Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZRQCU6dFp4btKquSCjim5U23qM.roa
File: xZRQCU6dFp4btKquSCjim5U23qM.roa (raw, json)
Hash identifier: oyybO4m4otL85zuI9UiK67NDWtK5Oj3/G5ZVnnFuIjc=
Subject key identifier: C5:94:50:09:4E:9D:16:9E:1B:B4:AA:AE:48:28:E2:9B:95:36:DE:A3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01847F0B67807405B752D026EC8133C78F7F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZRQCU6dFp4btKquSCjim5U23qM.roa
Signing time: Wed 16 Nov 2022 06:06:04 +0000
ROA not before: Wed 16 Nov 2022 06:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210537
IP address blocks: 2a10:cc46:105::/48 maxlen: 48
2a0e:97c0:600::/44 maxlen: 48
2a10:cc46:130::/44 maxlen: 48
2a0e:b107:17c0::/44 maxlen: 48
2a10:cc46:100::/48 maxlen: 48
2a10:cc46:102::/48 maxlen: 48
2a10:cc46:101::/48 maxlen: 48
2a10:cc46:104::/48 maxlen: 48
2a10:cc46:103::/48 maxlen: 48
2a10:cc46:106::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:0b:67:80:74:05:b7:52:d0:26:ec:81:33:c7:8f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 16 06:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c59450094e9d169e1bb4aaae4828e29b9536dea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:17:d2:8a:f4:cd:cd:44:5f:d0:80:4b:74:87:
e5:4f:26:ff:9d:37:cb:ac:cd:9a:87:d9:8c:59:c2:
14:da:09:80:b3:a2:ef:b8:35:b3:1e:97:6f:97:05:
72:49:ea:21:68:2d:46:a2:43:d7:89:29:0e:e4:a0:
d2:24:a0:2b:b9:5b:fa:d2:76:60:b6:f7:ef:94:86:
06:46:96:14:27:b0:64:64:58:7b:a0:c6:3e:21:ff:
3f:ff:c8:64:ba:0c:1b:0c:b6:88:59:7d:9a:f2:89:
ed:7b:6a:fc:a1:17:53:a6:f7:32:8d:f5:5f:51:22:
f0:a5:21:da:ed:99:29:b3:f5:e5:68:04:aa:35:3a:
67:a3:a9:c6:cf:c3:0b:05:24:32:33:31:3e:4d:16:
48:e4:e3:11:d6:86:ab:35:f4:86:0d:1d:f5:aa:f8:
21:54:05:62:01:fa:c3:0b:7c:dd:4b:27:d3:fa:d6:
40:00:8e:c2:50:f0:e6:86:7e:72:1d:d3:7d:4b:5f:
e6:a2:bf:25:45:a0:6e:ba:34:1e:ac:79:4f:04:f7:
56:af:d8:34:63:f9:f7:8f:84:2a:46:e6:d0:98:9b:
5a:c9:09:e1:c2:0d:3a:fb:e1:7e:0e:4c:a4:d2:ae:
a1:67:17:de:d9:f7:79:48:fb:43:2e:49:69:b5:44:
f6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:94:50:09:4E:9D:16:9E:1B:B4:AA:AE:48:28:E2:9B:95:36:DE:A3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZRQCU6dFp4btKquSCjim5U23qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:600::/44
2a0e:b107:17c0::/44
2a10:cc46:100::-2a10:cc46:106:ffff:ffff:ffff:ffff:ffff
2a10:cc46:130::/44
Signature Algorithm: sha256WithRSAEncryption
53:64:61:f9:d7:a0:7d:5f:9f:2c:d7:17:81:ac:41:6c:09:78:
3d:5a:01:44:7b:d3:5b:b7:ab:2a:06:41:97:01:a8:9b:82:fc:
55:dd:45:42:11:f6:b9:6a:57:9b:6a:de:d0:fa:80:15:0b:6e:
20:39:c1:c9:dd:da:4e:5a:90:41:1c:94:33:15:bf:fe:e4:15:
bc:0d:79:6c:f0:c7:28:f7:8a:4c:ff:54:20:1d:85:57:ba:11:
96:7a:bd:08:e9:10:fc:8b:d0:cb:9b:98:e6:ae:f1:f3:5c:3a:
fc:2e:97:b0:e5:59:a3:a1:d7:09:1e:77:84:1b:7d:f0:35:b3:
ab:89:8a:2e:53:e3:74:19:e5:26:8b:54:91:42:a1:9b:25:af:
e8:e3:35:44:5a:37:3d:c5:9c:57:63:b3:d8:af:e9:ba:d4:e2:
f1:81:74:2e:4c:c3:be:04:6a:19:24:9e:f8:c8:ba:5d:14:87:
aa:37:26:6f:2a:fa:70:5e:98:7d:83:46:99:0a:ab:26:da:c6:
3a:94:f7:fe:08:22:8d:c4:2d:70:8e:b6:fd:c9:c4:03:80:54:
ef:b1:43:f8:1e:56:d5:46:8d:a3:e7:9e:30:ff:10:a8:c8:64:
f3:4b:11:63:41:03:55:36:9c:df:60:5c:20:08:6b:f2:66:ca:
98:6b:ce:96
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYR/C2eAdAW3UtAm7IEzx49/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE2MDYwNjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk0NTAwOTRlOWQxNjllMWJiNGFhYWU0ODI4ZTI5Yjk1MzZkZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhfSivTNzURf0IBLdIflTyb/nTfL
rM2ah9mMWcIU2gmAs6LvuDWzHpdvlwVySeohaC1GokPXiSkO5KDSJKAruVv60nZg
tvfvlIYGRpYUJ7BkZFh7oMY+If8//8hkugwbDLaIWX2a8onte2r8oRdTpvcyjfVf
USLwpSHa7Zkps/XlaASqNTpno6nGz8MLBSQyMzE+TRZI5OMR1oarNfSGDR31qvgh
VAViAfrDC3zdSyfT+tZAAI7CUPDmhn5yHdN9S1/mor8lRaBuujQerHlPBPdWr9g0
Y/n3j4QqRubQmJtayQnhwg06++F+Dkyk0q6hZxfe2fd5SPtDLklptUT2vwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMWUUAlOnRaeG7Sqrkgo4puVNt6jMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveFpSUUNVNmRGcDRidEtxdVNDamltNVUyM3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcEKg6XwAYA
AwcEKg6xBxfAMBEDBgAqEMxGAQMHACoQzEYBBgMHBCoQzEYBMDANBgkqhkiG9w0B
AQsFAAOCAQEAU2Rh+degfV+fLNcXgaxBbAl4PVoBRHvTW7erKgZBlwGom4L8Vd1F
QhH2uWpXm2re0PqAFQtuIDnByd3aTlqQQRyUMxW//uQVvA15bPDHKPeKTP9UIB2F
V7oRlnq9COkQ/IvQy5uY5q7x81w6/C6XsOVZo6HXCR53hBt98DWzq4mKLlPjdBnl
JotUkUKhmyWv6OM1RFo3PcWcV2Oz2K/putTi8YF0LkzDvgRqGSSe+Mi6XRSHqjcm
byr6cF6YfYNGmQqrJtrGOpT3/ggijcQtcI62/cnEA4BU77FD+B5W1UaNo+eeMP8Q
qMhk80sRY0EDVTac32BcIAhr8mbKmGvOlg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org