Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/gfyYHBch47ROPgJvUVpjn9odv5I.roa
File: gfyYHBch47ROPgJvUVpjn9odv5I.roa (raw, json)
Hash identifier: 7GhYPAb9+J2DI1nD8FYMEYm/JYgmqlkC8L2OamT68Gs=
Subject key identifier: 81:FC:98:1C:17:21:E3:B4:4E:3E:02:6F:51:5A:63:9F:DA:1D:BF:92
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 018C411CCA3F958FDC528B9AE74CF1EDD9E5
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/gfyYHBch47ROPgJvUVpjn9odv5I.roa
Signing time: Wed 06 Dec 2023 21:50:54 +0000
ROA not before: Wed 06 Dec 2023 21:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216440
IP address blocks: 2a10:502::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:41:1c:ca:3f:95:8f:dc:52:8b:9a:e7:4c:f1:ed:d9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Dec 6 21:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81fc981c1721e3b44e3e026f515a639fda1dbf92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:0d:af:0f:a1:25:98:35:02:7e:f6:72:2c:1f:
22:9c:cc:56:23:81:07:3a:ce:8e:71:94:eb:0f:02:
89:e0:85:a6:2a:22:47:5d:bc:86:e6:ef:f5:ba:68:
8a:c0:ee:92:e1:ea:6a:64:a6:34:55:37:bb:8d:97:
56:11:dc:91:9e:50:ce:71:4b:cb:24:12:a4:40:b8:
2a:61:d9:a0:22:92:91:3a:d5:f1:10:77:fc:4f:2b:
ac:04:f6:ab:6a:ba:24:0e:de:40:0a:2a:82:2c:10:
e9:17:17:87:21:2f:ab:13:3e:05:79:60:43:b8:e5:
5b:8a:c3:17:18:80:29:e2:22:76:b7:c1:d4:db:16:
1d:5d:8f:f7:51:3e:94:4a:fb:50:0e:a7:2d:d1:29:
a7:8f:cc:ad:3d:fe:c3:df:a0:7c:28:b2:a2:e9:b2:
ed:8a:0f:fd:47:a8:fb:37:cd:84:b8:cd:90:ad:77:
85:58:76:ca:31:18:a4:17:b7:48:c8:72:bd:0a:65:
ad:a2:8d:91:c9:cf:b5:0d:67:c4:e1:12:1c:b9:ec:
a6:ac:61:e8:9c:d4:61:a0:c4:65:28:c0:bb:e9:ec:
5a:97:53:5b:f9:a4:05:0c:ca:97:57:c9:9c:0a:f3:
a2:fd:87:d3:0e:bb:eb:97:3c:2f:22:05:45:2f:5a:
74:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FC:98:1C:17:21:E3:B4:4E:3E:02:6F:51:5A:63:9F:DA:1D:BF:92
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/gfyYHBch47ROPgJvUVpjn9odv5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:502::/32
Signature Algorithm: sha256WithRSAEncryption
64:d8:e5:a1:95:32:28:ad:79:41:0f:65:60:00:88:93:87:f4:
ce:37:23:41:da:bc:23:00:21:e7:c3:8d:36:a3:c7:18:fc:8f:
d2:5a:ab:e3:6b:a0:3b:89:cd:3b:1e:5f:d3:d3:c5:ac:4f:9b:
9f:81:cc:0b:30:ad:03:d6:35:6a:46:bf:01:5b:07:d5:fb:f6:
cd:0b:36:c6:59:e8:4e:90:44:d0:b3:76:c8:b2:59:a6:b4:29:
97:e2:92:26:48:d5:10:3f:de:3b:47:55:8e:9e:5d:25:26:b0:
41:20:3c:86:55:07:6e:a7:e2:d1:96:98:77:e9:19:c8:9e:f0:
66:86:e0:c6:b5:72:5c:06:e3:7c:47:6c:ec:dc:e8:67:8f:6f:
04:06:d4:58:33:ec:27:cf:6e:9b:58:a2:61:a6:bb:f3:db:4e:
96:07:c0:bd:53:82:75:14:94:ea:df:41:ea:7b:f5:e0:8b:c2:
c6:c0:b9:e7:e6:96:ff:2f:80:b0:86:35:61:8a:c1:ff:ed:e6:
1f:b2:21:f9:95:b0:19:7b:f7:f2:40:0f:4b:53:6b:4b:c8:a9:
31:89:08:85:0d:17:a7:51:57:53:16:39:7b:2e:e5:2f:7c:b8:
a3:62:a9:d8:77:e7:38:30:a5:fd:23:14:ac:d4:4d:f0:29:5a:
81:6b:5b:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxBHMo/lY/cUoua50zx7dnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMxMjA2MjE1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZjOTgxYzE3MjFlM2I0NGUzZTAyNmY1MTVhNjM5ZmRhMWRiZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8w2vD6ElmDUCfvZyLB8inMxWI4EH
Os6OcZTrDwKJ4IWmKiJHXbyG5u/1umiKwO6S4epqZKY0VTe7jZdWEdyRnlDOcUvL
JBKkQLgqYdmgIpKROtXxEHf8TyusBPararokDt5ACiqCLBDpFxeHIS+rEz4FeWBD
uOVbisMXGIAp4iJ2t8HU2xYdXY/3UT6USvtQDqct0Smnj8ytPf7D36B8KLKi6bLt
ig/9R6j7N82EuM2QrXeFWHbKMRikF7dIyHK9CmWtoo2Ryc+1DWfE4RIcueymrGHo
nNRhoMRlKMC76exal1Nb+aQFDMqXV8mcCvOi/YfTDrvrlzwvIgVFL1p0swIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIH8mBwXIeO0Tj4Cb1FaY5/aHb+SMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvZ2Z5WUhCY2g0N1JPUGdKdlVWcGpuOW9kdjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFAjAN
BgkqhkiG9w0BAQsFAAOCAQEAZNjloZUyKK15QQ9lYACIk4f0zjcjQdq8IwAh58ON
NqPHGPyP0lqr42ugO4nNOx5f09PFrE+bn4HMCzCtA9Y1aka/AVsH1fv2zQs2xlno
TpBE0LN2yLJZprQpl+KSJkjVED/eO0dVjp5dJSawQSA8hlUHbqfi0ZaYd+kZyJ7w
ZobgxrVyXAbjfEds7NzoZ49vBAbUWDPsJ89um1iiYaa789tOlgfAvVOCdRSU6t9B
6nv14IvCxsC55+aW/y+AsIY1YYrB/+3mH7Ih+ZWwGXv38kAPS1NrS8ipMYkIhQ0X
p1FXUxY5ey7lL3y4o2Kp2HfnODCl/SMUrNRN8ClagWtbmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:17 2025 by rpki-client