Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/k_Lz3jozFg9qfbX-uxcdZ-VbKh8.roa
File: k_Lz3jozFg9qfbX-uxcdZ-VbKh8.roa (raw, json)
Hash identifier: ot69E0dEhvuD9xJ8z6RjzFfaohh2V17gMpLODBEZbAA=
Subject key identifier: 93:F2:F3:DE:3A:33:16:0F:6A:7D:B5:FE:BB:17:1D:67:E5:5B:2A:1F
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 0188DEB2BE66022704695E6892FB169B59D6
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/k_Lz3jozFg9qfbX-uxcdZ-VbKh8.roa
Signing time: Wed 21 Jun 2023 16:03:56 +0000
ROA not before: Wed 21 Jun 2023 16:03:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212722
IP address blocks: 2a10:500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:b2:be:66:02:27:04:69:5e:68:92:fb:16:9b:59:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Jun 21 16:03:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93f2f3de3a33160f6a7db5febb171d67e55b2a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:9b:62:1c:12:ad:bc:8b:41:2e:ac:17:7e:
aa:d5:47:00:4c:77:98:de:7a:77:06:04:19:a6:ad:
9b:5f:67:28:2e:4b:df:0e:20:f4:ee:82:8e:c8:26:
97:04:27:8b:5c:3f:01:79:dc:d1:5d:97:39:b9:6c:
ad:de:e1:05:4c:8a:66:8a:a1:e8:36:1b:46:83:b6:
1b:cc:1c:53:0a:4f:8f:63:2c:82:e5:cf:24:f9:d2:
52:38:d0:51:1e:8e:48:c8:e3:31:2a:5c:d2:7a:10:
c3:76:64:cf:21:44:d2:b0:01:ac:07:c3:0e:b7:68:
fb:19:d9:7e:f7:9f:01:a3:97:22:27:b2:dd:02:ea:
88:64:d4:5d:12:73:7f:35:c4:d6:98:da:ce:d1:64:
8a:c3:51:26:d1:56:81:7b:9b:3a:24:20:f7:d3:e6:
0e:97:7e:09:7d:09:3c:f6:02:f7:eb:d9:db:4c:5d:
87:b6:35:ef:d7:b5:de:13:d5:0b:00:b7:ac:2a:a8:
bc:a7:9d:e0:cb:58:80:ab:bb:2c:3a:b7:57:8e:c9:
f0:50:1a:83:13:2d:0c:e0:4d:6d:69:ea:33:68:ce:
79:46:0c:a3:55:af:eb:05:df:62:aa:fa:98:0e:c4:
8c:04:a0:bb:f0:bf:97:c7:2b:71:88:ea:18:5e:e7:
30:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F2:F3:DE:3A:33:16:0F:6A:7D:B5:FE:BB:17:1D:67:E5:5B:2A:1F
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/k_Lz3jozFg9qfbX-uxcdZ-VbKh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::/32
Signature Algorithm: sha256WithRSAEncryption
22:ec:65:b0:36:b6:90:5c:1c:64:6e:8d:93:5e:19:48:0d:87:
8b:67:d8:13:2d:c4:f9:a2:22:f5:d6:16:74:46:fc:3a:44:02:
23:84:94:9c:b0:72:56:99:a6:cf:db:00:41:80:b7:85:e2:24:
98:1e:5d:53:ce:61:b8:b8:56:46:56:4c:80:04:24:e8:ea:5d:
46:a5:9d:25:41:53:32:75:43:a9:a2:2a:4d:56:ee:b9:25:78:
70:57:70:6a:c8:c7:91:ea:e0:9e:90:8c:36:47:c3:49:0f:a1:
6a:c3:cd:29:7d:c6:3f:7c:24:a1:56:0f:5f:ec:fe:d8:98:36:
d4:09:11:4a:b1:ee:8d:88:c1:ce:92:18:43:a0:e1:28:8e:50:
30:19:99:dc:c1:4f:22:79:37:f4:26:cd:2c:93:16:43:75:64:
48:65:02:c7:57:eb:e6:f8:1c:d4:d7:17:27:16:e3:97:07:62:
87:29:d9:05:e5:d6:72:dc:df:80:53:90:8f:ec:65:b9:e1:1b:
0c:05:f6:82:e2:17:76:56:51:63:54:b1:f4:fd:f1:ae:a1:cd:
41:23:bc:41:39:fd:83:e8:91:c3:f1:66:6f:b0:31:75:cc:69:
57:45:73:b2:09:55:69:03:2e:21:1a:14:a9:dd:42:fd:db:b3:
b5:bd:73:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjesr5mAicEaV5okvsWm1nWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMwNjIxMTYwMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2YyZjNkZTNhMzMxNjBmNmE3ZGI1ZmViYjE3MWQ2N2U1NWIyYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq2bYhwSrbyLQS6sF36q1UcATHeY
3np3BgQZpq2bX2coLkvfDiD07oKOyCaXBCeLXD8BedzRXZc5uWyt3uEFTIpmiqHo
NhtGg7YbzBxTCk+PYyyC5c8k+dJSONBRHo5IyOMxKlzSehDDdmTPIUTSsAGsB8MO
t2j7Gdl+958Bo5ciJ7LdAuqIZNRdEnN/NcTWmNrO0WSKw1Em0VaBe5s6JCD30+YO
l34JfQk89gL369nbTF2HtjXv17XeE9ULALesKqi8p53gy1iAq7ssOrdXjsnwUBqD
Ey0M4E1taeozaM55RgyjVa/rBd9iqvqYDsSMBKC78L+XxytxiOoYXucwKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJPy8946MxYPan21/rsXHWflWyofMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEva19MejNqb3pGZzlxZmJYLXV4Y2RaLVZiS2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFADAN
BgkqhkiG9w0BAQsFAAOCAQEAIuxlsDa2kFwcZG6Nk14ZSA2Hi2fYEy3E+aIi9dYW
dEb8OkQCI4SUnLByVpmmz9sAQYC3heIkmB5dU85huLhWRlZMgAQk6OpdRqWdJUFT
MnVDqaIqTVbuuSV4cFdwasjHkergnpCMNkfDSQ+hasPNKX3GP3wkoVYPX+z+2Jg2
1AkRSrHujYjBzpIYQ6DhKI5QMBmZ3MFPInk39CbNLJMWQ3VkSGUCx1fr5vgc1NcX
JxbjlwdihynZBeXWctzfgFOQj+xlueEbDAX2guIXdlZRY1Sx9P3xrqHNQSO8QTn9
g+iRw/Fmb7AxdcxpV0VzsglVaQMuIRoUqd1C/duztb1zhA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:27 2025 by rpki-client