Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/X-Vw_r5MNybFCXXT0RDGT2r3Gdo.roa
File: X-Vw_r5MNybFCXXT0RDGT2r3Gdo.roa (raw, json)
Hash identifier: VCPGkwinlMLDTn5uNvmB+b3uY8eKI0jWwWFL0IKpqu0=
Subject key identifier: 5F:E5:70:FE:BE:4C:37:26:C5:09:75:D3:D1:10:C6:4F:6A:F7:19:DA
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 01891C50959B5DEB5206EDBB077480AB93B4
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/X-Vw_r5MNybFCXXT0RDGT2r3Gdo.roa
Signing time: Mon 03 Jul 2023 15:13:10 +0000
ROA not before: Mon 03 Jul 2023 15:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212722
IP address blocks: 2a10:500:800::/40 maxlen: 48
2a10:500:700::/40 maxlen: 48
2a10:500:300::/40 maxlen: 48
2a10:500:100::/40 maxlen: 48
2a10:500::/40 maxlen: 48
2a10:500:400::/40 maxlen: 48
2a10:500:900::/40 maxlen: 48
2a10:500:600::/40 maxlen: 48
2a10:500:200::/40 maxlen: 48
2a10:500:500::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:50:95:9b:5d:eb:52:06:ed:bb:07:74:80:ab:93:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Jul 3 15:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe570febe4c3726c50975d3d110c64f6af719da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:80:35:2c:fe:3f:60:ba:e1:1c:b8:6d:73:1f:
73:cb:34:1a:4d:fc:3e:0b:15:dc:18:3f:4c:9e:db:
9d:cb:71:37:75:82:48:ae:fb:8e:66:37:fd:0c:d3:
d5:9d:65:90:b1:9e:e7:f5:b7:3d:02:22:15:a8:63:
4a:b4:57:30:10:8c:56:18:ec:3e:7a:f6:f0:ee:78:
49:56:17:4b:ed:24:8a:8c:9b:94:d5:6d:de:d6:ca:
f1:a5:4d:a8:9c:e8:1a:fc:75:0c:b8:60:bc:67:2f:
89:77:64:c1:d1:5c:48:e8:53:2b:dc:c1:e1:64:2e:
aa:3d:c8:01:b5:5a:d0:10:f7:09:cd:a2:d3:e2:7e:
10:c3:97:d1:1f:86:ff:5d:6f:ee:e8:76:1b:ad:72:
71:73:2a:ff:d1:d6:ee:ac:e7:d5:01:34:c4:7b:17:
66:8b:e7:ec:67:1f:5d:8a:b5:9c:c8:9b:4e:09:0f:
49:11:f8:ee:38:46:d4:d1:91:96:3c:c6:6e:c1:32:
6d:ac:d4:88:5a:d7:78:bc:62:74:1c:f6:63:56:25:
84:64:f5:5b:0e:7e:1b:03:a6:ab:6c:ea:45:f9:ef:
57:af:d8:de:a3:57:a9:84:a8:26:6a:f6:82:c8:ea:
b1:94:ea:01:ca:7e:c6:1c:be:13:6e:2b:ae:d8:77:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E5:70:FE:BE:4C:37:26:C5:09:75:D3:D1:10:C6:4F:6A:F7:19:DA
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/X-Vw_r5MNybFCXXT0RDGT2r3Gdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::-2a10:500:9ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:b6:08:8e:b5:36:53:72:b0:2d:3f:3d:92:56:4f:28:f1:55:
b9:fd:ab:27:9e:e3:55:12:0d:44:b7:94:74:80:6c:54:bf:55:
3a:45:eb:68:3a:22:84:b3:b8:65:62:28:72:7b:90:99:90:12:
68:3b:55:e9:b6:6a:77:93:fb:05:88:34:99:f8:3e:ad:65:8c:
2d:e0:8c:94:10:0a:ec:db:24:02:5d:fd:62:f0:8a:8d:78:18:
ad:52:0a:64:3b:1c:62:21:09:0f:ec:8b:0f:07:bc:98:78:3d:
52:0e:91:76:55:5f:d0:dc:4f:ea:f9:52:ac:78:49:3d:01:d9:
49:d2:06:ec:f0:8e:70:b4:1f:2a:c9:00:42:2f:76:ba:d0:28:
4d:96:0a:ea:3a:b1:fb:77:d6:01:25:4b:ab:76:95:72:e8:c5:
a6:ca:f7:26:d9:d3:b8:e3:84:9a:1c:88:8b:af:92:5e:f1:a4:
ca:32:05:a3:d4:67:b4:f6:f4:43:95:cb:80:cd:a0:d2:0d:d0:
3f:57:ba:b0:76:d9:68:b5:f8:72:1c:83:72:8b:40:66:c3:00:
7f:2c:42:35:a4:c5:0b:31:50:8c:81:3c:8d:6f:5d:6b:6c:bc:
a4:cc:8d:26:4d:19:75:bc:c0:a4:fc:f3:89:e4:62:95:92:fd:
6a:e8:02:97
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYkcUJWbXetSBu27B3SAq5O0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMwNzAzMTUxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU1NzBmZWJlNGMzNzI2YzUwOTc1ZDNkMTEwYzY0ZjZhZjcxOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoA1LP4/YLrhHLhtcx9zyzQaTfw+
CxXcGD9Mntudy3E3dYJIrvuOZjf9DNPVnWWQsZ7n9bc9AiIVqGNKtFcwEIxWGOw+
evbw7nhJVhdL7SSKjJuU1W3e1srxpU2onOga/HUMuGC8Zy+Jd2TB0VxI6FMr3MHh
ZC6qPcgBtVrQEPcJzaLT4n4Qw5fRH4b/XW/u6HYbrXJxcyr/0dburOfVATTEexdm
i+fsZx9dirWcyJtOCQ9JEfjuOEbU0ZGWPMZuwTJtrNSIWtd4vGJ0HPZjViWEZPVb
Dn4bA6arbOpF+e9Xr9jeo1ephKgmavaCyOqxlOoByn7GHL4Tbiuu2HczCwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFF/lcP6+TDcmxQl109EQxk9q9xnaMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvWC1Wd19yNU1OeWJGQ1hYVDBSREdUMnIzR2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBAAqEAUD
BgEqEAUACDANBgkqhkiG9w0BAQsFAAOCAQEAGLYIjrU2U3KwLT89klZPKPFVuf2r
J57jVRINRLeUdIBsVL9VOkXraDoihLO4ZWIocnuQmZASaDtV6bZqd5P7BYg0mfg+
rWWMLeCMlBAK7NskAl39YvCKjXgYrVIKZDscYiEJD+yLDwe8mHg9Ug6RdlVf0NxP
6vlSrHhJPQHZSdIG7PCOcLQfKskAQi92utAoTZYK6jqx+3fWASVLq3aVcujFpsr3
JtnTuOOEmhyIi6+SXvGkyjIFo9RntPb0Q5XLgM2g0g3QP1e6sHbZaLX4chyDcotA
ZsMAfyxCNaTFCzFQjIE8jW9da2y8pMyNJk0ZdbzApPzzieRilZL9augClw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:27 2025 by rpki-client