Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/d-XqfMPF4QaAt-fiM4hjJPYc9DU.roa
File: d-XqfMPF4QaAt-fiM4hjJPYc9DU.roa (raw, json)
Hash identifier: RyAztpGlgNKlEziLvsIuvTgSFCySzoabr9bXS9ZHdqM=
Subject key identifier: 77:E5:EA:7C:C3:C5:E1:06:80:B7:E7:E2:33:88:63:24:F6:1C:F4:35
Certificate issuer: /CN=046ca7b604ec08f6f54b0e748906547dd375674d
Certificate serial: 01856DE651491DD5B750AA1B3FCC6334B71F
Authority key identifier: 04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/d-XqfMPF4QaAt-fiM4hjJPYc9DU.roa
Signing time: Sun 01 Jan 2023 15:14:48 +0000
ROA not before: Sun 01 Jan 2023 15:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206436
IP address blocks: 2a10:8581::/48 maxlen: 48
2a10:8581:1::/48 maxlen: 48
2a10:8580::/48 maxlen: 48
2a10:8580:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:51:49:1d:d5:b7:50:aa:1b:3f:cc:63:34:b7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046ca7b604ec08f6f54b0e748906547dd375674d
Validity
Not Before: Jan 1 15:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77e5ea7cc3c5e10680b7e7e233886324f61cf435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:48:c7:4f:f0:fc:06:83:76:9c:8b:7e:59:e0:
fd:1f:a4:50:04:6d:c6:62:1c:da:fc:3e:20:75:14:
56:00:ae:82:38:8d:27:e1:94:0e:26:7e:b3:2d:06:
d7:1d:07:1e:08:43:45:b7:d7:1c:e7:f6:9b:cc:ee:
91:2c:c7:70:5a:7a:e2:76:77:c1:50:47:a9:77:ea:
0b:25:93:f1:a0:71:b8:97:24:51:2d:d0:8c:9f:90:
3a:a5:95:8d:54:c1:f6:62:1d:8b:02:48:f6:95:c5:
c1:e3:4a:43:a6:cf:f5:a6:6f:06:8b:33:8f:bc:d8:
ea:5b:71:3b:eb:eb:c2:43:22:87:0f:8a:bc:93:47:
85:e6:5d:e4:13:0c:99:4b:0a:50:47:d8:48:dd:1a:
b8:27:7e:7d:cf:b8:d1:3a:bf:08:f4:4f:13:d3:17:
97:c8:aa:04:2c:8c:e8:a4:1d:73:4c:2a:4d:4a:34:
ec:c9:ba:9c:9c:b6:ce:83:dc:ca:e7:cb:85:af:3b:
5e:3a:a9:d9:c8:10:1a:a4:bf:8f:0e:b4:6c:26:25:
dd:ad:86:7f:ea:fe:23:70:52:2d:e3:54:28:5c:6c:
ca:73:06:2a:c9:a1:e3:f3:f7:e3:76:f6:65:26:cb:
08:95:f0:ee:43:e7:bd:f4:f7:08:cf:cb:fe:0c:10:
72:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E5:EA:7C:C3:C5:E1:06:80:B7:E7:E2:33:88:63:24:F6:1C:F4:35
X509v3 Authority Key Identifier:
keyid:04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/d-XqfMPF4QaAt-fiM4hjJPYc9DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8580::/47
2a10:8581::/47
Signature Algorithm: sha256WithRSAEncryption
18:ed:ba:d6:b8:8f:98:8e:b9:4a:08:7a:8e:e9:8e:16:a6:65:
93:24:3b:03:9e:9e:9b:e4:29:7e:54:10:fe:93:8b:ec:5c:55:
8b:8f:58:6e:2f:e0:a0:ea:ee:5e:85:68:46:ea:89:01:92:82:
f2:c9:f7:6e:ec:02:0d:b2:73:a2:ca:38:d5:14:6d:c1:bd:c1:
5c:56:0d:91:64:d5:6d:dd:b2:71:95:9c:9e:38:87:79:6b:58:
8a:bb:3f:42:4f:94:86:e9:1a:5b:de:5d:9a:41:f0:55:34:16:
01:4f:2e:2f:ed:63:1b:7c:83:41:c2:23:3b:cf:45:e5:34:ae:
76:21:46:4a:af:8b:41:93:65:a1:f2:8b:15:2c:9e:b5:8c:39:
50:e6:e6:2f:da:79:90:d5:02:f7:90:ca:df:96:44:22:51:1e:
b7:f2:5d:3d:ac:58:2b:f3:07:c8:df:25:27:6a:2c:85:51:35:
b9:20:8a:d4:69:d9:4e:91:16:d9:98:96:16:37:10:bb:39:06:
1e:dc:90:ff:df:b4:4f:e1:8a:9b:08:b8:c7:58:e9:12:01:8c:
c0:d7:64:e9:9b:46:2f:30:4d:89:e8:f1:17:59:00:28:8d:aa:
38:a2:84:6a:3d:32:9a:c9:cf:48:d4:b6:5f:e0:42:9f:9f:89:
68:cb:a0:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt5lFJHdW3UKobP8xjNLcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmNhN2I2MDRlYzA4ZjZmNTRiMGU3NDg5MDY1NDdkZDM3
NTY3NGQwHhcNMjMwMTAxMTUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U1ZWE3Y2MzYzVlMTA2ODBiN2U3ZTIzMzg4NjMyNGY2MWNmNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0jHT/D8BoN2nIt+WeD9H6RQBG3G
Yhza/D4gdRRWAK6COI0n4ZQOJn6zLQbXHQceCENFt9cc5/abzO6RLMdwWnridnfB
UEepd+oLJZPxoHG4lyRRLdCMn5A6pZWNVMH2Yh2LAkj2lcXB40pDps/1pm8GizOP
vNjqW3E76+vCQyKHD4q8k0eF5l3kEwyZSwpQR9hI3Rq4J359z7jROr8I9E8T0xeX
yKoELIzopB1zTCpNSjTsybqcnLbOg9zK58uFrzteOqnZyBAapL+PDrRsJiXdrYZ/
6v4jcFIt41QoXGzKcwYqyaHj8/fjdvZlJssIlfDuQ+e99PcIz8v+DBBypwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHfl6nzDxeEGgLfn4jOIYyT2HPQ1MB8GA1UdIwQY
MBaAFARsp7YE7Aj29UsOdIkGVH3TdWdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgt
MDkzOTYxZDM4Yzg2LzEvZC1YcWZNUEY0UWFBdC1maU00aGpKUFljOURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgtMDkzOTYxZDM4Yzg2
LzEvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKhCFgAAA
AwcBKhCFgQAAMA0GCSqGSIb3DQEBCwUAA4IBAQAY7brWuI+YjrlKCHqO6Y4WpmWT
JDsDnp6b5Cl+VBD+k4vsXFWLj1huL+Cg6u5ehWhG6okBkoLyyfdu7AINsnOiyjjV
FG3BvcFcVg2RZNVt3bJxlZyeOId5a1iKuz9CT5SG6Rpb3l2aQfBVNBYBTy4v7WMb
fINBwiM7z0XlNK52IUZKr4tBk2Wh8osVLJ61jDlQ5uYv2nmQ1QL3kMrflkQiUR63
8l09rFgr8wfI3yUnaiyFUTW5IIrUadlOkRbZmJYWNxC7OQYe3JD/37RP4YqbCLjH
WOkSAYzA12Tpm0YvME2J6PEXWQAojao4ooRqPTKayc9I1LZf4EKfn4loy6Bm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:04 2025 by rpki-client