Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xnYyDBkGA_UaBu_3HSYmMaPFrD0.roa
File: xnYyDBkGA_UaBu_3HSYmMaPFrD0.roa (raw, json)
Hash identifier: 1ndXlMba9FKkYoC96NSvntnIK1sSNjimTFMxWkMuvvA=
Subject key identifier: C6:76:32:0C:19:06:03:F5:1A:06:EF:F7:1D:26:26:31:A3:C5:AC:3D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 109A4CC5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xnYyDBkGA_UaBu_3HSYmMaPFrD0.roa
Signing time: Sat 01 Jan 2022 09:05:07 +0000
ROA not before: Sat 01 Jan 2022 09:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207650
IP address blocks: 2a10:2f00:109::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278547653 (0x109a4cc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c676320c190603f51a06eff71d262631a3c5ac3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0e:f8:2f:14:e6:df:46:e5:cd:bb:d3:10:cf:
2c:a3:4a:db:fb:35:7e:24:6c:7a:05:f9:90:58:bb:
87:50:e2:81:96:63:1f:a9:c1:cc:d8:5f:8b:fa:d0:
0d:07:09:15:af:24:86:e1:3e:45:ca:83:94:83:af:
33:b1:5c:e4:97:6f:26:f1:98:1d:0a:ab:9a:0d:fb:
c9:35:e3:7e:b4:70:46:78:85:e1:7a:6c:bd:18:66:
5f:43:9b:81:db:83:4e:4e:5c:e8:a3:8b:b3:ab:31:
1b:a7:ca:25:aa:50:66:08:e8:45:92:da:24:f3:8b:
2b:fd:b3:d9:10:ac:67:be:59:1c:18:7a:32:70:75:
92:af:00:1d:1d:69:f4:2d:ec:d7:f8:c0:62:01:04:
e6:d0:e9:88:eb:31:c0:61:cf:ed:94:22:c2:dc:93:
da:da:53:f8:79:65:c0:65:b0:ca:36:09:c4:4d:e2:
b1:91:67:2b:f1:b7:45:6a:d0:f1:9d:cb:7f:7e:05:
70:83:0a:cf:69:50:e3:e2:91:54:f2:a5:83:97:f6:
48:87:a5:23:84:c7:77:b7:b3:3b:5b:96:86:34:b6:
95:09:67:4d:6b:7f:31:d7:d7:f5:99:ad:6b:97:08:
33:bd:33:0a:ef:9c:82:0e:23:60:99:02:d4:31:f7:
9f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:76:32:0C:19:06:03:F5:1A:06:EF:F7:1D:26:26:31:A3:C5:AC:3D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xnYyDBkGA_UaBu_3HSYmMaPFrD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:109::/48
Signature Algorithm: sha256WithRSAEncryption
4b:8b:2d:6f:ea:79:5e:04:69:6d:08:a2:64:a0:92:85:e3:12:
d6:d0:ed:56:b0:03:d4:8c:a0:75:ff:f3:c7:d3:65:56:b1:4a:
42:e0:ed:c4:2d:a5:92:5a:70:a6:20:7b:64:e7:0c:bd:bc:4c:
d2:9c:b3:40:80:c8:31:5d:18:1f:db:89:0b:6c:97:fd:9e:29:
35:8d:b0:ee:4e:d1:35:a3:ac:50:99:5a:42:1a:1a:ec:c7:53:
63:12:ed:b2:23:98:60:eb:e6:d8:aa:0c:16:56:fc:65:14:2b:
30:67:2f:fe:96:64:2e:30:86:6f:c6:67:33:dd:b1:83:5b:2b:
f6:6f:29:62:c2:f0:8d:9d:f7:ff:55:de:96:0b:d9:2d:e6:f2:
54:f9:04:71:88:20:eb:9b:f1:f0:5a:fc:b5:71:64:52:36:8e:
39:a6:29:8a:63:f4:cb:69:e9:1f:c3:93:0b:02:fb:14:99:60:
1d:83:f4:b5:23:84:96:f8:88:b0:39:60:69:6a:d7:b2:68:b7:
ea:6f:48:3e:12:a0:0c:77:a2:05:1e:c5:ee:48:2d:b0:52:a8:
5b:87:4f:9c:72:ba:76:0e:55:da:c6:0b:a6:0f:10:e3:65:9b:
21:70:f8:95:59:39:66:7b:b6:ab:8f:97:12:75:c2:c9:3e:76:
65:a0:0c:e4
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJpMxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3NjMyMGMxOTA2
MDNmNTFhMDZlZmY3MWQyNjI2MzFhM2M1YWMzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAO+C8U5t9G5c270xDPLKNK2/s1fiRsegX5kFi7h1DigZZj
H6nBzNhfi/rQDQcJFa8khuE+RcqDlIOvM7Fc5JdvJvGYHQqrmg37yTXjfrRwRniF
4XpsvRhmX0ObgduDTk5c6KOLs6sxG6fKJapQZgjoRZLaJPOLK/2z2RCsZ75ZHBh6
MnB1kq8AHR1p9C3s1/jAYgEE5tDpiOsxwGHP7ZQiwtyT2tpT+HllwGWwyjYJxE3i
sZFnK/G3RWrQ8Z3Lf34FcIMKz2lQ4+KRVPKlg5f2SIelI4THd7ezO1uWhjS2lQln
TWt/MdfX9Zmta5cIM70zCu+cgg4jYJkC1DH3n60CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTGdjIMGQYD9RoG7/cdJiYxo8WsPTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3huWXlEQmtHQV9VYUJ1XzNIU1ltTWFQRnJEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwABCTANBgkqhkiG9w0BAQsF
AAOCAQEAS4stb+p5XgRpbQiiZKCSheMS1tDtVrAD1Iygdf/zx9NlVrFKQuDtxC2l
klpwpiB7ZOcMvbxM0pyzQIDIMV0YH9uJC2yX/Z4pNY2w7k7RNaOsUJlaQhoa7MdT
YxLtsiOYYOvm2KoMFlb8ZRQrMGcv/pZkLjCGb8ZnM92xg1sr9m8pYsLwjZ33/1Xe
lgvZLebyVPkEcYgg65vx8Fr8tXFkUjaOOaYpimP0y2npH8OTCwL7FJlgHYP0tSOE
lviIsDlgaWrXsmi36m9IPhKgDHeiBR7F7kgtsFKoW4dPnHK6dg5V2sYLpg8Q42Wb
IXD4lVk5Znu2q4+XEnXCyT52ZaAM5A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org