f:07:
46:bd:a8:2c:85:38:5e:38:ee:29:78:fb:78:b9:96:3b:b9:45:
24:25:1e:40:44:60:3d:ea:31:e1:eb:b4:e7:fe:d6:5b:03:9e:
fd:1a:35:fa:b5:b6:60:5f:0f:39:3f:6c:61:89:74:b8:6a:c6:
8c:91:cb:b5:0b:11:e5:26:af:63:da:79:87:b8:f7:34:67:53:
c2:6f:f3:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN/rBx0bgWALuxZCkyT/aLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTI3MTU1ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ1MTM5M2VlYmNjMzQwYzcwYmQyN2E2NDI0NTQxNGRiN2RkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE/Ws8Vm6rfw0EY6ezyHCUcv3Qqb
YVKxvtZ9UUIfPnbWR4YY5Hb6oFUDq1mILk/epRxvXjkTtHexQr/J9xo6arO1sPWR
fWziuv1KDNTxkpnpAxVtli0Zgvk2Dm9BUKv0KWCI4CE4WX5i35YQinRKsXWG7tx/
/vR62BsgDChLsh0Rwfmuhy5UD9L0ZaUuwxjdqQOd92frvXPy0OdoJyKbeg/KQoPJ
/BNnA3KRcaoTRoOlBx6ZmTEl/E8aErDG5beoxrLzn8GdTMQdPRAZwZCQW1W3BapL
XaB0Tp2wSEnhQ5VhPi8k+eTRKOcYLy53ezAqEm0IHxk3yO9CEupOKU9bBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVFE5PuvMNAxwvSemQkVBTbfdyQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdFVVVGstNjh3MERIQzlKNlpDUlVGTnQ5M0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAsQ
AwcEKhDMRAGwMA0GCSqGSIb3DQEBCwUAA4IBAQB7oNca6hIZkgwaNEOAFkmIa5ZB
dJ3QildJ0IE3TKdJ4mnWMc2R9VfDJWrRLsK3Ew7Hc8vn02keXHhXeB0idg3PhbbR
phxWraUiQ+wmxkUq8F9WNJAkOsf30JkGl/gdn9xx3ck6y2EzK8jNDzqzmPnCzsrJ
p/9NH4GpLtpt/yPqr+fwhoGGHFHvbWvfBLj7Fa6kWBDhM6okS6mHqGpzXieAiZ8Y
llBLxZn1HwU/7jXBilmKfwdGvagshTheOO4pePt4uZY7uUUkJR5ARGA96jHh67Tn
/tZbA579GjX6tbZgXw85P2xhiXS4asaMkcu1CxHlJq9j2nmHuPc0Z1PCb/No
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org